feat: webauthn-1

build.gradle

@@ -74,6 +74,9 @@ dependencies {
     // https://mvnrepository.com/artifact/com.googlecode.libphonenumber/libphonenumber/
     implementation group: 'com.googlecode.libphonenumber', name: 'libphonenumber', version: '8.13.25'
 
+    // https://mvnrepository.com/artifact/com.webauthn4j/webauthn4j-core
+    implementation group: 'com.webauthn4j', name: 'webauthn4j-core', version: '0.28.3.RELEASE'
+
     compileOnly project(":supertokens-plugin-interface")
     testImplementation project(":supertokens-plugin-interface")
 

implementationDependencies.json

@@ -115,6 +115,11 @@
       "jar": "https://repo1.maven.org/maven2/com/googlecode/libphonenumber/libphonenumber/8.13.25/libphonenumber-8.13.25.jar",
       "name": "Libphonenumber 8.13.25",
       "src": "https://repo1.maven.org/maven2/com/googlecode/libphonenumber/libphonenumber/8.13.25/libphonenumber-8.13.25-sources.jar"
+    },
+    {
+      "jar": "https://repo1.maven.org/maven2/com/webauthn4j/webauthn4j-core/0.28.3.RELEASE/webauthn4j-core-0.28.3.RELEASE.jar",
+      "name": "webauthn4j-core 0.28.3.RELEASE",
+      "src": "https://repo1.maven.org/maven2/com/webauthn4j/webauthn4j-core/0.28.3.RELEASE/webauthn4j-core-0.28.3.RELEASE-sources.jar"
     }
   ]
 }

src/main/java/io/supertokens/inmemorydb/config/SQLiteConfig.java

@@ -184,4 +184,12 @@ public String getOAuthSessionsTable() {
     public String getOAuthLogoutChallengesTable() {
         return "oauth_logout_challenges";
     }
+
+    public String getWebAuthNUsersTable(){ return "webauthn_users";}
+
+    public String getWebAuthNUserToTenantTable(){ return "webauthn_user_to_tenant"; }
+
+    public String getWebAuthNGeneratedOptionsTable() { return  "webauthn_generated_options"; }
+
+    public String getWebAuthNCredentialsTable() { return "webauthn_credentials"; }
 }

src/main/java/io/supertokens/inmemorydb/queries/GeneralQueries.java

@@ -457,6 +457,28 @@ public static void createTablesIfNotExists(Start start, Main main) throws SQLExc
             // index
             update(start, OAuthQueries.getQueryToCreateOAuthLogoutChallengesTimeCreatedIndex(start), NO_OP_SETTER);
         }
+
+        if(!doesTableExists(start, Config.getConfig(start).getWebAuthNUsersTable())){
+            getInstance(main).addState(CREATING_NEW_TABLE, null);
+            update(start, WebAuthNQueries.getQueryToCreateWebAuthNUsersTable(start), NO_OP_SETTER);
+        }
+
+        if(!doesTableExists(start, Config.getConfig(start).getWebAuthNUserToTenantTable())){
+            getInstance(main).addState(CREATING_NEW_TABLE, null);
+            update(start, WebAuthNQueries.getQueryToCreateWebAuthNUsersToTenantTable(start), NO_OP_SETTER);
+        }
+
+        if(!doesTableExists(start, Config.getConfig(start).getWebAuthNGeneratedOptionsTable())){
+            getInstance(main).addState(CREATING_NEW_TABLE, null);
+            update(start, WebAuthNQueries.getQueryToCreateWebAuthNGeneratedOptionsTable(start), NO_OP_SETTER);
+            //index
+            update(start, WebAuthNQueries.getQueryToCreateWebAuthNChallengeExpiresIndex(start), NO_OP_SETTER);
+        }
+
+        if(!doesTableExists(start, Config.getConfig(start).getWebAuthNCredentialsTable())){
+            getInstance(main).addState(CREATING_NEW_TABLE, null);
+            update(start, WebAuthNQueries.getQueryToCreateWebAuthNCredentialsTable(start), NO_OP_SETTER);
+        }
     }
 
     public static void setKeyValue_Transaction(Start start, Connection con, TenantIdentifier tenantIdentifier,

