99designs/aws-vault 4503
A vault for securely storing and accessing AWS credentials in development environments
pre-commit hook to validate swagger specs
Async utilities for node and the browser
BSON Parser for node and browser
Template engine consolidation library for node.js
The fastest JSON Schema Validator. Supports draft-04/06/07
$merge and $patch keywords for Ajv JSON-Schema validator to extend schemas
A performant and standard (Bluebird) library that registers a node-style callback on a promise
asn1-schema is a collection of TypeScript schemas that make working with common ASN.1 objects easy
The AWS Cloud Development Kit is a framework for defining cloud infrastructure in code
issue commentpinojs/pino
An HTTP header is just a property in the req.headers object. The doc describe the generic case of redacting an object property.
comment created time in an hour
issue commentpinojs/pino
The docs don't seem to mention how to redact a header, and there is no mention of res.headers. Unless I'm going blind in my old age :)
I have searched that page for the word 'header' and it is nowhere to be found. Am I just reading it wrong?
comment created time in 3 hours
push eventpinojs/pino
commit sha 712cab65c9df5489170939b7e3ef3e33b916d50b
Typo
commit sha 185dc159166d8d31471a31532fede220d5a8d588
Merge pull request #957 from mendeljacks/patch-1 Typo
push time in 7 hours
PR merged pinojs/pino
pr closed time in 7 hours
PR opened pinojs/pino
pr created time in 7 hours
issue opened99designs/aws-vault
Release darwin dmg in HFS format?
Would it be possible to include a Darwin DMG release in HFS or HFS+ format in addition to (or instead of) APFS? I'm hoping to install the signed version of aws-vault via Nix, but unpacking APFS DMGs is currently unsupported.
created time in 14 hours
push eventMasterKale/SimpleWebAuthn
commit sha 70c1360339d0e63dafd4a04fa1824d9453f0a802
Create FUNDING.yml
push time in 17 hours
pull request commentMasterKale/SimpleWebAuthn
Hi @Mikescops , I hope I can finish this one in 2-3 weeks ☺️
comment created time in a day
startednetworkupstools/nut
started time in a day
push eventMasterKale/SimpleWebAuthn
commit sha 50f21853714f575b042ff053520ec8b1a4dd034b
Update example to v1.0.0
push time in 2 days
push eventMasterKale/SimpleWebAuthn
commit sha 34f0e1492a7129331c72cbaddb8b67173256e997
Update CHANGELOG to v1.0.0
push time in 2 days
pull request commentMasterKale/SimpleWebAuthn
Thanks a lot @MasterKale, I'll update my dependencies tomorrow morning first hour 😄 🚀
comment created time in 2 days
pull request commentMasterKale/SimpleWebAuthn
I really like the idea of this PR, I went through the same process of adding integration testing on my projects and that could be much cleaner with this. Hope you'll manage to finish this PR @Moumouls 👍
comment created time in 2 days
pull request commentMasterKale/SimpleWebAuthn
These changes have been published as part of the latest v1.0.0 release (🎉)
comment created time in 2 days
issue closedMasterKale/SimpleWebAuthn
New release of specifications - Level 2
A new release of the specification has been deployed and we should check it to be sure all is still conform to it.
closed time in 2 days
akanass
issue commentMasterKale/SimpleWebAuthn
New release of specifications - Level 2
L2-specific changes addressed in PR #89 have been released as part of the latest v1.0.0 release (🎉)
comment created time in 2 days
push eventMasterKale/SimpleWebAuthn
commit sha 0ae228320e2c2120022958c0d5abb78d070fa0aa
chore(release): publish v1.0.0
push time in 2 days
created tagMasterKale/SimpleWebAuthn
WebAuthn, Simplified. A collection of TypeScript-first libraries for simpler WebAuthn integration. Supports modern browsers and Node.
created time in 2 days
delete branch MasterKale/SimpleWebAuthn
delete branch : feature/multiple-origins
delete time in 2 days
push eventMasterKale/SimpleWebAuthn
commit sha 9d982618229a6a721289808b439553f00fcc120d
Support multiple expected origins
commit sha 8d6e42d86d1482270f2ff1c9729c52e61e5c5cbb
Update Jest to support TS 4.0
commit sha b54687eed6be07ae8ba27a55adfa1525ff950814
Support multiple expected RP IDs
commit sha 29c8bed4c3e4db7e39651b57d98685e429bd9a90
Update JSDocs for verify methods
commit sha 61deecf7a86a5a06e351469a72b2785ffa940d4e
Remove unexpected import
commit sha 5fa62a7f182028ddb25d4ae450756e2f290efbb7
Rename variables to match existing naming
commit sha c7bce757ebb64dfe856e62326b2045761b70ea48
Merge pull request #91 from MasterKale/feature/multiple-origins feature/multiple-origins
push time in 2 days
PR merged MasterKale/SimpleWebAuthn
This PR adds support for multiple origins and RP IDs to verifyAttestationResponse() and verifyAssertionResponse(). In addition to a single string value, an array of values can now be provided:
const verification = await verifyAttestationResponse({
// ...
expectedOrigin: ['https://simplewebauthn.dev', 'https://fizz.buzz'],
expectedRPID: ['simplewebauthn.dev', 'fizz.buzz'],
// ...
