From 86d450b81fc8bd3742beae7264e5961554f49a3a Mon Sep 17 00:00:00 2001 From: xlassix Date: Tue, 1 Aug 2023 07:20:32 +0100 Subject: [PATCH 1/6] [added]: Passkey Doc --- api/auth/encryption.md | 464 +++++++++++++++++++++++++++++++++++++++++ api/overview.md | 26 +++ 2 files changed, 490 insertions(+) create mode 100644 api/auth/encryption.md create mode 100644 api/overview.md diff --git a/api/auth/encryption.md b/api/auth/encryption.md new file mode 100644 index 0000000..431732c --- /dev/null +++ b/api/auth/encryption.md @@ -0,0 +1,464 @@ +# 🛡 **Authentication Verification via Signed Message Endpoint** + +This endpoint allows for the retrieval of a message that users can sign to prove their ownership of a specific wallet address. + +--- + +#### **Endpoint:** + +``` +https://encryption.lighthouse.storage/api/message/ +``` + +#### **Method:** + +`GET` + +--- + +#### **URL Parameters:** + +- `wallet Address`: The specific wallet address for which the user wants to prove ownership. + +--- + +#### **Success Response:** + +**Code:** `200 OK` + +**Content:** + +```json +[ + { + "message": "Please sign this message to prove you are owner of this account: 87d6c3fb5ef8433284fa598888a645ab" + }, + ... [repeated messages] +] +``` + +--- + +#### **Error Responses:** + +**Code:** `400 Bad Request` + +**Content:** + +```json +{ + "message": "Invalid address" +} +``` + +--- + +#### **Notes & Usage:** + +- The user should sign the provided message using their private key related to the wallet address in question. This signed message can then be used to verify the user's ownership of that specific wallet address. +- The system might send multiple identical messages for redundancy and verification purposes. +- Messages can be signed using both Ethereum-compatible wallets and Solana wallets. + +--- + +{% hint style="info" %} +Always handle the message securely and avoid exposing your private keys during the signing process. +{% endhint %} + +--- + +# 🛡 **Authentication Verification via JWT** + +--- + +## 📄 **Get JWT Token Endpoint** + +This endpoint allows users to retrieve a JWT (JSON Web Token) after they've signed a message with their wallet, confirming their ownership of a specific address. + +--- + +#### **Endpoint:** + +``` +https://encryption.lighthouse.storage/api/message/api/message/get-jwt +``` + +#### **Method:** + +`POST` + +--- + +#### **Request Body Parameters:** + +- `address`: The wallet address that the user wants to prove ownership of. +- `signature`: The signature generated after signing the message provided by the previous endpoint (`/api/message/`). + +--- + +#### **Headers:** + +- `"Content-Type": "application/json"` + +--- + +#### **Success Response:** + +**Code:** `200 OK` + +**Content:** + +```json +{ + "token": "" +} +``` + +--- + +#### **Error Responses:** + +**Code:** `400 Bad Request` + +**Content:** + +```json +{ + "error": "Invalid address or signature" +} +``` + +--- + +#### **Notes & Usage:** + +- After obtaining the message from the `/api/message/` endpoint, users should sign it using their Ethereum-compatible or Solana wallets. This signed message (signature) and the wallet address should then be passed to this endpoint to retrieve the JWT token. + +- The JWT token can be used for authentication in subsequent API calls within the Lighthouse Encryption system(recommend for multiple uploads or download on our encryption service). + +--- + +{% hint style="info" %} +Ensure you store the received JWT token securely and do not expose it. This token serves as a proof of authentication and could be misused if obtained by malicious actors. +{% endhint %} + +--- + +With the JWT token in hand, you can now authenticate and interact with other secured endpoints in the Lighthouse system. Always remember to include the JWT in the header of your requests where authentication is required. + +# 🛡 **Authentication Verification via PassKey** + +**Lighthouse Encryption WebAuthn Registration API** + +--- + +### 📄 **Start Registration Endpoint** + +Initiate the registration process by sending a request with the user's address. + +--- + +#### **Endpoint:** + +``` +https://encryption.lighthouse.storage/passkey/register/start +``` + +#### **Method:** + +`POST` + +--- + +#### **Headers:** + +- `"Authorization": "Bearer "` + +--- + +#### **Request Body Parameters:** + +- `address`: The user's wallet address. + +--- + +#### **Success Response:** + +**Code:** `200 OK` + +**Content example:** + +```json +{ + "challenge": { + "data": [Array of challenge data] + }, + "user": { + "id": [Array of user ID data], + "name": , + "displayName": + } +} +``` + +--- + +### 📄 **Finish Registration Endpoint** + +Finalize the registration process with the provided credential data. + +--- + +#### **Endpoint:** + +``` +https://encryption.lighthouse.storage/passkey/register/finish +``` + +#### **Method:** + +`POST` + +--- + +#### **Request Body Parameters:** + +--- + +- `data`: An object containing the WebAuthn public key credential details: + + - `authenticatorAttachment`: Describes which attachment modality was selected by the user. Example: `cross-platform`. + + - `id`: Credential ID generated by the authenticator. Example: `Af_Afcbl3pONtRLg...kU-R0`. + + - `rawId`: Raw credential ID in binary form. Example: `Af_Afcbl3pONtRLg...kU-R0`. + + - `response`: An object containing response details: + + - `attestationObject`: Contains attestation data for the created public key credential. Example: `o2NmbXRkbm...TNsqfc0sY`. + + - `clientDataJSON`: Serialized client data used by the authenticator to generate the attestation object. Example: `eyJ0eXBlIj...NzI6MzAwMCIsImNyb3NzT3JpZ2luIjpmYWxzZX0`. + + - `type`: Type of the credential. Example: `public-key`. + +--- + +- `address`: The wallet address that the user wants to prove ownership of. Example: `0x254511193Dd29f9c3c474c43B8d23C3d367Bc4A8`. + +--- + +- `signature`: The signature generated after signing the message provided by the previous endpoint (`/api/message/`). + +--- + +#### **Success Response:** + +**Code:** `200 OK` + +**Content:** + +```json +true +``` + +**Notes:** A response of `true` indicates successful registration with WebAuthn. + +--- + +#### **Error Responses for both endpoints:** + +**Code:** `400 Bad Request` + +**Content:** + +```json +{ + "error": "Invalid data or address format." +} +``` + +**Code:** `401 Unauthorized` + +**Content:** + +```json +{ + "error": "Invalid or expired signed message." +} +``` + +**Code:** `500 Internal Server Error` + +**Content:** + +```json +{ + "error": "Server error, please try again later." +} +``` + +--- + +#### **Notes & Usage:** + +- The registration process involves two main steps: + + 1. Initiate the registration by sending the user's address to the `start` endpoint. This returns challenge data which is then used in the WebAuthn `navigator.credentials.create()` function. + 2. Complete the registration by sending the generated credential data to the `finish` endpoint. + +- Always ensure you handle the challenge data and serialized credential data securely. + +--- + +{% hint style="info" %} +Use the Bearer Authorization token (signed message) for authenticating API requests. Always renew the signed message if it expires or is invalidated. +{% endhint %} + +--- + +By following these steps, users can register securely using WebAuthn with the Lighthouse system. Always ensure the security and integrity of the data exchanged during the registration process. + +**Lighthouse Encryption WebAuthn Login API** + +--- + +### 📄 **Start Authentication Endpoint** + +Initiate the authentication process by sending a request with the user's address. + +--- + +#### **Endpoint:** + +``` +https://encryption.lighthouse.storage/passkey/login/start +``` + +#### **Method:** + +`POST` + +--- + +#### **Request Body Parameters:** + +- `address`: The username or user's wallet address. + +--- + +#### **Success Response:** + +**Code:** `200 OK` + +**Content example:** + +```json +{ + ...