webauthn-0.1.0.0: src/Crypto/WebAuthn/Model/Kinds.hs
{-# LANGUAGE DataKinds #-}
{-# LANGUAGE GADTs #-}
{-# LANGUAGE StandaloneDeriving #-}
{-# LANGUAGE TypeFamilies #-}
-- | Stability: experimental
-- This module contains some useful kinds used throughout this library to
-- ensure better type safety. Also included are some singleton types for these
-- kinds via the [singletons](https://hackage.haskell.org/package/singletons)
-- library
module Crypto.WebAuthn.Model.Kinds
( CeremonyKind (..),
SCeremonyKind (..),
ProtocolKind (..),
SProtocolKind (..),
AttestationKind (..),
)
where
import Data.Aeson (ToJSON, toJSON)
import Data.Kind (Type)
import Data.Singletons (Sing, SingI (sing))
-- | [(spec)](https://www.w3.org/TR/webauthn-2/#ceremony)
-- A Haskell kind for a Webauthn [ceremony](https://www.w3.org/TR/webauthn-2/#ceremony).
-- This is used throughout this library for extra type safety and API clarity.
data CeremonyKind
= -- | [(spec)](https://www.w3.org/TR/webauthn-2/#registration)
-- The [ceremony](https://www.w3.org/TR/webauthn-2/#ceremony) where a user,
-- a [Relying Party](https://www.w3.org/TR/webauthn-2/#relying-party), and
-- the user’s [client](https://www.w3.org/TR/webauthn-2/#client) (containing
-- at least one [authenticator](https://www.w3.org/TR/webauthn-2/#authenticator))
-- work in concert to create a
-- [public key credential](https://www.w3.org/TR/webauthn-2/#public-key-credential)
-- and associate it with the user’s [Relying Party](https://www.w3.org/TR/webauthn-2/#relying-party)
-- account. Note that this includes employing a
-- [test of user presence](https://www.w3.org/TR/webauthn-2/#test-of-user-presence)
-- or [user verification](https://www.w3.org/TR/webauthn-2/#user-verification).
-- After a successful [registration ceremony](https://www.w3.org/TR/webauthn-2/#registration-ceremony),
-- the user can be authenticated by an
-- [authentication ceremony](https://www.w3.org/TR/webauthn-2/#authentication-ceremony).
-- The WebAuthn [registration ceremony](https://www.w3.org/TR/webauthn-2/#registration-ceremony) is defined in
-- [§ 7.1 Registering a New Credential](https://www.w3.org/TR/webauthn-2/#sctn-registering-a-new-credential),
-- and is initiated by the [Relying Party](https://www.w3.org/TR/webauthn-2/#relying-party) calling
-- [@navigator.credentials.create()@](https://w3c.github.io/webappsec-credential-management/#dom-credentialscontainer-create)
-- with a [@publicKey@](https://www.w3.org/TR/webauthn-2/#dom-credentialcreationoptions-publickey) argument.
-- See [§ 5 Web Authentication API](https://www.w3.org/TR/webauthn-2/#sctn-api) for an introductory
-- overview and [§ 1.3.1 Registration](https://www.w3.org/TR/webauthn-2/#sctn-sample-registration)
-- for implementation examples.
Registration
| -- | [(spec)](https://www.w3.org/TR/webauthn-2/#authentication)
-- The [ceremony](https://www.w3.org/TR/webauthn-2/#ceremony) where a user,
-- and the user’s [client](https://www.w3.org/TR/webauthn-2/#client) (containing
-- at least one [authenticator](https://www.w3.org/TR/webauthn-2/#authenticator)) work in concert
-- to cryptographically prove to a [Relying Party](https://www.w3.org/TR/webauthn-2/#relying-party)
-- that the user controls the
-- [credential private key](https://www.w3.org/TR/webauthn-2/#credential-private-key)
-- of a previously-registered [public key credential](https://www.w3.org/TR/webauthn-2/#public-key-credential)
-- (see [Registration](https://www.w3.org/TR/webauthn-2/#registration)).
