diff options
Diffstat (limited to 'packages/browser/src')
| -rw-r--r-- | packages/browser/src/index.ts | 2 | ||||
| -rw-r--r-- | packages/browser/src/methods/startAssertion.ts | 54 |
2 files changed, 56 insertions, 0 deletions
diff --git a/packages/browser/src/index.ts b/packages/browser/src/index.ts index bcf2e2f..38ce91b 100644 --- a/packages/browser/src/index.ts +++ b/packages/browser/src/index.ts @@ -1,7 +1,9 @@ import startAttestation from './methods/startAttestation'; +import startAssertion from './methods/startAssertion'; import supportsWebauthn from './helpers/supportsWebauthn'; export { startAttestation, + startAssertion, supportsWebauthn, }; diff --git a/packages/browser/src/methods/startAssertion.ts b/packages/browser/src/methods/startAssertion.ts new file mode 100644 index 0000000..c42e614 --- /dev/null +++ b/packages/browser/src/methods/startAssertion.ts @@ -0,0 +1,54 @@ +import { + PublicKeyCredentialRequestOptionsJSON, + AuthenticatorAssertionResponseJSON, + AssertionCredential, +} from '@webauthntine/typescript-types'; + +import toUint8Array from '../helpers/toUint8Array'; +import toBase64String from '../helpers/toBase64String'; +import supportsWebauthn from '../helpers/supportsWebauthn'; + +/** + * Begin authenticator "login" via WebAuthn assertion + * + * @param requestOptionsJSON Output from @webauthntine/server's generateAssertionOptions(...) + */ +export default async function startAssertion( + requestOptionsJSON: PublicKeyCredentialRequestOptionsJSON +): Promise<AuthenticatorAssertionResponseJSON> { + if (!supportsWebauthn()) { + throw new Error('Webauthn is not supported in this browser'); + } + + // We need to convert some values to Uint8Arrays before passing the credentials to the navigator + const publicKey: PublicKeyCredentialRequestOptions = { + ...requestOptionsJSON.publicKey, + challenge: toUint8Array(requestOptionsJSON.publicKey.challenge), + allowCredentials: requestOptionsJSON.publicKey.allowCredentials.map((cred) => ({ + ...cred, + id: toUint8Array(cred.id), + })) + }; + + // Wait for the user to complete assertion + const credential = await navigator.credentials.get({ publicKey }); + + if (!credential) { + throw new Error('Assertion was not completed'); + } + + const { response } = (credential as AssertionCredential); + + let base64UserHandle = undefined; + if (response.userHandle) { + base64UserHandle = toBase64String(response.userHandle); + } + + // Convert values to base64 to make it easier to send back to the server + return { + base64AuthenticatorData: toBase64String(response.authenticatorData), + base64ClientDataJSON: toBase64String(response.clientDataJSON), + base64Signature: toBase64String(response.signature), + base64UserHandle, + }; +} |