[public key challenge and related data] +} +``` + +--- + +### 📄 **Finish Authentication Endpoint** + +Finalize the authentication process with the provided credential data. + +--- + +#### **Endpoint:** + +``` +https://encryption.lighthouse.storage/passkey/login/finish +``` + +#### **Method:** + +`POST` + +--- + +#### **Request Body Parameters:** + +- `address`: The Ethereum wallet address associated with the user. +- `data`: Contains details regarding the WebAuthn response and authenticator. + - `authenticatorAttachment`: Describes the authenticator attachment modality, e.g., "cross-platform". + - `id`: A unique identifier for the credential. + - `rawId`: The raw identifier for the credential, often the same as `id`. + - `response`: Holds the components of the WebAuthn response. + - `attestationObject`: The attestation structure after a successful WebAuthn registration. + - `clientDataJSON`: A JSON representation of the client data, including the challenge, origin, type, and other details. + - `signature`: The signature generated by the authenticator based on the client data. + - `authenticatorData`: Contains information about the authentication event, including the counter and sometimes the user handle. + - `type`: The type of the public key credential, e.g., "public-key". + +--- + +#### **Success Response:** + +**Code:** `200 OK` + +**Content:** + +```json +{ + "token": "YOUR_AUTHENTICATION_TOKEN" +} +``` + +**Notes:** The received token can be used for subsequent authenticated requests to the Lighthouse system. + +--- + +#### **Error Responses for both endpoints:** + +**Code:** `400 Bad Request` + +**Content:** + +```json +{ + "error": "Invalid data or address format." +} +``` + +**Code:** `401 Unauthorized` + +**Content:** + +```json +{ + "error": "Invalid or expired signed message." +} +``` + +**Code:** `500 Internal Server Error` + +**Content:** + +```json +{ + "error": "Server error, please try again later." +} +``` + +--- + +#### **Notes & Usage:** + +- The authentication process consists of two main steps: + + 1. Initiate the authentication by sending the user's address to the `start` endpoint. This returns a public key challenge which is then used in the WebAuthn `navigator.credentials.get()` function. + 2. Complete the authentication by sending the generated credential data to the `finish` endpoint. + +- Always ensure you handle the challenge data and serialized credential data securely. + +--- + +{% hint style="info" %} +Use the Bearer Authorization token (signed message) for authenticating API requests. Always renew the signed message if it expires or is invalidated. +{% endhint %} + +--- + +By following these steps, users can authenticate securely using WebAuthn with the Lighthouse system. Always ensure the security and integrity of the data exchanged during the authentication process. diff --git a/api/overview.md b/api/overview.md new file mode 100644 index 0000000..dcb510e --- /dev/null +++ b/api/overview.md @@ -0,0 +1,26 @@ +--- +description: Lighthouse CLI tool to interact with the protocol +cover: >- + https://images.unsplash.com/photo-1569531115477-5e9a74a6a8ca?crop=entropy&cs=tinysrgb&fm=jpg&ixid=MnwxOTcwMjR8MHwxfHNlYXJjaHwzfHxvdmVydmlld3xlbnwwfHx8fDE2NjMwNzI2MTQ&ixlib=rb-1.2.1&q=80 +coverY: 0 +--- + +# 📃 Overview + +:Link **Endpoint Connection** + +To utilize the Lighthouse Web3 API, connect to the provided endpoint: + +``` +https://api.lighthouse.storage/ +``` + +To utilize the Lighthouse Web3 node API, connect to the provided endpoint: + +``` +https://node.lighthouse.storage/ +``` + +{% hint style="info" %} +Ensure that your application has the necessary API keys or Authentication Credentials to access the Lighthouse Web3 API. +{% endhint %} From 4a987316237a0bbd22ea8bd3e7f2941f71b82f14 Mon Sep 17 00:00:00 2001 From: xlassix Date: Fri, 11 Aug 2023 18:51:57 +0100 Subject: [PATCH 2/6] [update] Passkey improvements --- .../method-3-passkey.md | 97 ++++++++++++++++++- 1 file changed, 95 insertions(+), 2 deletions(-) diff --git a/api-documentation/kavach-encryption-authentication/method-3-passkey.md b/api-documentation/kavach-encryption-authentication/method-3-passkey.md index f366a3f..e6759cd 100644 --- a/api-documentation/kavach-encryption-authentication/method-3-passkey.md +++ b/api-documentation/kavach-encryption-authentication/method-3-passkey.md @@ -45,6 +45,12 @@ Content example**:** "challenge": { "data": "[Array of challenge data]" }, + "allowCredentials": [ + { + "credentialID": "", + "name": "" + } + ], "user": { "id": "[Array of user ID data]", "name": "", @@ -81,6 +87,7 @@ https://enctest.lighthouse.storage/passkey/register/finish * `type`: Type of the credential. Example: `public-key`. * `address`: The wallet address that the user wants to prove ownership of. Example: `0x254511193Dd29f9c3c474c43B8d23C3d367Bc4A8`. * `signature`: The signature generated after signing the message provided by the previous endpoint (`/api/message/`). +* `name` :This is the Name you are assigning to this credential (Options) *** @@ -184,7 +191,6 @@ Content example**:** "data": "[Array of challenge data]" }, "rp": { - "id": "", "name": "" }, "user": { @@ -216,7 +222,6 @@ Content example**:** * `type`: The type of buffer used. (e.g., "Buffer"). * `data`: An array of numeric values representing the challenge data. * `rp`: - * `id`: The ID of the relying party (e.g., "localhost"). * `name`: The name of the relying party (e.g., "Lighthouse Files"). * `user`: * `id`: An array of numeric values representing the user's ID. @@ -330,3 +335,91 @@ Use the Bearer Authorization token (signed message) for authenticating API reque *** By following these steps, users can authenticate securely using WebAuthn with the Lighthouse system. Always ensure the security and integrity of the data exchanged during the authentication process. + + +## **3) Lighthouse Encryption WebAuthn Delete Credential API** + +### **B. Delete Credential Endpoint** + +Remove the credential data based on the provided address and credential ID. + +**Endpoint:** + +``` +https://enctest.lighthouse.storage/passkey/delete +``` + +**Method:** + +`DELETE` + +**Headers:** + +* `Content-Type`: `application/json` +* `Authorization`: `Bearer SIGNED_MESSAGE` + +**Request Body Parameters:** + +* `address`: The Ethereum wallet address associated with the user. +* `credentialID`: The unique identifier for the WebAuthn credential obtained from the `start` endpoint. + +*** + +**Success Response:** + +Code: `200` + +**Notes:** Successful response indicates the deletion of the specified credential. + +*** + +**Error Responses for both endpoints:** + +Code: `400 Bad Request` + +Content: + +```json +{ + "error": "Invalid data or address format." +} +``` + +Code: `401 Unauthorized` + +Content: + +```json +{ + "error": "Invalid or expired signed message." +} +``` + +Code: `500 Internal Server Error` + +Content: + +```json +{ + "error": "Server error, please try again later." +} +``` + +*** + +**Notes & Usage:** + +* The authentication process consists of two main steps: + 1. Initiate the authentication by sending the user's address to the `start` endpoint. This returns a Credential ID which can be used for further operations. + 2. Delete the credentials using the obtained `credentialID` and a signed message. +* Always ensure you handle the public key and other data securely during operations. + +*** + +{% hint style="info" %} +Use the Bearer Authorization token (signed message) or JWT token for authenticating API requests +{% endhint %} + +*** + +By following these steps, users can manage their credentials securely with the Lighthouse system. Always ensure the security and integrity of the data exchanged during the process. \ No newline at end of file From e70c46630974d8a52fd89d17fcbb4bd9fde56b2c Mon Sep 17 00:00:00 2001 From: xlassix Date: Fri, 11 Aug 2023 18:54:05 +0100 Subject: [PATCH 3/6] deleted old files --- api/auth/encryption.md | 464 ----------------------------------------- api/overview.md | 26 --- 2 files changed, 490 deletions(-) delete mode 100644 api/auth/encryption.md delete mode 100644 api/overview.md diff --git a/api/auth/encryption.md b/api/auth/encryption.md deleted file mode 100644 index 431732c..0000000 --- a/api/auth/encryption.md +++ /dev/null @@ -1,464 +0,0 @@ -# 🛡 **Authentication Verification via Signed Message Endpoint** - -This endpoint allows for the retrieval of a message that users can sign to prove their ownership of a specific wallet address. - ---- - -#### **Endpoint:** - -``` -https://encryption.lighthouse.storage/api/message/ -``` - -#### **Method:** - -`GET` - ---- - -#### **URL