class Aptible::CLI::Helpers::SecurityKey::Authenticator
Attributes
auth[R]
pid[R]
Public Class Methods
new(auth, pid, out_read, err_read)
click to toggle source
# File lib/aptible/cli/helpers/security_key.rb, line 112 def initialize(auth, pid, out_read, err_read) @auth = auth @pid = pid @out_read = out_read @err_read = err_read end
spawn(auth)
click to toggle source
# File lib/aptible/cli/helpers/security_key.rb, line 175 def self.spawn(auth) in_read, in_write = IO.pipe out_read, out_write = IO.pipe err_read, err_write = IO.pipe pid = Process.spawn( "fido2-assert -G #{auth.device_location}", in: in_read, out: out_write, err: err_write, close_others: true ) U2F_LOGGER.debug("#{self} #{auth.key_handle}: spawned #{pid}") [in_read, out_write, err_write].each(&:close) in_write.write(auth.assert_str) in_write.close new(auth, pid, out_read, err_read) end
Public Instance Methods
exited(status)
click to toggle source
# File lib/aptible/cli/helpers/security_key.rb, line 159 def exited(status) out, err = [@out_read, @err_read].map(&:read).map(&:chomp) if status.exitstatus == 0 U2F_LOGGER.info("#{self.class} #{@auth.key_handle}: ok: #{out}") [nil, out] else err_msg = fido_err_msg(err) CLI.logger.error(err_msg) if err_msg U2F_LOGGER.warn("#{self.class} #{@auth.key_handle}: err: #{err}") [ThrottledAuthenticator.spawn(@auth), nil] end ensure [@out_read, @err_read].each(&:close) end
fido_err_msg(err)
click to toggle source
# File lib/aptible/cli/helpers/security_key.rb, line 143 def fido_err_msg(err) match = err.match(/(FIDO_ERR.+)/) return nil unless match result = match.captures || [] no_cred = "\nCredential not found on device, " \ 'are you sure you selected the right ' \ 'credential for this device?' err_map = { 'FIDO_ERR_NO_CREDENTIALS' => no_cred } return err_map[result[0]] if result.count > 0 nil end
formatted_out(out)
click to toggle source
# File lib/aptible/cli/helpers/security_key.rb, line 119 def formatted_out(out) arr = out.split("\n") authenticator_data = arr[2] signature = arr[3] appid = auth.app_id if auth.version == 'U2F_V2' client_data_json = Base64.urlsafe_encode64(auth.client_data) { id: auth.key_handle, rawId: auth.key_handle, clientExtensionResults: { appid: appid }, type: 'public-key', response: { clientDataJSON: client_data_json, authenticatorData: Base64.urlsafe_encode64( CBOR.decode( Base64.strict_decode64(authenticator_data) ) ), signature: signature } } end