diff --git a/docs/guides/security/identity-and-access-management.mdx b/docs/guides/security/identity-and-access-management.mdx index 4cbf20d1..646d7bff 100644 --- a/docs/guides/security/identity-and-access-management.mdx +++ b/docs/guides/security/identity-and-access-management.mdx @@ -241,11 +241,10 @@ and [Android](https://developer.android.com/training/app-links/verify-android-ap For more information, view an [example implementation in the form of a Unity app](https://github.com/dfinity/examples/tree/master/native-apps/unity_ii_deeplink). The following pieces of that codebase are most important: -* Generation of the intermediate session key [in index.js](https://github.com/dfinity/examples/blob/master/native-apps/unity_ii_deeplink/ii_integration_dapp/src/greet_frontend/src/index.js#L25). -* [Authentication using the intermediate session key](https://github.com/dfinity/examples/blob/master/native-apps/unity_ii_deeplink/ii_integration_dapp/src/greet_frontend/src/index.js#L26-L36) instead of the mobile app public key. -* [Generating the delegation chain](https://github.com/dfinity/examples/blob/master/native-apps/unity_ii_deeplink/ii_integration_dapp/src/greet_frontend/src/index.js#L48-L57) by combining the delegation obtained from II with a delegation created by the frontend. -* [Returning the delegation chain using an applink/universal link](https://github.com/dfinity/examples/blob/master/native-apps/unity_ii_deeplink/ii_integration_dapp/src/greet_frontend/src/index.js#L71). -* Returning the delegation chain [using a URI fragment](https://github.com/dfinity/examples/blob/master/native-apps/unity_ii_deeplink/ii_integration_dapp/src/greet_frontend/src/index.js#L73). -* The example is currently being improved whereby the delegation chain will also be verified in the mobile app before using it. +* [Generating the intermediate (middle) key](https://github.com/dfinity/examples/blob/master/native-apps/unity_ii_deeplink/ii-bridge/src/main.js#L84) (`ECDSAKeyIdentity.generate()`): the private key stays in the browser via the WebCrypto API and is never extractable. +* [Authenticating with the intermediate key](https://github.com/dfinity/examples/blob/master/native-apps/unity_ii_deeplink/ii-bridge/src/main.js#L88-L89) (passing `middleKeyIdentity` to `AuthClient`) instead of the mobile app's public key, so II can never issue a delegation directly usable by the app. +* [Generating the delegation chain](https://github.com/dfinity/examples/blob/master/native-apps/unity_ii_deeplink/ii-bridge/src/main.js#L102-L108) by combining the II-issued delegation with a second, short-lived delegation from the middle key to the app's Ed25519 session key. +* [Returning the delegation chain using a URI fragment](https://github.com/dfinity/examples/blob/master/native-apps/unity_ii_deeplink/ii-bridge/src/main.js#L130-L133) (`#delegation=…`) so the chain is not included in any HTTP request if the deep link falls through to the browser. The example uses a custom URL scheme (`org.dfinity.unity-ii://`) by default; see the [README](https://github.com/dfinity/examples/tree/master/native-apps/unity_ii_deeplink#upgrading-to-https-deep-links-for-production) for upgrading to Android App Links or iOS Universal Links for production. +* [Verifying the delegation chain](https://github.com/dfinity/examples/blob/master/native-apps/unity_ii_deeplink/unity_project/Assets/Scripts/DeepLinkPlugin.cs#L105-L111) in the mobile app before constructing the identity: the last delegation's `pubkey` is compared against the session key generated in step 2 to prevent a session-fixation attack where a delegation intended for a different session is replayed. {/* Upstream: sync from dfinity/portal building-apps/security/iam.mdx */}