Parameters:** - -- `wallet Address`: The specific wallet address for which the user wants to prove ownership. - ---- - -#### **Success Response:** - -**Code:** `200 OK` - -**Content:** - -```json -[ - { - "message": "Please sign this message to prove you are owner of this account: 87d6c3fb5ef8433284fa598888a645ab" - }, - ... [repeated messages] -] -``` - ---- - -#### **Error Responses:** - -**Code:** `400 Bad Request` - -**Content:** - -```json -{ - "message": "Invalid address" -} -``` - ---- - -#### **Notes & Usage:** - -- The user should sign the provided message using their private key related to the wallet address in question. This signed message can then be used to verify the user's ownership of that specific wallet address. -- The system might send multiple identical messages for redundancy and verification purposes. -- Messages can be signed using both Ethereum-compatible wallets and Solana wallets. - ---- - -{% hint style="info" %} -Always handle the message securely and avoid exposing your private keys during the signing process. -{% endhint %} - ---- - -# 🛡 **Authentication Verification via JWT** - ---- - -## 📄 **Get JWT Token Endpoint** - -This endpoint allows users to retrieve a JWT (JSON Web Token) after they've signed a message with their wallet, confirming their ownership of a specific address. - ---- - -#### **Endpoint:** - -``` -https://encryption.lighthouse.storage/api/message/api/message/get-jwt -``` - -#### **Method:** - -`POST` - ---- - -#### **Request Body Parameters:** - -- `address`: The wallet address that the user wants to prove ownership of. -- `signature`: The signature generated after signing the message provided by the previous endpoint (`/api/message/`). - ---- - -#### **Headers:** - -- `"Content-Type": "application/json"` - ---- - -#### **Success Response:** - -**Code:** `200 OK` - -**Content:** - -```json -{ - "token": "" -} -``` - ---- - -#### **Error Responses:** - -**Code:** `400 Bad Request` - -**Content:** - -```json -{ - "error": "Invalid address or signature" -} -``` - ---- - -#### **Notes & Usage:** - -- After obtaining the message from the `/api/message/` endpoint, users should sign it using their Ethereum-compatible or Solana wallets. This signed message (signature) and the wallet address should then be passed to this endpoint to retrieve the JWT token. - -- The JWT token can be used for authentication in subsequent API calls within the Lighthouse Encryption system(recommend for multiple uploads or download on our encryption service). - ---- - -{% hint style="info" %} -Ensure you store the received JWT token securely and do not expose it. This token serves as a proof of authentication and could be misused if obtained by malicious actors. -{% endhint %} - ---- - -With the JWT token in hand, you can now authenticate and interact with other secured endpoints in the Lighthouse system. Always remember to include the JWT in the header of your requests where authentication is required. - -# 🛡 **Authentication Verification via PassKey** - -**Lighthouse Encryption WebAuthn Registration API** - ---- - -### 📄 **Start Registration Endpoint** - -Initiate the registration process by sending a request with the user's address. - ---- - -#### **Endpoint:** - -``` -https://encryption.lighthouse.storage/passkey/register/start -``` - -#### **Method:** - -`POST` - ---- - -#### **Headers:** - -- `"Authorization": "Bearer "` - ---- - -#### **Request Body Parameters:** - -- `address`: The user's wallet address. - ---- - -#### **Success Response:** - -**Code:** `200 OK` - -**Content example:** - -```json -{ - "challenge": { - "data": [Array of challenge data] - }, - "user": { - "id": [Array of user ID data], - "name": , - "displayName": - } -} -``` - ---- - -### 📄 **Finish Registration Endpoint** - -Finalize the registration process with the provided credential data. - ---- - -#### **Endpoint:** - -``` -https://encryption.lighthouse.storage/passkey/register/finish -``` - -#### **Method:** - -`POST` - ---- - -#### **Request Body Parameters:** - ---- - -- `data`: An object containing the WebAuthn public key credential details: - - - `authenticatorAttachment`: