๐ Experimental implementation of Passkey Autofill in Go.
This simple implementation provides for developers to try out Passkey Autofill in their environment. Note that this implementation uses the following two libraries:
The endpoint design of this implementation is based on [Web Authentication API Flow] and [Server Requirements and Transport Binding Profile]. If you want to check various behaviors according to your requirements, you should read the specifications on which Passkey is based, such as FIDO2 (Web Authentication + CTAP2).
Run the server with the following command:
$ go run .
Access to http://localhost:8080 and register a passkey.
Access to http://localhost:8080/login and authenticate.
Basically you can see the implementation for registration from the following library documentation description:
- https://pkg.go.dev/github.com/go-webauthn/webauthn#readme-registering-an-account
- https://simplewebauthn.dev/docs/packages/browser#startregistration
Note that you will need to adjust some arguments based on the descriptions in passkey.dev and others. Also make sure that there are parameters that should be properly verified on the server side.
The registration-related implementations in this repository can be seen in attestation.go and templates/index.html.
Basically you can see the implementation for authentication from the following library documentation description:
- https://pkg.go.dev/github.com/go-webauthn/webauthn#readme-logging-into-an-account
- https://simplewebauthn.dev/docs/packages/browser#browser-autofill-aka-conditional-ui
Note that you will need to adjust some arguments based on the descriptions in passkey.dev and others. Also make sure that there are parameters that should be properly verified on the server side.
The complete authentication-related implementations in this repository can be seen in assertion.go and templates/login.html.
In the reloated-origins branch of this repository, you can also try the experimental implementation of Related Origin Requests.