Skip to content

Add a higher-level AuthenticatorService that can query multiple backends #123

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 18, 2020
Merged

Add a higher-level AuthenticatorService that can query multiple backends #123

merged 1 commit into from
Aug 18, 2020

Conversation

jcjones
Copy link
Contributor

@jcjones jcjones commented Aug 5, 2020
edited
Loading

This patch adds a new trait AuthenticatorTransport for the existing manager.rs's U2FManager to implement, and a higher-level AuthenticatorService that registers AuthenticatorTransports and queries them.

This starts down the road of adding in additional authenticator/transport implementations to be queried simultaneously, including reworking the callback function to have an observer which cancels other transports (see clone_and_configure_cancellation_callback in authenticatorservice.rs). It does not add any new transport types, which will be done in their own PRs.

This was referenced Aug 5, 2020
Closed
Draft
@Crote
Copy link
Contributor

Crote commented Aug 6, 2020

That's a lot of wat I was missing for #114, yeah!

There seems to be one subtle "gotcha", though: AuthenticatorService should probably wrap callback, so that AuthenticatorService::cancel is called as soon as the operation is successful.
Currently, the caller must manually do this, even if the operation is successful. If they don't, everything will seem to work but the other transports will keep trying to do the operation and stuff might go horribly wrong. It seems like this would result in a memory leak because the channel is never closed due to a Sender not being dropped?

Something to think about is what exactly AuthenticatorTransport should expose. The register / sign pair seems obvious - especially considering the current U2FManager, but pretty much all transports must implement the same logic handling the APDU commands representing this. In #114 I made the decision to define a transport as "something accepting APDU commands", perhaps that's something to look into in the future? Maybe AuthenticatorTransport should just expose a detect_devices function so that AuthenticatorService gets APDU-talking devices to pass to a StateMachine? Does U2FManager even make sense anymore?

@jcjones
Copy link
Contributor Author

jcjones commented Aug 6, 2020

Those are excellent questions that are running through my head, too. Right now I'm sort-of-testing this PR by adding a WebDriver Virtual Device tool, which nearly is wired up (and will hit the cancel issue, so thanks for that!). But after the refactor in #124 it absolutely raises whether U2FManager should just refactor out, but I don't yet see exactly how I'd want to decompose it.

Still, glad that I'm heading the direction you were imagining, too. I'll get my virtual_devices WIP patch up later tonight, once the basic bones work. (It will take me some time to write a token, but I'm getting the warp-based web API running alongside it)

@jcjones jcjones force-pushed the auth_service branch 2 times, most recently from 329b4d5 to f9abd16 Compare August 6, 2020 21:38
@jcjones
Copy link
Contributor Author

jcjones commented Aug 6, 2020

https://github.com/mozilla/authenticator-rs/tree/virtual_devices doesn't have the cancel fix, but it sort of starts the sketch of how non-HID devices might interact with authenticatorservice.rs, which is why I'm not framing it in APDU form as-of-yet, but that's still a thing I'm noodling over!

@jcjones jcjones self-assigned this Aug 7, 2020
@jcjones
Copy link
Contributor Author

jcjones commented Aug 10, 2020

OK, cancel fix is in here. I'm going to eventually split this into more logical PRs rather than this monoith I let this become, but I want to make sure if the direction before I ask for more review, and I don't see a reason to split until I'm ready for review.

Base automatically changed from status_updates to main August 10, 2020 21:58
@jcjones
Add a higher-level AuthenticatorService that can query multiple backends
d5be1f1 
- This moves the callback mechanism into its own file, as it gets more complex
- Reworks the C API to use the AuthenticatorService
@jcjones jcjones requested a review from rmartinho August 14, 2020 21:15
@jcjones jcjones marked this pull request as ready for review August 14, 2020 21:15
rmartinho
rmartinho approved these changes Aug 18, 2020
View reviewed changes
Copy link
Contributor

@rmartinho rmartinho left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me :)

@jcjones jcjones merged commit a73c504 into main Aug 18, 2020
@jcjones jcjones deleted the auth_service branch August 18, 2020 16:47
jcjones added a commit that referenced this pull request Sep 10, 2020
@jcjones
Tagging v0.3.0
38e640d 
Major changes:
* Move to Rust 2018 edition #125
* Remove dependency on boxfnonce #121
* Reworked error handling #130
* Added a higher-level AuthenticatorService that can use multiple backends #123
* Changed the C API to use the new AuthenticatorService #123
* Added a Status channel for backends #122
* Now obtaining HID report sizes from the descriptors #112
* Add authenticator USB and Firmware details to the C API #93
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rmartinho rmartinho rmartinho approved these changes

Assignees

@jcjones jcjones

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jcjones @Crote @rmartinho