Describes which attachment modality was selected by the user. Example: `cross-platform`. - - - `id`: Credential ID generated by the authenticator. Example: `Af_Afcbl3pONtRLg...kU-R0`. - - - `rawId`: Raw credential ID in binary form. Example: `Af_Afcbl3pONtRLg...kU-R0`. - - - `response`: An object containing response details: - - - `attestationObject`: Contains attestation data for the created public key credential. Example: `o2NmbXRkbm...TNsqfc0sY`. - - - `clientDataJSON`: Serialized client data used by the authenticator to generate the attestation object. Example: `eyJ0eXBlIj...NzI6MzAwMCIsImNyb3NzT3JpZ2luIjpmYWxzZX0`. - - - `type`: Type of the credential. Example: `public-key`. - ---- - -- `address`: The wallet address that the user wants to prove ownership of. Example: `0x254511193Dd29f9c3c474c43B8d23C3d367Bc4A8`. - ---- - -- `signature`: The signature generated after signing the message provided by the previous endpoint (`/api/message/`). - ---- - -#### **Success Response:** - -**Code:** `200 OK` - -**Content:** - -```json -true -``` - -**Notes:** A response of `true` indicates successful registration with WebAuthn. - ---- - -#### **Error Responses for both endpoints:** - -**Code:** `400 Bad Request` - -**Content:** - -```json -{ - "error": "Invalid data or address format." -} -``` - -**Code:** `401 Unauthorized` - -**Content:** - -```json -{ - "error": "Invalid or expired signed message." -} -``` - -**Code:** `500 Internal Server Error` - -**Content:** - -```json -{ - "error": "Server error, please try again later." -} -``` - ---- - -#### **Notes & Usage:** - -- The registration process involves two main steps: - - 1. Initiate the registration by sending the user's address to the `start` endpoint. This returns challenge data which is then used in the WebAuthn `navigator.credentials.create()` function. - 2. Complete the registration by sending the generated credential data to the `finish` endpoint. - -- Always ensure you handle the challenge data and serialized credential data securely. - ---- - -{% hint style="info" %} -Use the Bearer Authorization token (signed message) for authenticating API requests. Always renew the signed message if it expires or is invalidated. -{% endhint %} - ---- - -By following these steps, users can register securely using WebAuthn with the Lighthouse system. Always ensure the security and integrity of the data exchanged during the registration process. - -**Lighthouse Encryption WebAuthn Login API** - ---- - -### 📄 **Start Authentication Endpoint** - -Initiate the authentication process by sending a request with the user's address. - ---- - -#### **Endpoint:** - -``` -https://encryption.lighthouse.storage/passkey/login/start -``` - -#### **Method:** - -`POST` - ---- - -#### **Request Body Parameters:** - -- `address`: The username or user's wallet address. - ---- - -#### **Success Response:** - -**Code:** `200 OK` - -**Content example:** - -```json -{ - ...[public key challenge and related data] -} -``` - ---- - -### 📄 **Finish Authentication Endpoint** - -Finalize the authentication process with the provided credential data. - ---- - -#### **Endpoint:** - -``` -https://encryption.lighthouse.storage/passkey/login/finish -``` - -#### **Method:** - -`POST` - ---- - -#### **Request Body Parameters:** - -- `address`: The Ethereum wallet address associated with the user. -- `data`: Contains details regarding the WebAuthn response and authenticator. - - `authenticatorAttachment`: Describes the authenticator attachment modality, e.g., "cross-platform". - - `id`: A unique identifier for the credential. - - `rawId`: The raw identifier for the credential, often the same as `id`. - - `response`: Holds the components of the WebAuthn response. - - `attestationObject`: The attestation structure after a successful WebAuthn registration. - - `clientDataJSON`: A JSON representation of the client data, including the challenge, origin, type, and other details. - - `signature`: The signature generated by the authenticator based on the client data. - - `authenticatorData`: Contains information about the authentication event, including the counter and