Skip to content

Commit

Permalink
updating demo
Browse files Browse the repository at this point in the history
  • Loading branch information
dagnelies committed Feb 24, 2024
1 parent 9fd7581 commit 562ce75
Show file tree
Hide file tree
Showing 9 changed files with 44 additions and 25 deletions.
4 changes: 2 additions & 2 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -134,7 +134,7 @@ const registration = await client.register("Arnaud", challenge, {
authenticatorType: "auto",
userVerification: "required",
timeout: 60000,
attestation: false,
attestation: true,
userHandle: "recommended to set it to a random 64 bytes value",
debug: false
})
Expand Down Expand Up @@ -395,7 +395,7 @@ Registration options
--------------------

- `discoverable`: (`'discouraged'`, `'preferred'` or `'required'`) If the credential is "discoverable", it can be selected using `authenticate` without providing credential IDs. In that case, a native pop-up will appear for user selection. This may have an impact on the "passkeys" user experience and syncing behavior of the key. *(Default: 'preferred')*
- `attestation`: If enabled, the device attestation and clientData will be provided as base64 encoded binary data. Note that this is not available on some platforms. *(Default: false)*
- `attestation`: If enabled, the device attestation and clientData will be provided as base64 encoded binary data. Note that this may impact the authenticator information available or the UX depending on the platform. *(Default: false)*
- `userHandle`: The `userHandle` can be used to re-register credentials for an existing user, thus overriding the current the key pair and username for that `userHandle`. *The default here is based on a hash of the `username`, and thus has some security implications as described in [issue](https://github.com/passwordless-id/webauthn/issues/29). For optimal security and privacy, it is recommended to set the `userHandle` to a random 64 bytes value.*


Expand Down
14 changes: 13 additions & 1 deletion demos/basic.html
Original file line number Diff line number Diff line change
Expand Up @@ -33,10 +33,22 @@
<template v-if="isAuthenticated">
<p>{{'Hello ' + username + '!'}}</p>
<section v-if="registrationData && !authenticationData" style="text-align: left;">
<p>
<b>Authenticator:</b>
<img style="vertical-align: middle;" :src="registrationData.authenticator.icon_light" />
<span>{{registrationData.authenticator.name}}</span>
</p>
<p>
<b>Type:</b>
<template v-if="registrationData.authenticator">
<b-tag type="is-primary" v-if="registrationData.authenticator.synced === true">Synced / multi-device credential</b-tag>
<b-tag type="is-primary" v-if="registrationData.authenticator.synced === false">Device-bound credential</b-tag>
</template>
</p>
<hr/>
<p><b>Credential ID:</b> {{registrationData.credential.id}}</p>
<p><b>Public Key:</b> {{registrationData.credential.publicKey.substring(0,32)}}...</p>
<p><b>Algorithm:</b> {{registrationData.credential.algorithm}}</p>
<p><b>Authenticator Name:</b> {{registrationData.authenticator.name}}</p>
</section>
<section v-if="authenticationData" style="text-align: left;">
<p><b>Credential ID:</b> {{authenticationData.credentialId}}</p>
Expand Down
9 changes: 7 additions & 2 deletions demos/js/basic.js
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,10 @@ const app = new Vue({
this.isRegistered = !!window.localStorage.getItem(this.username)
},
async register() {
let res = await client.register(this.username, window.crypto.randomUUID(), { authType: this.isRoaming ? 'roaming' : 'auto' })
let res = await client.register(this.username, window.crypto.randomUUID(), {
authenticatorType: this.isRoaming ? 'roaming' : 'auto',
attestation: true
})
console.debug(res)

const parsed = parsers.parseRegistration(res)
Expand All @@ -35,7 +38,9 @@ const app = new Vue({
},
async login() {
let credentialId = window.localStorage.getItem(this.username)
let res = await client.authenticate(credentialId ? [credentialId] : [], window.crypto.randomUUID(), { authType: this.isRoaming ? 'roaming' : 'auto' })
let res = await client.authenticate(credentialId ? [credentialId] : [], window.crypto.randomUUID(), {
authenticatorType: this.isRoaming ? 'roaming' : 'auto'
})
console.debug(res)

const parsed = parsers.parseAuthentication(res)
Expand Down
2 changes: 1 addition & 1 deletion demos/js/playground.js
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ import {client, server, parsers, utils} from '../../dist/webauthn.min.js'
userVerification: 'required',
discoverable: 'preferred',
timeout: 60000,
attestation: false,
attestation: true,
},
result: null,
parsed: null
Expand Down
4 changes: 2 additions & 2 deletions demos/playground.html
Original file line number Diff line number Diff line change
Expand Up @@ -87,8 +87,8 @@ <h2 class="title">Registration</h2>
<b-field label="attestation" horizontal>
<b-checkbox v-model="registration.options.attestation" expanded></b-checkbox>
<div class="hint">
<p>If enabled, the device attestation and clientData will be provided as base64 encoded binary data. Not
available on some platforms.</p>
<p>If enabled, the device attestation and clientData will be provided as base64 encoded binary data.
Note that this may impact the authenticator information available or the UX depending on the platform.</p>
</div>
</b-field>

Expand Down
2 changes: 1 addition & 1 deletion dist/webauthn.min.js

Large diffs are not rendered by default.

4 changes: 2 additions & 2 deletions dist/webauthn.min.js.map

Large diffs are not rendered by default.

25 changes: 14 additions & 11 deletions src/authenticators.ts
Original file line number Diff line number Diff line change
Expand Up @@ -10,19 +10,22 @@ export function parseAuthBuffer(authData :ArrayBuffer) {
// https://w3c.github.io/webauthn/#sctn-authenticator-data
let parsed :any = {
rpIdHash: utils.toBase64url(authData.slice(0,32)),
flags: {
userPresent: !!(flags & 1),
//reserved1: !!(flags & 2),
userVerified: !!(flags & 4),
backupEligibility: !!(flags & 8),
backupState: !!(flags & 16),
//reserved2: !!(flags & 32),
attestedData: !!(flags & 64),
extensionsIncluded: !!(flags & 128)
},
counter: new DataView(authData.slice(33,37)).getUint32(0, false), // Big-Endian!
flags: {
userPresent: !!(flags & 1),
//reserved1: !!(flags & 2),
userVerified: !!(flags & 4),
backupEligibility: !!(flags & 8),
backupState: !!(flags & 16),
//reserved2: !!(flags & 32),
attestedData: !!(flags & 64),
extensionsIncluded: !!(flags & 128)
},
counter: new DataView(authData.slice(33,37)).getUint32(0, false), // Big-Endian!
}

// this is more descriptive than "backupState"
parsed.synced = parsed.flags.backupState

if(authData.byteLength > 37) {
// registration contains additional data

Expand Down
5 changes: 2 additions & 3 deletions src/parsers.ts
Original file line number Diff line number Diff line change
Expand Up @@ -19,9 +19,8 @@ export function parseAuthenticator(data :string|ArrayBuffer) :AuthenticatorInfo


export function parseAttestation(data :string|ArrayBuffer) :unknown {
if(typeof data == 'string')
data = utils.parseBase64url(data)

//if(typeof data == 'string')
// data = utils.parseBase64url(data)
// Useless comment, let's at least provide the raw value
// return "The device attestation proves the authenticity of the device model / aaguid. It's not guaranteed to be included and really complex to parse / verify. Good luck with that one!"
return data;
Expand Down

0 comments on commit 562ce75

Please sign in to comment.