NAME

Firefox::Marionette::WebAuthn::Credential - Represents a Firefox WebAuthn Credential

VERSION

Version 1.57

SYNOPSIS

use Firefox::Marionette();
use Crypt::URandom();

my $user_name = MIME::Base64::encode_base64( Crypt::URandom::urandom( 10 ), q[] ) . q[@example.com];
my $firefox = Firefox::Marionette->new();
$firefox->go('https://webauthn.io');
$firefox->find_id('input-email')->type($user_name);
$firefox->find_id('register-button')->click();
$firefox->await(sub { sleep 1; $firefox->find_class('alert-success'); });
$firefox->find_id('login-button')->click();
$firefox->await(sub { sleep 1; $firefox->find_class('hero confetti'); });
foreach my $credential ($firefox->webauthn_credentials()) {
    $firefox->delete_webauthn_credential($credential);

# ... time passes ...

    $firefox->add_webauthn_credential(
              id            => $credential->id(),
              host          => $credential->host(),
              user          => $credential->user(),
              private_key   => $credential->private_key(),
              is_resident   => $credential->is_resident(),
              sign_count    => $credential->sign_count(),
                          );
}
$firefox->go('about:blank');
$firefox->clear_cache(Firefox::Marionette::Cache::CLEAR_COOKIES());
$firefox->go('https://webauthn.io');
$firefox->find_id('input-email')->type($user_name);
$firefox->find_id('login-button')->click();
$firefox->await(sub { sleep 1; $firefox->find_class('hero confetti'); });

DESCRIPTION

This module handles the implementation of a single WebAuth Credential using the Marionette protocol.

SUBROUTINES/METHODS

new

accepts a hash as a parameter. Allowed keys are below;

  • host - contains the domain that this credential is to be used for. In the language of WebAuthn, this field is referred to as the relying party identifier or RP ID.

  • id - contains the unique id for this credential, also known as the Credential ID.

  • is_resident - contains a boolean that if set to true, a client-side discoverable credential is to be created. If set to false, a server-side credential is to be created instead.

  • private_key - either a RFC5958 encoded private key encoded using encode_base64url or a hash containing the following keys;

    • name - contains the name of the private key algorithm, such as "RSA-PSS" (the default), "RSASSA-PKCS1-v1_5", "ECDSA" or "ECDH".

    • size - contains the modulus length of the private key. This is only valid for "RSA-PSS" or "RSASSA-PKCS1-v1_5" private keys.

    • hash - contains the name of the hash algorithm, such as "SHA-512" (the default). This is only valid for "RSA-PSS" or "RSASSA-PKCS1-v1_5" private keys.

    • curve - contains the name of the curve for the private key, such as "P-384" (the default). This is only valid for "ECDSA" or "ECDH" private keys.

  • sign_count - contains the initial value for a signature counter associated to the public key credential source.

  • user - contains the userHandle associated to the credential encoded using encode_base64url. This property is optional.

This method returns a new Firefox::Marionette::WebAuthn::Credential object.

host

returns the domain that this credential is to be used for. In the language of WebAuthn, this field is referred to as the relying party identifier or RP ID.

is_resident

returns a boolean that if true, a client-side discoverable credential is to be created. If false, a server-side credential is to be created instead.

private_key

returns a RFC5958 encoded private key encoded using encode_base64url.

sign_count

returns the signature counter associated to the public key credential source.

user

returns the userHandle associated to the credential encoded using encode_base64url.

DIAGNOSTICS

None.

CONFIGURATION AND ENVIRONMENT

Firefox::Marionette::WebAuthn::Credential requires no configuration files or environment variables.

DEPENDENCIES

None.

INCOMPATIBILITIES

None reported.

BUGS AND LIMITATIONS

To report a bug, or view the current list of bugs, please visit https://github.com/david-dick/firefox-marionette/issues

AUTHOR

David Dick <ddick@cpan.org>

LICENSE AND COPYRIGHT

Copyright (c) 2024, David Dick <ddick@cpan.org>. All rights reserved.

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself. See "perlartistic" in perlartistic.

DISCLAIMER OF WARRANTY

BECAUSE THIS SOFTWARE IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE SOFTWARE, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE SOFTWARE "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE SOFTWARE IS WITH YOU. SHOULD THE SOFTWARE PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR, OR CORRECTION.

IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE SOFTWARE AS PERMITTED BY THE ABOVE LICENCE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE SOFTWARE (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE SOFTWARE TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.