sometimes the user handle. - - `type`: The type of the public key credential, e.g., "public-key". - ---- - -#### **Success Response:** - -**Code:** `200 OK` - -**Content:** - -```json -{ - "token": "YOUR_AUTHENTICATION_TOKEN" -} -``` - -**Notes:** The received token can be used for subsequent authenticated requests to the Lighthouse system. - ---- - -#### **Error Responses for both endpoints:** - -**Code:** `400 Bad Request` - -**Content:** - -```json -{ - "error": "Invalid data or address format." -} -``` - -**Code:** `401 Unauthorized` - -**Content:** - -```json -{ - "error": "Invalid or expired signed message." -} -``` - -**Code:** `500 Internal Server Error` - -**Content:** - -```json -{ - "error": "Server error, please try again later." -} -``` - ---- - -#### **Notes & Usage:** - -- The authentication process consists of two main steps: - - 1. Initiate the authentication by sending the user's address to the `start` endpoint. This returns a public key challenge which is then used in the WebAuthn `navigator.credentials.get()` function. - 2. Complete the authentication by sending the generated credential data to the `finish` endpoint. - -- Always ensure you handle the challenge data and serialized credential data securely. - ---- - -{% hint style="info" %} -Use the Bearer Authorization token (signed message) for authenticating API requests. Always renew the signed message if it expires or is invalidated. -{% endhint %} - ---- - -By following these steps, users can authenticate securely using WebAuthn with the Lighthouse system. Always ensure the security and integrity of the data exchanged during the authentication process. diff --git a/api/overview.md b/api/overview.md deleted file mode 100644 index dcb510e..0000000 --- a/api/overview.md +++ /dev/null @@ -1,26 +0,0 @@ ---- -description: Lighthouse CLI tool to interact with the protocol -cover: >- - https://images.unsplash.com/photo-1569531115477-5e9a74a6a8ca?crop=entropy&cs=tinysrgb&fm=jpg&ixid=MnwxOTcwMjR8MHwxfHNlYXJjaHwzfHxvdmVydmlld3xlbnwwfHx8fDE2NjMwNzI2MTQ&ixlib=rb-1.2.1&q=80 -coverY: 0 ---- - -# 📃 Overview - -:Link **Endpoint Connection** - -To utilize the Lighthouse Web3 API, connect to the provided endpoint: - -``` -https://api.lighthouse.storage/ -``` - -To utilize the Lighthouse Web3 node API, connect to the provided endpoint: - -``` -https://node.lighthouse.storage/ -``` - -{% hint style="info" %} -Ensure that your application has the necessary API keys or Authentication Credentials to access the Lighthouse Web3 API. -{% endhint %} From c072dc83c587b714a9f82c730acf5b03ffc2aa79 Mon Sep 17 00:00:00 2001 From: xlassix Date: Fri, 11 Aug 2023 19:04:38 +0100 Subject: [PATCH 4/6] allow credentials --- .../method-3-passkey.md | 51 ++++--------------- 1 file changed, 9 insertions(+), 42 deletions(-) diff --git a/api-documentation/kavach-encryption-authentication/method-3-passkey.md b/api-documentation/kavach-encryption-authentication/method-3-passkey.md index e6759cd..f7352a7 100644 --- a/api-documentation/kavach-encryption-authentication/method-3-passkey.md +++ b/api-documentation/kavach-encryption-authentication/method-3-passkey.md @@ -45,12 +45,6 @@ Content example**:** "challenge": { "data": "[Array of challenge data]" }, - "allowCredentials": [ - { - "credentialID": "", - "name": "" - } - ], "user": { "id": "[Array of user ID data]", "name": "", @@ -190,29 +184,12 @@ Content example**:** "type": "Buffer", "data": "[Array of challenge data]" }, - "rp": { - "name": "" - }, - "user": { - "id": "[Array of user ID data]", - "name": "", - "displayName": "" - }, - "pubKeyCredParams": [ - { - "type": "", - "alg": "" - }, - { - "type": "", - "alg": "" - } - ], - "authenticatorSelection": { - "userVerification": "", - "residentKey": "", - "requireResidentKey": "" - } + "allowCredentials": [ + { + "credentialID": "", + "name": "" + } + ] } ``` @@ -221,19 +198,9 @@ Content example**:** * `challenge`: * `type`: The type of buffer used. (e.g., "Buffer"). * `data`: An array of numeric values representing the challenge data. -* `rp`: - * `name`: The name of the relying party (e.g., "Lighthouse Files"). -* `user`: - * `id`: An