class FidoMetadata::Store

Constants

METADATA_ENDPOINT
STATEMENT_CACHE_KEY
TOC_CACHE_KEY

Public Instance Methods

fetch_entry(aaguid: nil, attestation_certificate_key_id: nil) click to toggle source
# File lib/fido_metadata/store.rb, line 26
def fetch_entry(aaguid: nil, attestation_certificate_key_id: nil)
  verify_arguments(aaguid: aaguid, attestation_certificate_key_id: attestation_certificate_key_id)

  if aaguid
    table_of_contents.entries.detect { |entry| entry.aaguid == aaguid }
  elsif attestation_certificate_key_id
    table_of_contents.entries.detect do |entry|
      entry.attestation_certificate_key_identifiers&.detect do |id|
        id == attestation_certificate_key_id
      end
    end
  end
end
fetch_statement(aaguid: nil, attestation_certificate_key_id: nil) click to toggle source
# File lib/fido_metadata/store.rb, line 40
def fetch_statement(aaguid: nil, attestation_certificate_key_id: nil)
  verify_arguments(aaguid: aaguid, attestation_certificate_key_id: attestation_certificate_key_id)

  key = STATEMENT_CACHE_KEY % (aaguid || attestation_certificate_key_id)
  statement = cache_backend.read(key)
  return statement if statement

  entry = if aaguid
            fetch_entry(aaguid: aaguid)
          elsif attestation_certificate_key_id
            fetch_entry(attestation_certificate_key_id: attestation_certificate_key_id)
          end
  return unless entry

  json = client.download_entry(entry.url, expected_hash: entry.hash)
  statement = FidoMetadata::Statement.from_json(json)
  cache_backend.write(
    key,
    statement,
    expires_in: table_of_contents.expires_in,
    race_condition_ttl: race_condition_ttl
  )
  statement
end
table_of_contents() click to toggle source
# File lib/fido_metadata/store.rb, line 13
def table_of_contents
  @table_of_contents ||= begin
    key = TOC_CACHE_KEY
    toc = cache_backend.read(key)
    return toc if toc

    json = client.download_toc(METADATA_ENDPOINT)
    toc = FidoMetadata::TableOfContents.from_json(json)
    cache_backend.write(key, toc, expires_in: toc.expires_in, race_condition_ttl: race_condition_ttl)
    toc
  end
end

Private Instance Methods

cache_backend() click to toggle source
# File lib/fido_metadata/store.rb, line 77
def cache_backend
  FidoMetadata.configuration.cache_backend || raise("no cache_backend configured")
end
client() click to toggle source
# File lib/fido_metadata/store.rb, line 89
def client
  @client ||= FidoMetadata::Client.new(metadata_token)
end
metadata_token() click to toggle source
# File lib/fido_metadata/store.rb, line 81
def metadata_token
  FidoMetadata.configuration.metadata_token || raise("no metadata_token configured")
end
race_condition_ttl() click to toggle source
# File lib/fido_metadata/store.rb, line 85
def race_condition_ttl
  FidoMetadata.configuration.race_condition_ttl
end
verify_arguments(aaguid: nil, attestation_certificate_key_id: nil) click to toggle source
# File lib/fido_metadata/store.rb, line 67
def verify_arguments(aaguid: nil, attestation_certificate_key_id: nil)
  unless aaguid || attestation_certificate_key_id
    raise ArgumentError, "must pass either aaguid or attestation_certificate_key"
  end

  if aaguid && attestation_certificate_key_id
    raise ArgumentError, "cannot pass both aaguid and attestation_certificate_key"
  end
end