src/main/java/io/supertokens/inmemorydb/queries/WebAuthNQueries.java

@@ -0,0 +1,91 @@
+/*
+ *    Copyright (c) 2024, VRAI Labs and/or its affiliates. All rights reserved.
+ *
+ *    This software is licensed under the Apache License, Version 2.0 (the
+ *    "License") as published by the Apache Software Foundation.
+ *
+ *    You may not use this file except in compliance with the License. You may
+ *    obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *    Unless required by applicable law or agreed to in writing, software
+ *    distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+ *    WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ *    License for the specific language governing permissions and limitations
+ *    under the License.
+ */
+
+package io.supertokens.inmemorydb.queries;
+
+import io.supertokens.inmemorydb.Start;
+import io.supertokens.inmemorydb.config.Config;
+
+public class WebAuthNQueries {
+
+    static String getQueryToCreateWebAuthNUsersTable(Start start){
+        return  "CREATE TABLE IF NOT EXISTS " + Config.getConfig(start).getWebAuthNUsersTable() + "(" +
+                " app_id VARCHAR(64) DEFAULT 'public' NOT NULL," +
+                " user_id CHAR(36) NOT NULL," +
+                " email VARCHAR(256) NOT NULL," +
+                " rp_id VARCHAR(256) NOT NULL," +
+                " time_joined BIGINT UNSIGNED NOT NULL," +
+                " CONSTRAINT webauthn_users_pkey PRIMARY KEY (app_id, user_id), " +
+                " CONSTRAINT webauthn_users_to_app_id_fkey " +
+                " FOREIGN KEY (app_id, user_id) REFERENCES " + Config.getConfig(start).getAppIdToUserIdTable() +
+                " (app_id, user_id) ON DELETE CASCADE " +
+                ");";
+    }
+
+    static String getQueryToCreateWebAuthNUsersToTenantTable(Start start){
+        return  "CREATE TABLE IF NOT EXISTS  " + Config.getConfig(start).getWebAuthNUserToTenantTable() +" (" +
+                " app_id VARCHAR(64) DEFAULT 'public' NOT NULL," +
+                " tenant_id VARCHAR(64) DEFAULT 'public' NOT NULL," +
+                " user_id CHAR(36) NOT NULL," +
+                " email VARCHAR(256) NOT NULL," +
+                " CONSTRAINT webauthn_user_to_tenant_email_key UNIQUE (app_id, tenant_id, email)," +
+                " CONSTRAINT webauthn_user_to_tenant_pkey PRIMARY KEY (app_id, tenant_id, user_id)," +
+                " CONSTRAINT webauthn_user_to_tenant_user_id_fkey FOREIGN KEY (app_id, tenant_id, user_id) " +
+                " REFERENCES "+ Config.getConfig(start).getUsersTable()+" (app_id, tenant_id, user_id) on delete CASCADE" +
+                ");";
+    }
+
+    static String getQueryToCreateWebAuthNGeneratedOptionsTable(Start start){
+        return  "CREATE TABLE IF NOT EXISTS " + Config.getConfig(start).getWebAuthNGeneratedOptionsTable() + "(" +
+                " app_id VARCHAR(64) DEFAULT 'public' NOT NULL," +
+                " tenant_id VARCHAR(64) DEFAULT 'public' NOT NULL," +
+                " id CHAR(36) NOT NULL," +
+                " challenge VARCHAR(256) NOT NULL," +
+                " email VARCHAR(256)," +
+                " rp_id VARCHAR(256) NOT NULL," +
+                " origin VARCHAR(256) NOT NULL," +
+                " expires_at BIGINT UNSIGNED NOT NULL," +
+                " created_at BIGINT UNSIGNED NOT NULL," +
+                " CONSTRAINT webauthn_user_challenges_pkey PRIMARY KEY (app_id, tenant_id, id)," +
+                " CONSTRAINT webauthn_user_challenges_tenant_id_fkey FOREIGN KEY (app_id, tenant_id) " +
+                "  REFERENCES " + Config.getConfig(start).getTenantsTable() + " (app_id, tenant_id) ON DELETE CASCADE" +
+                ");";
+    }
+
+    static String getQueryToCreateWebAuthNChallengeExpiresIndex(Start start) {
+        return  "CREATE INDEX webauthn_user_challenges_expires_at_index ON " +
+                Config.getConfig(start).getWebAuthNGeneratedOptionsTable() +
+                " (app_id, tenant_id, expires_at);";
+    }
+
+    static String getQueryToCreateWebAuthNCredentialsTable(Start start){
+        return  "CREATE TABLE IF NOT EXISTS "+ Config.getConfig(start).getWebAuthNCredentialsTable() + "(" +
+                " id VARCHAR(256) NOT NULL," +
+                " app_id VARCHAR(64) DEFAULT 'public'," +
+                " rp_id VARCHAR(256)," +
+                " user_id CHAR(36)," +
+                " counter BIGINT NOT NULL," +
+                " public_key BLOB NOT NULL," + //planned as bytea, which is not supported by sqlite
+                " transports TEXT NOT NULL," + // planned as TEXT[], which is not supported by sqlite
+                " created_at BIGINT NOT NULL," +
+                " updated_at BIGINT NOT NULL," +
+                " CONSTRAINT webauthn_user_credentials_pkey PRIMARY KEY (app_id, rp_id, id)," +
+                " CONSTRAINT webauthn_user_credentials_webauthn_user_id_fkey FOREIGN KEY (app_id, user_id) REFERENCES " +
+                Config.getConfig(start).getWebAuthNUsersTable() + " (app_id, user_id) ON DELETE CASCADE" +
+                ");";
+    }
+
+}