webauthn-rs command line

[arthurgleckler]

Fixes # This pull request implements a new feature, not a fix.

• cargo test has been run and passes
• documentation has been updated with relevant examples (if relevant)

This pull request implements the basic webauthn-rs command line that I mentioned in the discussion of issue #397. The idea is that this wrapper can be used for debugging and experimentation. It can also be used to implement webauthn in programming languages other than Rust. This is simplified by passing JSON to and from the command-line process rather than using a foreign function interface.

If you run make under tutorial/server/cli/, you'll see the result of running the command line for the two steps of passkey registration and the two steps of authentication. It's modeled after the tutorial/server/tide/ example.

Using this wrapper, I've implemented, in some code that is still private, a webauthn registration and login system in the programming language Scheme, with a Javascript front end. I've tested it with both a Yubikey 5C key and a Pixel phone passkey.

I've included minimal documentation in the comments, but I'm happy to add more if you think this pull request is a good idea.

Thank you very much for making webauthn-rs available. Without it, implementing webauthn for a Scheme front end would have been vastly more work.

[Firstyear]

@micolous what do you think?

[Firstyear]

@micolous If you have some item to review as well, that'd be great.

[arthurgleckler]

Okay, I've run rust fmt. Sorry, I'm a novice Rustacean.

[Firstyear]

Its okay, that's what the checks are for. You've done pretty well for a first time :)

[arthurgleckler]

Please let me know if there's anything else I should do. Thanks.

[Firstyear]

Please let me know if there's anything else I should do. Thanks.

@micolous has just been really busy is all :) I'll ask him again to have a look.

[arthurgleckler]

Just pinging again. I'd love to write about this on my blog. I'm sure that there are other people who could make use of this. Perhaps I'm flattering myself, but I think a JSON-based API like this with your excellent underlying Rust implementation could allow other programming languages to implement Webauthn more quickly. Webauthn adoption isn't moving as quickly as it should.

Thanks, and sorry if I'm being a pest. I know that everyone's busy.

[Firstyear]

Oh I'm so sorry this fell by the wayside!

[micolous]

Sorry for the delays! I think what you've got is a good start – the suggestions here would make things more robust and follow rust-isms better. Thanks!

[arthurgleckler]

I believe that I've incorporated all of your suggestions. Would you please take a look when you have a chance?

Thanks.

[arthurgleckler]

Now that a506d89 is committed, I've rebased and force-pushed onto that. I don't know whether that will fix the PR run failure I received email about.

[Firstyear]

I restarted the CI to check :)

[arthurgleckler]

It failed again, but the underlying error appears to be "error: package bumpalo v3.15.4 cannot be built because it requires rustc 1.73.0 or newer, while the currently active rustc version is 1.70.0". I'm not using bumpalo, at least not directly. Can you think of any reason this would fail?

Oh, I see that it's failing on master, too:

https://github.com/kanidm/webauthn-rs/commits/master/

[micolous]

Yup, bumpalo breakage is not your fault. #428 should fix that.

Otherwise things look good now, thanks for sticking with this. 😄

[arthurgleckler]

Otherwise things look good now, thanks for sticking with this. 😄

I'm thrilled! Thanks.

[Firstyear]

@arthurgleckler This has now been released on crates.io. Thank you!