feat: passkey support (#11804)

https://github.com/MisskeyIO/misskey/pull/149

packages/backend/src/models/RepositoryModule.ts

@@ -5,7 +5,7 @@
 
 import { Module } from '@nestjs/common';
 import { DI } from '@/di-symbols.js';
-import { MiAbuseUserReport, MiAccessToken, MiAd, MiAnnouncement, MiAnnouncementRead, MiAntenna, MiApp, MiAttestationChallenge, MiAuthSession, MiBlocking, MiChannel, MiChannelFavorite, MiChannelFollowing, MiClip, MiClipFavorite, MiClipNote, MiDriveFile, MiDriveFolder, MiEmoji, MiFlash, MiFlashLike, MiFollowRequest, MiFollowing, MiGalleryLike, MiGalleryPost, MiHashtag, MiInstance, MiMeta, MiModerationLog, MiMutedNote, MiMuting, MiNote, MiNoteFavorite, MiNoteReaction, MiNoteThreadMuting, MiNoteUnread, MiPage, MiPageLike, MiPasswordResetRequest, MiPoll, MiPollVote, MiPromoNote, MiPromoRead, MiRegistrationTicket, MiRegistryItem, MiRelay, MiRenoteMuting, MiRetentionAggregation, MiRole, MiRoleAssignment, MiSignin, MiSwSubscription, MiUsedUsername, MiUser, MiUserIp, MiUserKeypair, MiUserList, MiUserListFavorite, MiUserListJoining, MiUserMemo, MiUserNotePining, MiUserPending, MiUserProfile, MiUserPublickey, MiUserSecurityKey, MiWebhook } from './index.js';
+import { MiAbuseUserReport, MiAccessToken, MiAd, MiAnnouncement, MiAnnouncementRead, MiAntenna, MiApp, MiAuthSession, MiBlocking, MiChannel, MiChannelFavorite, MiChannelFollowing, MiClip, MiClipFavorite, MiClipNote, MiDriveFile, MiDriveFolder, MiEmoji, MiFlash, MiFlashLike, MiFollowRequest, MiFollowing, MiGalleryLike, MiGalleryPost, MiHashtag, MiInstance, MiMeta, MiModerationLog, MiMutedNote, MiMuting, MiNote, MiNoteFavorite, MiNoteReaction, MiNoteThreadMuting, MiNoteUnread, MiPage, MiPageLike, MiPasswordResetRequest, MiPoll, MiPollVote, MiPromoNote, MiPromoRead, MiRegistrationTicket, MiRegistryItem, MiRelay, MiRenoteMuting, MiRetentionAggregation, MiRole, MiRoleAssignment, MiSignin, MiSwSubscription, MiUsedUsername, MiUser, MiUserIp, MiUserKeypair, MiUserList, MiUserListFavorite, MiUserListJoining, MiUserMemo, MiUserNotePining, MiUserPending, MiUserProfile, MiUserPublickey, MiUserSecurityKey, MiWebhook } from './index.js';
 import type { DataSource } from 'typeorm';
 import type { Provider } from '@nestjs/common';
 
@@ -93,12 +93,6 @@ const $userPendingsRepository: Provider = {
 	inject: [DI.db],
 };
 
-const $attestationChallengesRepository: Provider = {
-	provide: DI.attestationChallengesRepository,
-	useFactory: (db: DataSource) => db.getRepository(MiAttestationChallenge),
-	inject: [DI.db],
-};
-
 const $userSecurityKeysRepository: Provider = {
 	provide: DI.userSecurityKeysRepository,
 	useFactory: (db: DataSource) => db.getRepository(MiUserSecurityKey),
@@ -423,7 +417,6 @@ const $userMemosRepository: Provider = {
 		$userProfilesRepository,
 		$userKeypairsRepository,
 		$userPendingsRepository,
-		$attestationChallengesRepository,
 		$userSecurityKeysRepository,
 		$userPublickeysRepository,
 		$userListsRepository,
@@ -491,7 +484,6 @@ const $userMemosRepository: Provider = {
 		$userProfilesRepository,
 		$userKeypairsRepository,
 		$userPendingsRepository,
-		$attestationChallengesRepository,
 		$userSecurityKeysRepository,
 		$userPublickeysRepository,
 		$userListsRepository,

