### SQL Server Connection String Example Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net.Storage.SqlServer/README.md This is an example connection string for connecting to a locally running SQL Server instance, such as one started via Docker. Remember to replace 'webauthn' with your actual database name if it differs. ```plaintext Data Source=localhost;Initial Catalog=webauthn;User ID=sa;Password=WebAuthn!1337;Pooling=True;Trust Server Certificate=True ``` -------------------------------- ### PostgreSQL Connection String Example Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net.Storage.PostgreSql/README.md Example connection string for a PostgreSQL container started with the provided Docker command. Remember to update the 'Database' parameter to your specific database name. ```text Host=localhost;Port=5432;Password=postgres;Username=postgres;Database=webauthn;Pooling=True ``` -------------------------------- ### MySQL Connection String Example Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net.Storage.MySql/README.md Example connection string for connecting to a local MySQL instance. Remember to update the 'Database' parameter to your specific database name. ```plaintext Server=localhost;Port=3306;User ID=root;Password=root;Database=webauthn;Pooling=True;Default Command Timeout=30 ``` -------------------------------- ### Begin Authentication Ceremony Options Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net/README.md Initiates an authentication ceremony by providing various options such as user handle, challenge size, and credential inclusion rules. Use this when starting the authentication process. ```csharp var result = await _authenticationCeremonyService.BeginCeremonyAsync( httpContext: HttpContext, request: new BeginAuthenticationCeremonyRequest( origins: null, topOrigins: null, userHandle: new byte[] { 0x01, 0x03, 0x03, 0x07 }, challengeSize: 32, timeout: 300_000, allowCredentials: AuthenticationCeremonyIncludeCredentials.AllExisting(), userVerification: UserVerificationRequirement.Required, hints: null, attestation: null, attestationFormats: null, extensions: null), cancellationToken: cancellationToken); ``` -------------------------------- ### Run FIDO Conformance Test Application Source: https://github.com/dodobrands/webauthn.net/blob/main/demo/WebAuthn.Net.Demo.FidoConformance/README.md Execute this command in the terminal to start the FIDO conformance test application. Ensure you are in the correct directory. ```shell dotnet run --configuration Release ``` -------------------------------- ### Run MySQL 8.0+ Docker Container Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net.Storage.MySql/README.md Command to start a MySQL 8.0+ Docker container for local development. Ensure MySQL 5.7 is not used as it is unsupported. ```shell docker run -d -e MYSQL_ROOT_PASSWORD=root -p 3306:3306 mysql:8.0.15 ``` -------------------------------- ### Run SQL Server 2019 Docker Container Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net.Storage.SqlServer/README.md This command starts a SQL Server 2019 Docker container, which can be used for local development and testing of the WebAuthn.Net SQL Server storage provider. Ensure you accept the EULA and set a strong SA password. ```shell docker run -e "ACCEPT_EULA=Y" -e "MSSQL_SA_PASSWORD=WebAuthn!1337" -p 1433:1433 -d mcr.microsoft.com/mssql/server:2019-latest ``` -------------------------------- ### Run PostgreSQL 16 Docker Container Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net.Storage.PostgreSql/README.md This command starts a PostgreSQL 16 Docker container. It sets the password to 'postgres' and maps the container's port 5432 to the host's port 5432. Ensure you change the 'Database' parameter in your connection string to match your desired database name. ```shell docker run -e POSTGRES_PASSWORD=postgres -p 5432:5432 -d postgres:16.0 ``` -------------------------------- ### Begin WebAuthn Registration Ceremony Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net/README.md Initiates the WebAuthn registration