Merge pull request #1 from MasterKale/feature/lerna

feature/monorepo

5 files changed, 255 insertions, 0 deletions

diff --git a/packages/typescript-types/.npmignore b/packages/typescript-types/.npmignore
new file mode 100644
index 0000000..d2360e9
--- /dev/null
+++ b/packages/typescript-types/.npmignore
@@ -0,0 +1,7 @@
+src
+node_modules
+coverage
+.gitignore
+tsconfig.json
+*.config.js
+__mocks__
diff --git a/packages/typescript-types/README.md b/packages/typescript-types/README.md
new file mode 100644
index 0000000..a3d2713
--- /dev/null
+++ b/packages/typescript-types/README.md
@@ -0,0 +1,4 @@
+# @webauthntine/typescript-types
+[![npm (scoped)](https://img.shields.io/npm/v/@webauthntine/typescript-types)](https://www.npmjs.com/package/@webauthntine/typescript-types)
+
+TypeScript typings for [@webauthntine/server](../server/) and [@webauthntine/browser](../browser/)
diff --git a/packages/typescript-types/package.json b/packages/typescript-types/package.json
new file mode 100644
index 0000000..5e04fae
--- /dev/null
+++ b/packages/typescript-types/package.json
@@ -0,0 +1,23 @@
+{
+  "name": "@webauthntine/typescript-types",
+  "version": "0.1.1",
+  "description": "TypeScript types used by the @webauthntine series of libraries",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "author": "Matthew Miller <matthew@millerti.me>",
+  "license": "MIT",
+  "homepage": "https://github.com/MasterKale/WebAuthntine/packages/typescript-types#readme",
+  "publishConfig": {
+    "access": "public"
+  },
+  "scripts": {
+    "build": "rimraf dist && tsc",
+    "prepare": "npm run build"
+  },
+  "keywords": [
+    "webauthn",
+    "typescript",
+    "types"
+  ],
+  "gitHead": "33ccf8c6c9add811c87d3089e24156c2342b3498"
+}
diff --git a/packages/typescript-types/src/index.ts b/packages/typescript-types/src/index.ts
new file mode 100644
index 0000000..15771b0
--- /dev/null
+++ b/packages/typescript-types/src/index.ts
@@ -0,0 +1,214 @@
+/**
+ * A variant of PublicKeyCredentialCreationOptions suitable for JSON transmission to the browser to
+ * (eventually) get passed into navigator.credentials.create(...) in the browser.
+ *
+ * Noteworthy values:
+ * @param challenge A random string of characters. Will be converted to a Uint8Array in the browser
+ * @param user.id Your unique, internal ID for the user. Will be converted to a Uint8Array in the
+ * browser
+ */
+export type PublicKeyCredentialCreationOptionsJSON = {
+  publicKey: {
+    challenge: string,
+    // The organization registering and authenticating the user
+    rp: {
+      name: string,
+      id: string,
+    },
+    user: {
+      id: string,
+      name: string,
+      displayName: string,
+    },
+    pubKeyCredParams: [{
+      alg: -7,
+      type: 'public-key',
+    }],
+    timeout?: number,
+    attestation: 'direct' | 'indirect',
+  },
+};
+
+/**
+ * A variant of PublicKeyCredentialRequestOptions suitable for JSON transmission to the browser to
+ * (eventually) get passed into navigator.credentials.get(...) in the browser.
+ *
+ * Noteworthy values:
+ * @param challenge A random string of characters. Will be converted to a Uint8Array in the browser
+ * @param allowCredentials.id Base64-encoded credentialId. Will be converted to a Uint8Array in the
+ * browser
+ */
+export type PublicKeyCredentialRequestOptionsJSON = {
+  publicKey: {
+    //
+    challenge: string,
+    allowCredentials: {
+      // Will be converted to a Uint8Array in the browser
+      id: string,
+      type: 'public-key',
+      transports?: AuthenticatorTransport[],
+    }[],
+    // extensions?: AuthenticationExtensionsClientInputs,
+    rpId?: string,
+    timeout?: number,
+    userVerification?: UserVerificationRequirement,
+  },
+};
+
+/**
+ * The value returned from navigator.credentials.create()
+ */
+export interface AttestationCredential extends PublicKeyCredential {
