proxy: add userinfo and webauthn endpoints (#3755)

* proxy: add userinfo and webauthn endpoints

* use TLD for RP id

* use EffectiveTLDPlusOne

* upgrade webauthn

* fix test

* Update internal/handlers/jwks.go

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>

Co-authored-by: bobby <1544881+desimone@users.noreply.github.com>
This commit is contained in:
Caleb Doxsey 2022-11-22 10:26:35 -07:00 committed by GitHub
parent 81053ac8ef
commit c1a522cd82
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
33 changed files with 498 additions and 216 deletions

View file

@ -1,2 +1,32 @@
// Package webauthnutil contains types and functions for working with the webauthn package.
package webauthnutil
import (
"net"
"net/http"
"golang.org/x/net/publicsuffix"
"github.com/pomerium/pomerium/pkg/grpc/databroker"
"github.com/pomerium/webauthn"
)
// GetRelyingParty gets a RelyingParty for the given request and databroker client.
func GetRelyingParty(r *http.Request, client databroker.DataBrokerServiceClient) *webauthn.RelyingParty {
return webauthn.NewRelyingParty(
"https://"+GetEffectiveDomain(r),
NewCredentialStorage(client),
)
}
// GetEffectiveDomain returns the effective domain for an HTTP request.
func GetEffectiveDomain(r *http.Request) string {
h, _, err := net.SplitHostPort(r.Host)
if err != nil {
h = r.Host
}
if tld, err := publicsuffix.EffectiveTLDPlusOne(h); err == nil {
return tld
}
return h
}