This library give you a Clojure wrapper over WebAuthn4J so that you can enable user registration and login functionality through WebAuthn in your Clojure backend / API.
Its API is composed of 4 functions for:
Current version of cljwebauthn uses version webauthn4j-core-0.11.1.RELEASE.
Add the following dependency:
<dependency>
<groupId>me.grison</groupId>
<artifactId>cljwebauthn</artifactId>
<version>0.1.2</version>
</dependency>
deps.edn
me.grison/cljwebauthn {:mvn/version "0.1.2"}
Leiningen/Boot
[me.grison/cljwebauthn "0.1.2"]
(prepare-registration user-identifier site-properties)
This function will prepare a registration challenge for the client.
grison.me
)My personal website
)http
or https
80
, 443
, ...)grison.me
)Example:
(cljwebauthn.core/prepare-registration
"foo@bar.com"
{:site-id "grison.me",
:site-name "Stuff and Thoughts about IT Stuff",
:protocol "https",
:port 443,
:host "grison.me"})
=> {:rp {:id "grison.me"
:name "Stuff and Thoughts about IT Stuff"}
:user {:id "Zm9vQGJhci5jb20="}
:cred [{:type "public-key"
:alg -7}]
:challenge challenge}
(register-user attestation site-properties save-authenticator)
This function will validate the attestations generated by the client and call the save-authenticator
function on success so that the API user can save the WebAuthn4J authenticator object for usage later on.
prepare-registration
phase.grison.me
)My personal website
)http
or https
80
, 443
, ...)grison.me
)nil
in case the registration wasn't successfulExample:
(cljwebauthn.core/register-user
{:attestation "o2NmbXRmcGFja2VkZ2F0dFN0bXSiY2FsZ...dbaqAkCY1nvQuI="
:client-data "eyJjaGFsbGVuZ2UiOiJabTl2...ZWF0ZSJ9"
:challenge "foobar"}
{:site-id "grison.me",
:site-name "Stuff and Thoughts about IT Stuff",
:protocol "https",
:port 443,
:host "grison.me"}
(fn [user-id authenticator]
; save the authenticator for user-id somewhere
))
=> {:user-id "foo@bar.com" :challenge "foobar"}
(prepare-login user-identifier get-authenticator)
This function will prepare a login challenge for the client.
Example:
(cljwebauthn.core/prepare-login
"foo@bar.com"
(fn [user-id]
; retrieve the authenticator for user-id
))
=> {:challenge "foobar"
:credentials [{:type "public-key"
:id "AWcH5uwgu/phBRUWh6B9A2...tg54nA=="}]}
(login-user assertion site-properties get-authenticator)
This function will prepare a login challenge for the client.
prepare-login
phase.grison.me
)My personal website
)http
or https
80
, 443
, ...)grison.me
)nil
in case the registration wasn't successful(cljwebauthn.core/login-user
{:credential-id "ARkFqKfCJaxgXG4m53c2y3zWpxSZGriN0sH...qt57yU="
:user-handle "Zm9vQGJhci5jb20="
:authenticator-data "09CVCOxdEGxTwSc5mFML...3Wl3siTnwk0FXo82Tg=="
:client-data "eyJjaGFsbGVuZ2UiOiJabTl2WW1...G4uZ2V0In0="
:signature "MEUCIQCkfqWpAhi7CRO0exa2wenWgDaakqJ..gv+gI1roY="
:challenge "foobar"}
{:site-id "grison.me",
:site-name "Stuff and Thoughts about IT Stuff",
:protocol "https",
:port 443,
:host "grison.me"}
(fn [user-id]
; retrieve the authenticator associated with user-id
))
=> {:user-id "foo@bar.com" :challenge "foobar"}
clj -A:test
clj -A:run-test
Then open http://localhost:8080.
Can you improve this documentation?Edit on GitHub
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close