WebAuthn / Passkeys
Add passkey-based passwordless authentication to your Delphi server. WebAuthn Level 2 / FIDO2 registration and authentication ceremonies, attestation verification, credential storage hooks.
Add passkey-based passwordless authentication to your Delphi server. WebAuthn Level 2 / FIDO2 registration and authentication ceremonies, attestation verification, credential storage hooks.
Implements the WebAuthn relying-party server side — create credential challenges, verify navigator.credentials responses, parse attestation statements and validate assertion signatures.
TsgcWSAPIServer_WebAuthn
Windows, macOS, Linux, iOS, Android
Enterprise
Drop a TsgcWSAPIServer_WebAuthn on a TsgcWebSocketHTTPServer, configure RpId/RpName, then handle OnRegistrationVerify and OnAuthenticationVerify to persist credentials.
uses
sgcWebSocket, sgcWebSocket_Server_APIs;
var
Server: TsgcWebSocketHTTPServer;
WebAuthn: TsgcWSAPIServer_WebAuthn;
begin
Server := TsgcWebSocketHTTPServer.Create(nil);
Server.Port := 8443;
Server.SSL := True;
WebAuthn := TsgcWSAPIServer_WebAuthn.Create(nil);
WebAuthn.Server := Server;
WebAuthn.RelyingParty.Id := 'example.com';
WebAuthn.RelyingParty.Name := 'Example RP';
WebAuthn.OnRegistrationVerify := procedure(Sender: TObject;
const aRequest: TsgcWebAuthn_RegistrationVerify_Request;
const aRegistration: TsgcWebAuthn_Registration; const aError: string)
begin
// store aRegistration.CredentialId / publicKey / counter / userHandle
end;
Server.Active := True;
end;// uses: sgcWebSocket, sgcWebSocket_Server_APIs
TsgcWebSocketHTTPServer *Server = new TsgcWebSocketHTTPServer(this);
TsgcWSAPIServer_WebAuthn *WebAuthn = new TsgcWSAPIServer_WebAuthn(this);
WebAuthn->Server = Server;
WebAuthn->RelyingParty->Id = "example.com";
WebAuthn->RelyingParty->Name = "Example RP";
Server->Active = true;A relying-party server that turns a Delphi process into a passkey-aware authentication endpoint.
OnRegistrationOptions issues PublicKeyCredentialCreationOptions; the browser invokes navigator.credentials.create(); OnRegistrationVerify validates the attestation and returns the new credential record.
OnAuthenticationOptions issues PublicKeyCredentialRequestOptions with the previously stored credential IDs; OnAuthenticationVerify validates the assertion signature using the stored public key.
Supports none, packed, fido-u2f, tpm, android-key, android-safetynet and apple attestation statement formats.
Tracks the per-credential signCount to detect cloned authenticators — if the counter regresses, OnAuthenticationVerify reports an error you can act on.
UserVerification can be set to required, preferred or discouraged per ceremony — the validation step enforces the choice.
OnAuthenticationOptions hands you the user handle so you return the right list of allowCredentials for the in-progress login — storage is yours to design.
Fuentes autorizadas de los estándares que implementa este componente.
Enlace directo a la referencia del componente, descarga el proyecto demo listo para ejecutar y la prueba gratuita.
| Online Help — TsgcWSAPIServer_WebAuthn Referencia completa de propiedades, métodos y eventos de este componente. | Abrir | |
| Demo Project — Demos\20.HTTP_Protocol\12.WebAuthn Proyecto de ejemplo listo para ejecutar. Se incluye en el paquete sgcWebSockets — descarga la prueba gratuita más abajo. | Abrir | |
| Documento técnico (PDF) Características, inicio rápido, ejemplos de código para Delphi y C++ Builder y referencias de fuentes primarias — solo este componente. | Abrir | |
| Manual de usuario (PDF) Manual completo que cubre todos los componentes de la biblioteca. | Abrir |