process. Configure user details, credential parameters, and authenticator selection. The 'origins' and 'topOrigins' parameters are optional and default to the host's domain. ```csharp var result = await _registrationCeremonyService.BeginCeremonyAsync( httpContext: HttpContext, request: new BeginRegistrationCeremonyRequest( origins: null, topOrigins: null, rpDisplayName: "My Awesome Web Service", user: new PublicKeyCredentialUserEntity( name: "User Name", id: new byte[] { 0x01, 0x03, 0x03, 0x07 }, displayName: "User Display Name"), challengeSize: 32, pubKeyCredParams: new CoseAlgorithm[] { CoseAlgorithm.ES256, CoseAlgorithm.ES384, CoseAlgorithm.ES512, CoseAlgorithm.RS256, CoseAlgorithm.RS384, CoseAlgorithm.RS512, CoseAlgorithm.PS256, CoseAlgorithm.PS384, CoseAlgorithm.PS512, CoseAlgorithm.EdDSA }, timeout: 300_000, excludeCredentials: RegistrationCeremonyExcludeCredentials.AllExisting(), authenticatorSelection: new AuthenticatorSelectionCriteria( authenticatorAttachment: null, residentKey: ResidentKeyRequirement.Required, requireResidentKey: true, userVerification: UserVerificationRequirement.Required), hints: null, attestation: null, attestationFormats: null, extensions: null), cancellationToken: cancellationToken); ``` -------------------------------- ### Add PostgreSQL Storage to Services Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net/README.md Integrates WebAuthn.Net with PostgreSQL storage. Requires the WebAuthn.Net.Storage.PostgreSql package. Configure the connection string. ```csharp services.AddWebAuthnPostgreSql( configurePostgreSql: postgresql => { postgresql.ConnectionString = "CONNECTION_STRING_HERE"; }); ``` -------------------------------- ### Add MySQL Storage to Services Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net/README.md Integrates WebAuthn.Net with MySQL storage. Requires the WebAuthn.Net.Storage.MySql package. Configure the connection string. ```csharp services.AddWebAuthnMySql( configureMySql: mysql => { mysql.ConnectionString = "CONNECTION_STRING_HERE"; }); ``` -------------------------------- ### Add SQL Server Storage to Services Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net/README.md Integrates WebAuthn.Net with Microsoft SQL Server storage. Requires the WebAuthn.Net.Storage.SqlServer package. Configure the connection string. ```csharp services.AddWebAuthnSqlServer( configureSqlServer: sqlServer => { sqlServer.ConnectionString = "CONNECTION_STRING_HERE"; }); ``` -------------------------------- ### Complete WebAuthn Registration Ceremony Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net/README.md Finalizes the WebAuthn registration process using the provided response from the client. The 'response' parameter should be the JSON-serialized result of navigator.credentials.create(). ```csharp var result = await _registrationCeremonyService.CompleteCeremonyAsync( httpContext: HttpContext, request: new CompleteRegistrationCeremonyRequest( registrationCeremonyId: registrationCeremonyId, description: "Windows Hello Authentication", response: model), cancellationToken: cancellationToken); ``` -------------------------------- ### Create CredentialRecords Table Schema Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net.Storage.SqlServer/README.md This T-SQL script defines the schema for the CredentialRecords table, which is essential for storing WebAuthn public key credentials. Ensure unique indexes on RpId, UserHandle, and CredentialId are present as they uniquely identify public keys. Using uniqueidentifier for the primary key is recommended for performance. ```tsql CREATE TABLE [CredentialRecords] ( [Id] uniqueidentifier NOT NULL, [RpId] nvarchar(256) NOT NULL, [UserHandle] varbinary(128) NOT NULL, [CredentialId] varbinary(1024) NOT NULL, [Type] int NOT NULL, [Kty] int NOT NULL, [Alg] int NOT NULL, [Ec2Crv] int NULL, [Ec2X] varbinary(256) NULL, [Ec2Y] varbinary(256) NULL, [RsaModulusN] varbinary(1024) NULL, [RsaExponentE] varbinary(32) NULL, [OkpCrv] int NULL, [OkpX] varbinary(32) NULL, [SignCount] bigint NOT NULL, [Transports] nvarchar(max) NOT