-
Notifications
You must be signed in to change notification settings - Fork 0
5. The FIDO Credential Store
The Fido2.Net library mentioned in the introduction to the EF Core page includes an in-memory credential store that can be used for development. As mentioned in that introduction, this isn't well suited to production scenarios, hence the changes to make it work with EF Core.
As the data is now in a database rather than in memory, I provide an abstraction and implementation for accessing and using this data that replaces the in-memory store.
The IFidoCredentialStore interface defines methods that resemble the functionality provided by the DevelopmentInMemoryStore provided by the Fido2.Net library, which can be used in the API controllers that support the WebAuthN ceremonies. The methods it defines are almost identical to those provided in the in-memory store, except that they use the entities derived for use in dotnetflix rather than the base types from the Fido2.Net library.
The interface is implemented in the FidoCredentialStore class. It is fairly straightforward - it takes the ApplicationDbContext as a dependency, and uses it to store and retrieve entities for use in the WebAuthN ceremonies.
The implementation is registered in the HostingExtensions class which is called by the host builder. This is then available to be injected into the API controllers.