});
const verification = verifyAssertionResponse({
// ...
expectedOrigin: ['https://simplewebauthn.dev', 'https://fizz.buzz'],
expectedRPID: ['simplewebauthn.dev', 'fizz.buzz'],
// ...
});
This should resolve #90.
pr closed time in 2 days
issue closedMasterKale/SimpleWebAuthn
Multiple expectedOrigin and expectedRPID
Hello,
Thanks for your great work.
I have a use case that seems not working with the current implementation of the lib.
When using SimpleWebAuthn on a browser extension I have different expectedOrigin and expectedRPID for Firefox / Chrome / ...
Maybe I'm wrong but the only way I see to have the lib working with this use case is to change both expectedOrigin and expectedRPID from string to tables so that I can check if the origin and rpId in the attestation/assertion are in the list.
Is my interpretation correct and is it worth to support this use case in the lib?
closed time in 2 days
Mikescops
Pull request review commentMasterKale/SimpleWebAuthn
export default function verifyAssertionResponse(options: Options): VerifiedAsser } // Check that the origin is our site- if (origin !== expectedOrigin) {- throw new Error(`Unexpected assertion origin "${origin}", expected "${expectedOrigin}"`);+ if (Array.isArray(expectedOrigin)) {+ if (!expectedOrigin.includes(origin)) {
Ok right, true true! I didn't thought about it 😅
comment created time in 2 days
Pull request review commentMasterKale/SimpleWebAuthn
export default function verifyAssertionResponse(options: Options): VerifiedAsser } // Check that the origin is our site- if (origin !== expectedOrigin) {- throw new Error(`Unexpected assertion origin "${origin}", expected "${expectedOrigin}"`);+ if (Array.isArray(expectedOrigin)) {+ if (!expectedOrigin.includes(origin)) {
I agree that the nested IF statement looks a little clunky, but I purposefully went with it for the sake of better type guarding for TypeScript. Nested, TypeScript knows that expectedOrigin in the else branch is always going to be a string:
If I collapse the if () statement as suggested above then TypeScript (correctly) infers that expectedOrigin could still be an array in the else branch:
comment created time in 2 days
push eventMasterKale/SimpleWebAuthn
commit sha a62ff95e9a16c531e2096e55b8d04f7c0d664774
Improve typing in Example
commit sha 713db8fee857d5a089c350640bf55afa84007a97
Add optional `transports` to AuthenticatorDevice
commit sha 5f4d3485d0cbe286a3fa439ed8519f951d37f63b
Handle requireResidentKey nuance
commit sha 9ad5f7d214a707af9c3f9d6d078323e41ce1a017
Merge pull request #89 from MasterKale/feat/W3C-L2-update feat/W3C-L2-update
push time in 2 days
PR merged MasterKale/SimpleWebAuthn
This PR contains library tweaks in preparation for L2 of the WebAuthn spec (now a Candidate Recommendation) becoming the next Recommendation (optimistically sometime in January). As SimpleWebAuthn implemented L2 of the spec, changes should be minimal.
As mentioned in #88, a diff of the changes between L1 and L2 can be viewed here: https://services.w3.org/htmldiff?doc1=https%3A%2F%2Fwww.w3.org%2FTR%2F2019%2FREC-webauthn-1-20190304%2F&doc2=https%3A%2F%2Fwww.w3.org%2FTR%2Fwebauthn-2%2F#sctn-storeCredential
pr closed time in 2 days
pull request commentMasterKale/SimpleWebAuthn
I've gone through the diff of the two levels and believe this is all the work needed to get the library up-to-spec with the latest CR draft of L2.
comment created time in 2 days
issue commentMasterKale/SimpleWebAuthn
Multiple expectedOrigin and expectedRPID
@MasterKale wow that's fast, thanks! 👍
comment created time in 2 days
Pull request review commentMasterKale/SimpleWebAuthn
export default function verifyAssertionResponse(options: Options): VerifiedAsser } // Check that the origin is our site- if (origin !== expectedOrigin) {- throw new Error(`Unexpected assertion origin "${origin}", expected "${expectedOrigin}"`);+ if (Array.isArray(expectedOrigin)) {+ if (!expectedOrigin.includes(origin)) {
if (Array.isArray(expectedOrigin) && !expectedOrigin.includes(origin)) {
comment created time in 2 days