security-keys.ts 1.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748
  1. // Copyright (C) 2012-2025 Zammad Foundation, https://zammad-foundation.org/
  2. import { EnumTwoFactorAuthenticationMethod } from '#shared/graphql/types.ts'
  3. import type { TwoFactorPlugin } from '../types.ts'
  4. import type { CredentialRequestOptionsJSON } from '@github/webauthn-json'
  5. export default {
  6. name: EnumTwoFactorAuthenticationMethod.SecurityKeys,
  7. label: __('Security Keys'),
  8. description: __('Complete the sign-in with your security key.'),
  9. order: 100,
  10. icon: '2fa-security-keys',
  11. loginOptions: {
  12. helpMessage: __('Verifying key information…'),
  13. errorHelpMessage: __('Try using your security key again.'),
  14. form: false,
  15. async setup(
  16. publicKey: NonNullable<CredentialRequestOptionsJSON['publicKey']>,
  17. ) {
  18. if (!window.isSecureContext) {
  19. return {
  20. success: false,
  21. retry: false,
  22. error: __('The application is not running in a secure context.'),
  23. }
  24. }
  25. try {
  26. const { get } = await import('@github/webauthn-json')
  27. const publicKeyCredential = await get({ publicKey })
  28. return {
  29. success: true,
  30. payload: {
  31. challenge: publicKey.challenge,
  32. credential: publicKeyCredential,
  33. },
  34. }
  35. } catch {
  36. return {
  37. success: false,
  38. retry: true,
  39. error: __('Security key verification failed.'),
  40. }
  41. }
  42. },
  43. },
  44. } satisfies TwoFactorPlugin