Instance based API timeline

[Brantron]

Hello! Awesome work on this gem, I'm excited to start using it.

One question I have is around Instance based configuration.

DISCLAIMER: This API was released on version 3.0.0.alpha1 and is still under evaluation. Although it has been throughly tested and it is fully functional it might be changed until the final release of version 3.0.0.

Any timeline on when 3.0.0 will be released?

[Brantron]

For a little more context, I would like to use that release, but the diff against the latest version release is fairly substantial https://github.com/cedarcode/webauthn-ruby/compare/v3.0.0.alpha1...v2.5.2 so it feels like getting a path to support this going forward would be really helpful.

[anero]

It's also not possible to use the 3.0.0.alpha1 version with OpenSSL 3.0

[Brantron]

For folks that are interested, I think I may have a working solution, although I'm still thinking it out. Here's the pseudocode

class WebauthnClient
  CONFIGURATION_MUTEX = Mutex.new

  # synchronize configuration, ensuring the block given has the correct context
  def with_configuration(&_blk)
    CONFIGURATION_MUTEX.synchronize do
      WebAuthn.configure do |config|
        config.origin = context_specific_domain_name
        config.rp_name = context_specific_site_name
      end
      yield
    end
  end

  def options_for_registration(webauthn_id:, name:, exclude_credentials: [])
    with_configuration do
      WebAuthn::Credential.options_for_create(
        user: { id: webauthn_id, name: name },
        exclude: exclude_credentials,
      )
    end
  end
end

[bdewater]

https://github.com/cedarcode/webauthn-ruby/network shows the 3-dev branch is fairly old, and so is the v3.0.0.alpha1 tag.

I can get started on a v3.0.0.alpha2 that's on master with the changes for the instance based config, now that there's a 2-stable branch for maintaining the current version.

[bdewater]

Getting https://github.com/cedarcode/webauthn-ruby/pull/368 to work wasn't very hard - some merge conflicts and a few array-indexed tests that needed updating. Please give it a try and report any findings (good or bad) there 🙏

[Brantron]

What's not clear to me is why was this reverted in the last attempt?

[brauliomartinezlm]

I have answered in the PR itself. Just an extra thank you @Brantron for getting the conversation started on this and @bdewater for actioning quickly on this! We'll get this sorted out shortly and stop having forked versions and documentation of the API soon.

[brauliomartinezlm]

Closing as we've just released v3.0.0.alpha2