+  response: AuthenticatorAttestationResponse;
+}
+
+/**
+ * The value returned from navigator.credentials.get()
+ */
+export interface AssertionCredential extends PublicKeyCredential {
+  response: AuthenticatorAssertionResponse;
+}
+
+/**
+ * A slightly-modified AuthenticatorAttestationResponse to simplify working with ArrayBuffers that
+ * are base64-encoded in the browser so that they can be sent as JSON to the server.
+ */
+export interface AuthenticatorAttestationResponseJSON extends Omit<
+AuthenticatorAttestationResponse, 'clientDataJSON' | 'attestationObject'
+> {
+  base64ClientDataJSON: string,
+  base64AttestationObject: string;
+}
+
+/**
+ * A slightly-modified AuthenticatorAttestationResponse to simplify working with ArrayBuffers that
+ * are base64-encoded in the browser so that they can be sent as JSON to the server.
+ */
+export interface AuthenticatorAssertionResponseJSON extends Omit<
+AuthenticatorAssertionResponse, 'clientDataJSON' | 'authenticatorData' | 'signature' | 'userHandle'
+> {
+  base64AuthenticatorData: string;
+  base64ClientDataJSON: string;
+  base64Signature: string;
+  base64UserHandle?: string;
+}
+
+export enum ATTESTATION_FORMATS {
+  FIDO_U2F = 'fido-u2f',
+  PACKED = 'packed',
+  ANDROID_SAFETYNET = 'android-safetynet',
+  NONE = 'none',
+}
+
+export type AttestationObject = {
+  fmt: ATTESTATION_FORMATS,
+  attStmt: {
+    sig?: Buffer,
+    x5c?: Buffer[],
+    ecdaaKeyId?: Buffer,
+    response?: Buffer,
+  },
+  authData: Buffer,
+};
+
+export type ParsedAttestationAuthData = {
+  rpIdHash: Buffer,
+  flagsBuf: Buffer,
+  flags: {
+      up: boolean,
+      uv: boolean,
+      at: boolean,
+      ed: boolean,
+      flagsInt: number,
+  },
+  counter: number,
+  counterBuf: Buffer,
+  aaguid?: Buffer,
+  credentialID?: Buffer,
+  COSEPublicKey?: Buffer,
+};
+
+export type ClientDataJSON = {
+  type: string,
+  challenge: string,
+  origin: string,
+};
+
+/**
+ * Result of attestation verification
+ */
+export type VerifiedAttestation = {
+  verified: boolean,
+  userVerified: boolean;
+  authenticatorInfo?: {
+    fmt: ATTESTATION_FORMATS,
+    counter: number,
+    base64PublicKey: string,
+    base64CredentialID: string,
+  },
+};
+
+/**
+ * Result of assertion verification
+ */
+export type VerifiedAssertion = {
+  verified: boolean;
+};
+
+export type CertificateInfo = {
+  subject: { [key: string]: string },
+  version: number,
+  basicConstraintsCA: boolean,
+};
+
+export enum COSEKEYS {
+  kty = 1,
+  alg = 3,
+  crv = -1,
+  x = -2,
+  y = -3,
+  n = -1,
+  e = -2,
+}
+
+export type COSEPublicKey = Map<COSEAlgorithmIdentifier, number | Buffer>;
+
+export type SafetyNetJWTHeader = {
+  alg: 'string',
+  x5c: string[],
+};
+
+export type SafetyNetJWTPayload = {
+  nonce: string,
+  timestampMs: number,
+  apkPackageName: string,
+  apkDigestSha256: string,
+  ctsProfileMatch: boolean,
+  apkCertificateDigestSha256: string[],
+  basicIntegrity: boolean,
+};
+
+export type SafetyNetJWTSignature = string;
+
+export type ParsedAssertionAuthData = {
+  rpIdHash: Buffer,
+  flagsBuf: Buffer,
+  flags: number,
+  counter: number,
+  counterBuf: Buffer,
+};
+
+/**
+ * U2F Presence constant
+ */
+export const U2F_USER_PRESENTED = 0x01;
+
+/**
+ * A WebAuthn-compatible device and the information needed to verify assertions by it
+ */
+export type AuthenticatorDevice = {
+  base64PublicKey: string,
+  base64CredentialID: string,
+  // Number of times this device is expected to have been used
+  counter: number,
+};
diff --git a/packages/typescript-types/tsconfig.json b/packages/typescript-types/tsconfig.json
new file mode 100644
index 0000000..9ddf207
--- /dev/null
+++ b/packages/typescript-types/tsconfig.json
@@ -0,0 +1,7 @@
+{
+  "extends": "../../tsconfig.json",
+  "compilerOptions": {
+    "baseUrl": "./src",
+    "outDir": "./dist",
+  }
+}