kanidm/webauthn-rs

'danger-credential-internals' without 'resident-key-support' results in compilation errors, is that intentional?

Closed this issue · 9 comments

I did this

Use the crate with feature 'danger-credential-internals'

I expected the following

Standard compilation (with access to type conversions around Passkey/Credential)

What actually happened

Compilation error:
Cannot find type AttestedResidentKey in this scope

Version (and git commit)

master

Operating System / Version

macos

Any other comments

This is intentional. The resident key support isn't completed yet and is hidden behind a seperate flag.

My primary question is "what are you trying to achieve" - there are very few cases you need AttestedResidentKey for a deployment.

I wanted to expose the ability to convert passkeys to credentials, but with the minimal number of feature flags needed. I don't have a use for attested resident keys, but it seems like I would need to activate that flag in order to use danger-credential-internals

So you want to expose the internal passkey credential here? Reading the source you only need danger-credential-internals for this to be exposed with the from/into methods.

If you are looking at attestedPasskey then you need both danger-credential-internals and preview-features but you shouldn't be using that right now. It's a preview after all.

Are you seeing a compiler error or something else? Can you show what's going wrong?

Specifically I am seeing this:

error[E0412]: cannot find type `AttestedResidentKey` in this scope
   --> /Users/ash/.cargo/git/checkouts/webauthn-rs-13492a96c2900e72/7696d8a/webauthn-rs/src/interface.rs:486:11
    |
486 | impl From<AttestedResidentKey> for Credential {
    |     -     ^^^^^^^^^^^^^^^^^^^ not found in this scope
    |     |
    |     help: you might be missing a type parameter: `<AttestedResidentKey>`

Replicated a handful of times. Seems the issue is that I have only the feature danger-credential-internals set, since I am trying to minimize dangerous features, but this is trying to define an impl definition on a type that doesn't exist unless resident-key-support is set. I am not familiar enough with rust to know if there is a way to have a code segment only exist if multiple feature flags are set.

I only want to use to use danger-credential-internals, but it doesn't currently seem feasible.

@ash-burnt see #333 I think I found the issue

Awesome, thank you

@ash-burnt Since you're using a git main version, can you report any other issues you run into? we want to release this version soon once we have some of the attestation bits worked out, but your feedback would be great.

@Firstyear will do. Currently just working on a PoC but I will let you know if I hit any other snags