search

cedarcode / webauthn-ruby

WebAuthn ruby server library ― Make your Ruby/Rails web server become a conformant WebAuthn Relying Party
https://rubygems.org/gems/webauthn
MIT License
649 stars 53 forks source link

Allow multiple origins #373

Closed wmlele closed 1 year ago

wmlele commented 1 year ago

I am wondering if it would be possible (and if it breaks the protocol in some way) to have a list of multiple allowed origins in the configuration.

Admittedly my setup is a bit peculiar, but we have the users to manage their credentials (thus the registration ceremony) under one subdomain, and the authentication under another subdomain (an oidc provider) although the backend stays basically the same.

If there's nothing to prevent it, I am willing to provide a PR.

santiagorodriguez96 commented 1 year ago

Hi @wmlele 👋 !

Thank you for opening the issue and sharing your use case. We appreciate it!

We do have support for multiple origins! This feature was requested a few times to us – firstly on #285 – and the behavior was introduced as part of v3.0.0.alpha1 with the introduction of the RelyingParty class – see #296.

You can take a look at Advanced Configuration under the Configuration section in the Readme for documentation on how to configure multiple origins.

We'd be glad to try to help you and answer your questions if you have more after reading that! You can also reach out to webauthn-ruby gitter.

Thanks!

wmlele commented 1 year ago

Oh, awesome! And sorry my bad, I was using the stable version and it must have slipped my attention. Thanks for the heads up, I'll close the issue and look at the 3.x branch.