packages/backend/src/models/entities/AttestationChallenge.ts

@@ -1,51 +0,0 @@
-/*
- * SPDX-FileCopyrightText: syuilo and other misskey contributors
- * SPDX-License-Identifier: AGPL-3.0-only
- */
-
-import { PrimaryColumn, Entity, JoinColumn, Column, ManyToOne, Index } from 'typeorm';
-import { id } from '../id.js';
-import { MiUser } from './User.js';
-
-@Entity('attestation_challenge')
-export class MiAttestationChallenge {
-	@PrimaryColumn(id())
-	public id: string;
-
-	@Index()
-	@PrimaryColumn(id())
-	public userId: MiUser['id'];
-
-	@ManyToOne(type => MiUser, {
-		onDelete: 'CASCADE',
-	})
-	@JoinColumn()
-	public user: MiUser | null;
-
-	@Index()
-	@Column('varchar', {
-		length: 64,
-		comment: 'Hex-encoded sha256 hash of the challenge.',
-	})
-	public challenge: string;
-
-	@Column('timestamp with time zone', {
-		comment: 'The date challenge was created for expiry purposes.',
-	})
-	public createdAt: Date;
-
-	@Column('boolean', {
-		comment:
-			'Indicates that the challenge is only for registration purposes if true to prevent the challenge for being used as authentication.',
-		default: false,
-	})
-	public registrationChallenge: boolean;
-
-	constructor(data: Partial<MiAttestationChallenge>) {
-		if (data == null) return;
-
-		for (const [k, v] of Object.entries(data)) {
-			(this as any)[k] = v;
-		}
-	}
-}

packages/backend/src/models/entities/UserSecurityKey.ts

@@ -24,25 +24,48 @@ export class MiUserSecurityKey {
 	@JoinColumn()
 	public user: MiUser | null;
 
-	@Index()
-	@Column('varchar', {
-		comment:
-			'Variable-length public key used to verify attestations (hex-encoded).',
-	})
-	public publicKey: string;
-
-	@Column('timestamp with time zone', {
-		comment:
-			'The date of the last time the UserSecurityKey was successfully validated.',
-	})
-	public lastUsed: Date;
-
 	@Column('varchar', {
 		comment: 'User-defined name for this key',
 		length: 30,
 	})
 	public name: string;
 
+	@Index()
+	@Column('varchar', {
+		comment: 'The public key of the UserSecurityKey, hex-encoded.',
+	})
+	public publicKey: string;
+
+	@Column('bigint', {
+		comment: 'The number of times the UserSecurityKey was validated.',
+		default: 0,
+	})
+	public counter: number;
+
+	@Column('timestamp with time zone', {
+		comment: 'Timestamp of the last time the UserSecurityKey was used.',
+		default: () => 'now()',
+	})
+	public lastUsed: Date;
+
+	@Column('varchar', {
+		comment: 'The type of Backup Eligibility in authenticator data',
+		length: 32, nullable: true,
+	})
+	public credentialDeviceType: string | null;
+
+	@Column('boolean', {
+		comment: 'Whether or not the credential has been backed up',
+		nullable: true,
+	})
+	public credentialBackedUp: boolean | null;
+
+	@Column('varchar', {
+		comment: 'The type of the credential returned by the browser',
+		length: 32, array: true, nullable: true,
+	})
+	public transports: string[] | null;
+
 	constructor(data: Partial<MiUserSecurityKey>) {
 		if (data == null) return;
 

packages/backend/src/models/index.ts

@@ -10,7 +10,6 @@ import { MiAnnouncement } from '@/models/entities/Announcement.js';
 import { MiAnnouncementRead } from '@/models/entities/AnnouncementRead.js';
 import { MiAntenna } from '@/models/entities/Antenna.js';
 import { MiApp } from '@/models/entities/App.js';
-import { MiAttestationChallenge } from '@/models/entities/AttestationChallenge.js';
 import { MiAuthSession } from '@/models/entities/AuthSession.js';
 import { MiBlocking } from '@/models/entities/Blocking.js';
 import { MiChannelFollowing } from '@/models/entities/ChannelFollowing.js';
@@ -79,7 +78,6 @@ export {
 	MiAnnouncementRead,
 	MiAntenna,
 	MiApp,
-	MiAttestationChallenge,
 	MiAuthSession,
 	MiBlocking,
 	MiChannelFollowing,
@@ -147,7 +145,6 @@ export type AnnouncementsRepository = Repository<MiAnnouncement>;
 export type AnnouncementReadsRepository = Repository<MiAnnouncementRead>;
 export type AntennasRepository = Repository<MiAntenna>;
 export type AppsRepository = Repository<MiApp>;
-export type AttestationChallengesRepository = Repository<MiAttestationChallenge>;
 export type AuthSessionsRepository = Repository<MiAuthSession>;
 export type BlockingsRepository = Repository<MiBlocking>;
 export type ChannelFollowingsRepository = Repository<MiChannelFollowing>;