array of numeric values representing the user's ID. - * `name`: The user's name, typically a string representation of their address or ID (e.g., "0x254511193dd29f9c3c474c43b8d23c3d367bc4a8"). - * `displayName`: A display name for the user, which can be the same as the `name`. -* `pubKeyCredParams`: An array containing public key credential parameters. Each parameter object contains: - * `type`: The type of the key (e.g., "public-key"). - * `alg`: The algorithm used, represented by a numeric value. -* `authenticatorSelection`: - * `userVerification`: The requirement for user verification (e.g., "required"). - * `residentKey`: The preference for resident key (e.g., "preferred"). - * `requireResidentKey`: A boolean indicating if resident key is required (e.g., false). +* `allowCredentials` (Array): + * `credentialID`: The unique identifier for the WebAuthn credential + * `name` :This is the Name you are assigning to this credential (Options) This structure provides a clearer, organized description of the given JSON payload. From 0965b33a89e1c72a9c08a0164e9cf3fb3b82b26c Mon Sep 17 00:00:00 2001 From: xlassix Date: Tue, 15 Aug 2023 18:43:35 +0100 Subject: [PATCH 5/6] [fix]: changed address to crediential ID in finished step --- .../kavach-encryption-authentication/method-3-passkey.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/api-documentation/kavach-encryption-authentication/method-3-passkey.md b/api-documentation/kavach-encryption-authentication/method-3-passkey.md index f7352a7..db3b0de 100644 --- a/api-documentation/kavach-encryption-authentication/method-3-passkey.md +++ b/api-documentation/kavach-encryption-authentication/method-3-passkey.md @@ -222,7 +222,7 @@ https://enctest.lighthouse.storage/passkey/login/finish **Request Body Parameters:** -* `address`: The Ethereum wallet address associated with the user. +* `credentialID`: The unique identifier for the WebAuthn credential. * `data`: Contains details regarding the WebAuthn response and authenticator. * `authenticatorAttachment`: Describes the authenticator attachment modality, e.g., "cross-platform". * `id`: A unique identifier for the credential. From fec148420aab62e2cddf6e66f16b331fcee78902 Mon Sep 17 00:00:00 2001 From: xlassix Date: Wed, 16 Aug 2023 12:33:00 +0100 Subject: [PATCH 6/6] [removed]: Testnet URL --- .../method-3-passkey.md | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/api-documentation/kavach-encryption-authentication/method-3-passkey.md b/api-documentation/kavach-encryption-authentication/method-3-passkey.md index db3b0de..2995a88 100644 --- a/api-documentation/kavach-encryption-authentication/method-3-passkey.md +++ b/api-documentation/kavach-encryption-authentication/method-3-passkey.md @@ -4,9 +4,6 @@ description: Authentication via PassKey # Method 3: Passkey -``` - ⚠️ This is only available on our Encryption Testnet ⚠️ -``` ## 1) Lighthouse Encryption WebAuthn Registration API @@ -17,7 +14,7 @@ Initiate the registration process by sending a request with the user's address. **Endpoint:** ``` -https://enctest.lighthouse.storage/passkey/register/start +https://encryption.lighthouse.storage/passkey/register/start ``` **Method:** @@ -62,7 +59,7 @@ Finalize the registration process with the provided credential data. **Endpoint:** ``` -https://enctest.lighthouse.storage/passkey/register/finish +https://encryption.lighthouse.storage/passkey/register/finish ``` **Method:** @@ -159,7 +156,7 @@ Initiate the authentication process by sending a request with the user's address **Endpoint:** ``` -https://enctest.lighthouse.storage/passkey/login/start +https://encryption.lighthouse.storage/passkey/login/start ``` **Method:** @@ -213,7 +210,7 @@ Finalize the authentication process with the provided credential data. **Endpoint:** ``` -https://enctest.lighthouse.storage/passkey/login/finish +https://encryption.lighthouse.storage/passkey/login/finish ``` **Method:** @@ -313,7 +310,7 @@ Remove the credential data based on the provided address and credential ID. **Endpoint:** ``` -https://enctest.lighthouse.storage/passkey/delete +https://encryption.lighthouse.storage/passkey/delete ``` **Method:**