Skip to content

Commit 6a4252c

Browse files
docs: document UV update wiring and add license, msrv, cable rows (#294)
Documents the PIN and user-verification update channel that every consumer must wire to complete a ceremony, which had no documentation before. Adds a license section, an MSRV note, a crate-level overview for the docs landing page, and the missing cloud-assisted hybrid transport row, and removes a stale setup step. Documentation only.
1 parent 856097d commit 6a4252c

3 files changed

Lines changed: 42 additions & 9 deletions

File tree

README.md

Lines changed: 20 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -51,22 +51,25 @@ Validating the relying party ID against the calling origin requires the [Public
5151
| ---------------------------- | --------------------- | --------------------- |
5252
| **USB (HID)** | 🟢 Supported (hidapi) | 🟢 Supported (hidapi) |
5353
| **Bluetooth Low Energy** | 🟢 Supported (bluez) | 🟢 Supported (bluez) |
54-
| **NFC** | 🟢 Supported (pcsc or libnfc) | 🟢 Supported (pcsc or libnfc) |
54+
| **NFC** [^nfc-optin] | 🟢 Supported (pcsc or libnfc) | 🟢 Supported (pcsc or libnfc) |
5555
| **TPM 2.0 (Platform)** | 🟠 Planned ([#4][#4]) | 🟠 Planned ([#4][#4]) |
56+
| **Hybrid (caBLE v2, cloud-assisted)** | N/A | 🟢 Supported |
5657
| **CTAP 2.3 hybrid (QR-initiated, BLE only)** | N/A | 🟢 Supported |
5758

59+
USB, BLE, and the two hybrid transports build with the default features. NFC is
60+
opt-in: the crate ships with `default = []` for the NFC stack, so enable the
61+
`nfc-backend-pcsc` feature (pure userspace, recommended) or `nfc-backend-libnfc`
62+
(requires the `libnfc` system library) to compile it in.
63+
64+
[^nfc-optin]: Off by default. Enable `nfc-backend-pcsc` and/or `nfc-backend-libnfc`.
65+
5866
## Example programs
5967

6068
Examples live in [`libwebauthn/examples/`](libwebauthn/examples) and are grouped by purpose:
6169
`ceremony/` for register and authenticate flows, `features/` for per-feature demos
6270
(extensions, preflight, PRF, device selection), and `management/` for CTAP2 admin
6371
operations. All examples share helpers from `examples/common/`.
6472

65-
```
66-
$ cd libwebauthn
67-
$ git submodule update --init
68-
```
69-
7073
The basic ceremony examples (register + authenticate) cover all transports. The
7174
WebAuthn examples consume and emit JSON per the [WebAuthn IDL][webauthn].
7275

@@ -103,6 +106,17 @@ $ cargo run --example cred_management_hid
103106
$ cargo run --example persistent_cred_management_hid
104107
```
105108

109+
## Minimum Supported Rust Version (MSRV)
110+
111+
libwebauthn uses Rust edition 2021 and tracks recent stable Rust. CI builds and
112+
tests on the current stable toolchain. There is no separate older MSRV floor: if
113+
a recent stable `rustc` builds the crate, it is supported.
114+
115+
## License
116+
117+
Licensed under the GNU Lesser General Public License v2.1 or later
118+
(`LGPL-2.1-or-later`). See [COPYING](COPYING) for the full text.
119+
106120
## Contributing
107121

108122
We welcome contributions!

libwebauthn/src/lib.rs

Lines changed: 19 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -36,8 +36,9 @@
3636
//! SystemPublicSuffixList,
3737
//! };
3838
//! use libwebauthn::transport::hid::list_devices;
39-
//! use libwebauthn::transport::{ChannelSettings, Device};
39+
//! use libwebauthn::transport::{Channel, ChannelSettings, Device};
4040
//! use libwebauthn::webauthn::WebAuthn;
41+
//! use libwebauthn::UvUpdate;
4142
//!
4243
//! # async fn run() -> Result<(), Box<dyn std::error::Error>> {
4344
//! // 1. Enumerate authenticators on your transport of choice (HID shown here).
@@ -47,7 +48,22 @@
4748
//! // 2. Open a channel to the device.
4849
//! let mut channel = device.channel(ChannelSettings::default()).await?;
4950
//!
50-
//! // 3. Build a request from its WebAuthn IDL JSON.
51+
//! // 3. Drive user-verification updates on a separate task: each update
52+
//! // carries the means to answer it. See `examples/ceremony/`.
53+
//! let mut updates = channel.get_ux_update_receiver();
54+
//! tokio::spawn(async move {
55+
//! while let Ok(update) = updates.recv().await {
56+
//! match update {
57+
//! UvUpdate::PresenceRequired => println!("Touch your authenticator"),
58+
//! UvUpdate::PinRequired(request) => {
59+
//! let _ = request.send_pin("the user's PIN");
60+
//! }
61+
//! _ => {}
62+
//! }
63+
//! }
64+
//! });
65+
//!
66+
//! // 4. Build a request from its WebAuthn IDL JSON.
5167
//! let origin: RequestOrigin = "https://example.org".try_into().expect("invalid origin");
5268
//! let psl = SystemPublicSuffixList::auto().expect("public suffix list unavailable");
5369
//! let settings = RequestSettings {
@@ -60,7 +76,7 @@
6076
//! let request =
6177
//! MakeCredentialRequest::prepare(&origin, request_json, &settings).await?;
6278
//!
63-
//! // 4. Run the ceremony on the channel.
79+
//! // 5. Run the ceremony on the channel.
6480
//! let _response = channel.webauthn_make_credential(&request).await?;
6581
//! }
6682
//! # Ok(())

libwebauthn/src/transport/channel.rs

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -44,12 +44,15 @@ pub trait Channel: Send + Sync + Display + Ctap2AuthTokenStore {
4444
/// UX updates for this channel, must include UV updates.
4545
type UxUpdate: Send + Sync + Debug + From<UvUpdate>;
4646

47+
/// Broadcast sender fanning UX updates out to subscribed receivers.
4748
fn get_ux_update_sender(&self) -> &broadcast::Sender<Self::UxUpdate>;
4849

50+
/// Subscribe to this channel's UX updates; drive the receiver on a separate task so the ceremony can make progress.
4951
fn get_ux_update_receiver(&self) -> broadcast::Receiver<Self::UxUpdate> {
5052
self.get_ux_update_sender().subscribe()
5153
}
5254

55+
/// Broadcast a UX update to all current receivers.
5356
#[instrument(skip(self))]
5457
async fn send_ux_update(&mut self, state: Self::UxUpdate) {
5558
trace!("Sending UX update");

0 commit comments

Comments
 (0)