diff options
Diffstat (limited to 'config/initializers/webauthn.rb')
-rw-r--r-- | config/initializers/webauthn.rb | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/config/initializers/webauthn.rb b/config/initializers/webauthn.rb new file mode 100644 index 00000000000..8dc5dfd56ed --- /dev/null +++ b/config/initializers/webauthn.rb @@ -0,0 +1,35 @@ +WebAuthn.configure do |config| + # This value needs to match `window.location.origin` evaluated by + # the User Agent during registration and authentication ceremonies. + config.origin = Settings.gitlab['base_url'] + + # Relying Party name for display purposes + # config.rp_name = "Example Inc." + + # Optionally configure a client timeout hint, in milliseconds. + # This hint specifies how long the browser should wait for any + # interaction with the user. + # This hint may be overridden by the browser. + # https://www.w3.org/TR/webauthn/#dom-publickeycredentialcreationoptions-timeout + # config.credential_options_timeout = 120_000 + + # You can optionally specify a different Relying Party ID + # (https://www.w3.org/TR/webauthn/#relying-party-identifier) + # if it differs from the default one. + # + # In this case the default would be "auth.example.com", but you can set it to + # the suffix "example.com" + # + # config.rp_id = "example.com" + + # Configure preferred binary-to-text encoding scheme. This should match the encoding scheme + # used in your client-side (user agent) code before sending the credential to the server. + # Supported values: `:base64url` (default), `:base64` or `false` to disable all encoding. + # + config.encoding = :base64 + + # Possible values: "ES256", "ES384", "ES512", "PS256", "PS384", "PS512", "RS256", "RS384", "RS512", "RS1" + # Default: ["ES256", "PS256", "RS256"] + # + # config.algorithms << "ES384" +end |