-- Note that this includes a [test of user presence](https://www.w3.org/TR/webauthn-2/#test-of-user-presence)
-- or [user verification](https://www.w3.org/TR/webauthn-2/#user-verification).
--
-- The WebAuthn [authentication ceremony](https://www.w3.org/TR/webauthn-2/#authentication-ceremony)
-- is defined in [§ 7.2 Verifying an Authentication Assertion](https://www.w3.org/TR/webauthn-2/#sctn-verifying-assertion),
-- and is initiated by the [Relying Party](https://www.w3.org/TR/webauthn-2/#relying-party) calling
-- [@navigator.credentials.get()@](https://w3c.github.io/webappsec-credential-management/#dom-credentialscontainer-get)
-- with a [@publicKey@](https://www.w3.org/TR/webauthn-2/#dom-credentialrequestoptions-publickey)
-- argument. See [§ 5 Web Authentication API](https://www.w3.org/TR/webauthn-2/#sctn-api)
-- for an introductory overview and
-- [§ 1.3.3 Authentication](https://www.w3.org/TR/webauthn-2/#sctn-sample-authentication) for implementation examples.
Authentication
-- | The singleton type for 'CeremonyKind'
data SCeremonyKind :: CeremonyKind -> Type where
SRegistration :: SCeremonyKind 'Registration
SAuthentication :: SCeremonyKind 'Authentication
deriving instance Show (SCeremonyKind c)
deriving instance Eq (SCeremonyKind c)
instance ToJSON (SCeremonyKind c) where
toJSON SRegistration = "Registration"
toJSON SAuthentication = "Authentication"
type instance Sing = SCeremonyKind
instance SingI 'Registration where
sing = SRegistration
instance SingI 'Authentication where
sing = SAuthentication
-- | Authenticator protocols supported by webauthn attestations
data ProtocolKind
= -- | FIDO U2F Protocol, supported via the
-- [fido-u2f](https://www.w3.org/TR/webauthn-2/#sctn-fido-u2f-attestation)
-- attestation format
FidoU2F
| -- | FIDO 2 Protocol
Fido2
-- | The singleton type for 'ProtocolKind'
data SProtocolKind :: ProtocolKind -> Type where
SFidoU2F :: SProtocolKind 'FidoU2F
SFido2 :: SProtocolKind 'Fido2
deriving instance Show (SProtocolKind p)
deriving instance Eq (SProtocolKind p)
instance ToJSON (SProtocolKind p) where
toJSON SFidoU2F = "FidoU2F"
toJSON SFido2 = "Fido2"
type instance Sing = SProtocolKind
instance SingI 'FidoU2F where
sing = SFidoU2F
instance SingI 'Fido2 where
sing = SFido2
-- | A Haskell kind for the [attestation type](https://www.w3.org/TR/webauthn-2/#attestation-type),
-- indicating whether we have verifiable information about the
-- [authenticator](https://www.w3.org/TR/webauthn-2/#authenticator) that created
-- the [public key credential](https://www.w3.org/TR/webauthn-2/#public-key-credential).
data AttestationKind
= -- | An unverifiable [attestation type](https://www.w3.org/TR/webauthn-2/#attestation-type).
-- This includes [None](https://www.w3.org/TR/webauthn-2/#none)
-- and [Self](https://www.w3.org/TR/webauthn-2/#self-attestation) attestation.
-- This kind indicates that we do not have any information about the
-- [authenticator](https://www.w3.org/TR/webauthn-2/#authenticator) model used.
Unverifiable
| -- | A verifiable [attestation type](https://www.w3.org/TR/webauthn-2/#attestation-type).
-- This includes [Basic](https://www.w3.org/TR/webauthn-2/#basic-attestation),
-- [AttCA](https://www.w3.org/TR/webauthn-2/#attca) and
-- [AnonCA](https://www.w3.org/TR/webauthn-2/#anonca) attestation.
-- This kind indicates that we have verifiable information about the
-- [authenticator](https://www.w3.org/TR/webauthn-2/#authenticator) model used.
Verifiable ProtocolKind