From 9b08942973a98a47ec0358c3f15f4a025c4e6bf1 Mon Sep 17 00:00:00 2001
From: Sorah Fukumori <sorah@cookpad.com>
Date: Mon, 1 Oct 2018 11:50:09 +0900
Subject: [PATCH] feat: Make methods public to expose data available

Current implementation hides many data available from authenticators
behind the private methods. It is useful to expose them to users of this
gem, i.e. logging, auditing, and debugging.

I believe this gem should provide a low-level API for RP
implementations.
---
 .../authenticator_assertion_response.rb       |  8 +++----
 .../authenticator_attestation_response.rb     |  8 +++----
 lib/webauthn/authenticator_data.rb            | 24 +++++++++----------
 lib/webauthn/authenticator_response.rb        |  8 +++----
 4 files changed, 24 insertions(+), 24 deletions(-)

diff --git a/lib/webauthn/authenticator_assertion_response.rb b/lib/webauthn/authenticator_assertion_response.rb
index 41edcedf..7f90640b 100644
--- a/lib/webauthn/authenticator_assertion_response.rb
+++ b/lib/webauthn/authenticator_assertion_response.rb
@@ -18,6 +18,10 @@ def valid?(original_challenge, original_origin, allowed_credentials:)
         valid_signature?(credential_public_key(allowed_credentials))
     end
 
+    def authenticator_data
+      @authenticator_data ||= WebAuthn::AuthenticatorData.new(authenticator_data_bytes)
+    end
+
     private
 
     attr_reader :credential_id, :authenticator_data_bytes, :signature
@@ -42,10 +46,6 @@ def valid_credential?(allowed_credentials)
       allowed_credential_ids.include?(credential_id)
     end
 
-    def authenticator_data
-      @authenticator_data ||= WebAuthn::AuthenticatorData.new(authenticator_data_bytes)
-    end
-
     def credential_public_key(allowed_credentials)
       matched_credential = allowed_credentials.find do |credential|
         credential[:id] == credential_id
diff --git a/lib/webauthn/authenticator_attestation_response.rb b/lib/webauthn/authenticator_attestation_response.rb
index de292123..c5ecaa8f 100644
--- a/lib/webauthn/authenticator_attestation_response.rb
+++ b/lib/webauthn/authenticator_attestation_response.rb
@@ -26,10 +26,6 @@ def credential
       authenticator_data.credential
     end
 
-    private
-
-    attr_reader :attestation_object
-
     def attestation_statement
       @attestation_statement ||=
         WebAuthn::AttestationStatement.from(attestation["fmt"], attestation["attStmt"])
@@ -47,6 +43,10 @@ def attestation
       @attestation ||= CBOR.decode(attestation_object)
     end
 
+    private
+
+    attr_reader :attestation_object
+
     def type
       WebAuthn::TYPES[:create]
     end
diff --git a/lib/webauthn/authenticator_data.rb b/lib/webauthn/authenticator_data.rb
index 08e0c3a6..0f46709f 100644
--- a/lib/webauthn/authenticator_data.rb
+++ b/lib/webauthn/authenticator_data.rb
@@ -17,6 +17,8 @@ def initialize(data)
       @data = data
     end
 
+    attr_reader :data
+
     def valid?
       if attested_credential_data_included?
         data.length > base_length && attested_credential_data.valid?
@@ -29,6 +31,10 @@ def user_present?
       flags[USER_PRESENT_FLAG_POSITION] == "1"
     end
 
+    def attested_credential_data_included?
+      flags[ATTESTED_CREDENTIAL_DATA_INCLUDED_FLAG_POSITION] == "1"
+    end
+
     def rp_id_hash
       @rp_id_hash ||=
         if valid?
@@ -40,15 +46,17 @@ def credential
       attested_credential_data.credential
     end
 
-    private
-
-    attr_reader :data
-
     def attested_credential_data
       @attested_credential_data ||=
         AttestedCredentialData.new(data_at(attested_credential_data_position))
     end
 
+    def flags
+      @flags ||= data_at(flags_position, FLAGS_LENGTH).unpack1("b*")
+    end
+
+    private
+
     def attested_credential_data_position
       base_length
     end
@@ -57,18 +65,10 @@ def base_length
       RP_ID_HASH_LENGTH + FLAGS_LENGTH + SIGN_COUNT_LENGTH
     end
 
-    def flags
-      @flags ||= data_at(flags_position, FLAGS_LENGTH).unpack1("b*")
-    end
-
     def flags_position
       RP_ID_HASH_LENGTH
     end
 
-    def attested_credential_data_included?
-      flags[ATTESTED_CREDENTIAL_DATA_INCLUDED_FLAG_POSITION] == "1"
-    end
-
     def data_at(position, length = nil)
       length ||= data.size - position
 
diff --git a/lib/webauthn/authenticator_response.rb b/lib/webauthn/authenticator_response.rb
index bd036fc9..01057a74 100644
--- a/lib/webauthn/authenticator_response.rb
+++ b/lib/webauthn/authenticator_response.rb
@@ -15,6 +15,10 @@ def valid?(original_challenge, original_origin)
         authenticator_data.user_present?
     end
 
+    def client_data
+      @client_data ||= WebAuthn::ClientData.new(client_data_json)
+    end
+
     private
 
     attr_reader :client_data_json
@@ -23,10 +27,6 @@ def valid_type?
       client_data.type == type
     end
 
-    def client_data
-      @client_data ||= WebAuthn::ClientData.new(client_data_json)
-    end
-
     def valid_challenge?(original_challenge)
       WebAuthn::Utils.authenticator_decode(client_data.challenge) == original_challenge
     end