barycenter/tests/tools

WebAuthn Fixture Capture Tool

This tool captures real WebAuthn responses from your authenticator for use in integration tests.

Prerequisites

1. Start Barycenter server:

   cargo run
   

2. Create a test user (if not already exists):

   # The default admin user should work (admin/password123)
   

Usage

1. Open capture_webauthn_fixture.html in your browser:

   open tests/tools/capture_webauthn_fixture.html
   # or
   firefox tests/tools/capture_webauthn_fixture.html
   

2. Click "Login to Server" to authenticate

3. Click "Capture Registration Fixture" to register a new passkey

   • Your browser will prompt you to use your authenticator
   • Use TouchID, Windows Hello, or a USB security key

4. Copy the JSON output and save to tests/fixtures/

Fixture Types

Hardware-Bound Passkey

• File: hardware_key_registration.json
• Device: USB security key (YubiKey, etc.)
• Characteristics:
  • backup_eligible: false
  • backup_state: false
  • AMR: ["hwk"]

Cloud-Synced Passkey

• File: cloud_synced_passkey.json
• Device: TouchID (macOS), Windows Hello, iCloud Keychain
• Characteristics:
  • backup_eligible: true
  • backup_state: true
  • AMR: ["swk"]

Captured Data

Each fixture contains:

• challenge_response: The initial challenge from the server
• credential_response: The credential created by the authenticator
• server_response: The server's verification response (registration only)
• metadata: Capture timestamp, authenticator type, user agent

Using Fixtures in Tests

use crate::helpers::load_fixture;

#[tokio::test]
async fn test_passkey_registration() {
    let fixture = load_fixture("hardware_key_registration");
    // Use fixture.challenge_response and fixture.credential_response in tests
}

Tips

• Multiple Devices: Capture fixtures from different authenticator types (hardware vs platform)
• Fresh Captures: If the server's JWKS changes, you may need to recapture fixtures
• Counter Values: Each authentication increments the counter - recapture if needed for specific counter tests