Merge pull request #324 from MasterKale/feat/prefer-rkey

feat/prefer-rkey

2 files changed, 36 insertions, 9 deletions

diff --git a/packages/server/src/registration/generateRegistrationOptions.test.ts b/packages/server/src/registration/generateRegistrationOptions.test.ts
index 678c6a0..1553f92 100644
--- a/packages/server/src/registration/generateRegistrationOptions.test.ts
+++ b/packages/server/src/registration/generateRegistrationOptions.test.ts
@@ -48,10 +48,13 @@ test('should generate credential request options suitable for sending via JSON',
     attestation: attestationType,
     excludeCredentials: [],
     authenticatorSelection: {
-      requireResidentKey: true,
-      residentKey: 'required',
+      requireResidentKey: false,
+      residentKey: 'preferred',
       userVerification: 'preferred',
     },
+    extensions: {
+      credProps: true,
+    }
   });
 });
 
@@ -135,9 +138,30 @@ test('should set extensions if specified', () => {
     extensions: { appid: 'simplewebauthn' },
   });
 
-  expect(options.extensions).toEqual({
-    appid: 'simplewebauthn',
+  expect(options.extensions?.appid).toEqual('simplewebauthn');
+});
+
+test('should include credProps if extensions are not provided', () => {
+  const options = generateRegistrationOptions({
+    rpName: 'SimpleWebAuthn',
+    rpID: 'not.real',
+    userID: '1234',
+    userName: 'usernameHere',
+  });
+
+  expect(options.extensions?.credProps).toEqual(true);
+});
+
+test('should include credProps if extensions are provided', () => {
+  const options = generateRegistrationOptions({
+    rpName: 'SimpleWebAuthn',
+    rpID: 'not.real',
+    userID: '1234',
+    userName: 'usernameHere',
+    extensions: { appid: 'simplewebauthn' },
   });
+
+  expect(options.extensions?.credProps).toEqual(true);
 });
 
 test('should generate a challenge if one is not provided', () => {
@@ -198,7 +222,7 @@ test('should discourage resident key if residentKey option is absent but require
   expect(options.authenticatorSelection?.residentKey).toBeUndefined();
 });
 
-test('should require resident key if both residentKey and requireResidentKey options are absent', () => {
+test('should prefer resident key if both residentKey and requireResidentKey options are absent', () => {
   const options = generateRegistrationOptions({
     rpID: 'not.real',
     rpName: 'SimpleWebAuthn',
@@ -206,8 +230,8 @@ test('should require resident key if both residentKey and requireResidentKey opt
     userName: 'usernameHere',
   });
 
-  expect(options.authenticatorSelection?.requireResidentKey).toEqual(true);
-  expect(options.authenticatorSelection?.residentKey).toEqual('required');
+  expect(options.authenticatorSelection?.requireResidentKey).toEqual(false);
+  expect(options.authenticatorSelection?.residentKey).toEqual('preferred');
 });
 
 test('should set requireResidentKey to true if residentKey if set to required', () => {
diff --git a/packages/server/src/registration/generateRegistrationOptions.ts b/packages/server/src/registration/generateRegistrationOptions.ts
index 8f5e0c0..71cd51f 100644
--- a/packages/server/src/registration/generateRegistrationOptions.ts
+++ b/packages/server/src/registration/generateRegistrationOptions.ts
@@ -62,7 +62,7 @@ export const supportedCOSEAlgorithmIdentifiers: COSEAlgorithmIdentifier[] = [
  * defaults.
  */
 const defaultAuthenticatorSelection: AuthenticatorSelectionCriteria = {
-  residentKey: 'required',
+  residentKey: 'preferred',
   userVerification: 'preferred',
 };
 
@@ -178,6 +178,9 @@ export function generateRegistrationOptions(
       id: isoBase64URL.fromBuffer(cred.id as Uint8Array),
     })),
     authenticatorSelection,
-    extensions,
+    extensions: {
+      ...extensions,
+      credProps: true,
+    },
   };
 }