NULL, [UvInitialized] bit NOT NULL, [BackupEligible] bit NOT NULL, [BackupState] bit NOT NULL, [AttestationObject] varbinary(max) NULL, [AttestationClientDataJson] varbinary(max) NULL, [Description] nvarchar(200) NULL, [CreatedAtUnixTime] bigint NOT NULL, [UpdatedAtUnixTime] bigint NOT NULL, CONSTRAINT [PK_CredentialRecords] PRIMARY KEY ([Id]) ); ALTER TABLE [CredentialRecords] ADD CONSTRAINT [Transports should be formatted as JSON] CHECK (ISJSON(Transports) = 1); CREATE UNIQUE INDEX [IX_CredentialRecords_UserHandle_CredentialId_RpId] ON [CredentialRecords] ([UserHandle], [CredentialId], [RpId]); CREATE UNIQUE INDEX [IX_CredentialRecords_CredentialId_RpId] ON [CredentialRecords] ([CredentialId], [RpId]); ``` -------------------------------- ### Add WebAuthn.Net Metrics to OpenTelemetry Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net.OpenTelemetry/README.md Call this extension method to include WebAuthn.Net metrics in your OpenTelemetry configuration. Ensure you have the necessary OpenTelemetry exporters configured separately to view the metrics. ```csharp services.AddOpenTelemetry() .WithMetrics(metrics => { metrics.AddWebAuthnNet(); }); ``` -------------------------------- ### PostgreSQL Schema for Credential Records Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net.Storage.PostgreSql/README.md This SQL script defines the 'CredentialRecords' table and its associated unique indexes. Ensure a unique index on 'RpId', 'UserHandle', and 'CredentialId' is present, as this combination uniquely identifies public keys. ```postgresql CREATE TABLE "CredentialRecords" ( "Id" uuid NOT NULL, "RpId" character varying(256) NOT NULL, "UserHandle" bytea NOT NULL, "CredentialId" bytea NOT NULL, "Type" integer NOT NULL, "Kty" integer NOT NULL, "Alg" integer NOT NULL, "Ec2Crv" integer, "Ec2X" bytea, "Ec2Y" bytea, "RsaModulusN" bytea, "RsaExponentE" bytea, "OkpCrv" integer, "OkpX" bytea, "SignCount" bigint NOT NULL, "Transports" jsonb NOT NULL, "UvInitialized" boolean NOT NULL, "BackupEligible" boolean NOT NULL, "BackupState" boolean NOT NULL, "AttestationObject" bytea, "AttestationClientDataJson" bytea, "Description" character varying(200), "CreatedAtUnixTime" bigint NOT NULL, "UpdatedAtUnixTime" bigint NOT NULL, CONSTRAINT "PK_CredentialRecords" PRIMARY KEY ("Id") ); CREATE UNIQUE INDEX "IX_CredentialRecords_UserHandle_CredentialId_RpId" ON "CredentialRecords" ("UserHandle", "CredentialId", "RpId"); CREATE UNIQUE INDEX "IX_CredentialRecords_CredentialId_RpId" ON "CredentialRecords" ("CredentialId", "RpId"); ``` -------------------------------- ### MySQL Database Schema for Credential Records Source: https://github.com/dodobrands/webauthn.net/blob/main/src/WebAuthn.Net.Storage.MySql/README.md Defines the 'CredentialRecords' table structure and necessary unique indexes for storing WebAuthn credentials. Ensure a unique index on 'RpId', 'UserHandle', and 'CredentialId' is present. ```mysql CREATE TABLE `CredentialRecords` ( `Id` binary(16) NOT NULL, `RpId` varchar(256) NOT NULL, `UserHandle` varbinary(128) NOT NULL, `CredentialId` varbinary(1024) NOT NULL, `Type` int NOT NULL, `Kty` int NOT NULL, `Alg` int NOT NULL, `Ec2Crv` int NULL, `Ec2X` varbinary(256) NULL, `Ec2Y` varbinary(256) NULL, `RsaModulusN` varbinary(1024) NULL, `RsaExponentE` varbinary(32) NULL, `OkpCrv` int NULL, `OkpX` varbinary(32) NULL, `SignCount` int unsigned NOT NULL, `Transports` json NOT NULL, `UvInitialized` tinyint(1) NOT NULL, `BackupEligible` tinyint(1) NOT NULL, `BackupState` tinyint(1) NOT NULL, `AttestationObject` longblob NULL, `AttestationClientDataJson` longblob NULL, `Description` varchar(200) NULL, `CreatedAtUnixTime` bigint NOT NULL, `UpdatedAtUnixTime` bigint NOT NULL, CONSTRAINT `PK_CredentialRecords` PRIMARY KEY (`Id`) ) CHARACTER SET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci; CREATE UNIQUE INDEX `IX_CredentialRecords_UserHandle_CredentialId_RpId` ON `CredentialRecords` ( `UserHandle`, `CredentialId`, `RpId` ); CREATE UNIQUE INDEX `IX_CredentialRecords_CredentialId_RpId` ON `CredentialRecords` ( `CredentialId`, `RpId` ); ```