diff options
Diffstat (limited to 'packages/browser/src')
24 files changed, 383 insertions, 390 deletions
diff --git a/packages/browser/src/helpers/__jest__/generateCustomError.ts b/packages/browser/src/helpers/__jest__/generateCustomError.ts index 3c0a817..25609fa 100644 --- a/packages/browser/src/helpers/__jest__/generateCustomError.ts +++ b/packages/browser/src/helpers/__jest__/generateCustomError.ts @@ -2,17 +2,17 @@ * Create "custom errors" to help emulate WebAuthn API errors */ type WebAuthnErrorName = - | "AbortError" - | "ConstraintError" - | "InvalidStateError" - | "NotAllowedError" - | "NotSupportedError" - | "SecurityError" - | "UnknownError"; + | 'AbortError' + | 'ConstraintError' + | 'InvalidStateError' + | 'NotAllowedError' + | 'NotSupportedError' + | 'SecurityError' + | 'UnknownError'; export function generateCustomError( name: WebAuthnErrorName, - message = "", + message = '', ): Error { const customError = new Error(); customError.name = name; diff --git a/packages/browser/src/helpers/base64URLStringToBuffer.ts b/packages/browser/src/helpers/base64URLStringToBuffer.ts index db78b35..f30b3d5 100644 --- a/packages/browser/src/helpers/base64URLStringToBuffer.ts +++ b/packages/browser/src/helpers/base64URLStringToBuffer.ts @@ -7,7 +7,7 @@ */ export function base64URLStringToBuffer(base64URLString: string): ArrayBuffer { // Convert from Base64URL to Base64 - const base64 = base64URLString.replace(/-/g, "+").replace(/_/g, "/"); + const base64 = base64URLString.replace(/-/g, '+').replace(/_/g, '/'); /** * Pad with '=' until it's a multiple of four * (4 - (85 % 4 = 1) = 3) % 4 = 3 padding @@ -16,7 +16,7 @@ export function base64URLStringToBuffer(base64URLString: string): ArrayBuffer { * (4 - (88 % 4 = 0) = 4) % 4 = 0 padding */ const padLength = (4 - (base64.length % 4)) % 4; - const padded = base64.padEnd(base64.length + padLength, "="); + const padded = base64.padEnd(base64.length + padLength, '='); // Convert to a binary string const binary = atob(padded); diff --git a/packages/browser/src/helpers/browserSupportsWebAuthn.test.ts b/packages/browser/src/helpers/browserSupportsWebAuthn.test.ts index 639bd2f..dcd5c7c 100644 --- a/packages/browser/src/helpers/browserSupportsWebAuthn.test.ts +++ b/packages/browser/src/helpers/browserSupportsWebAuthn.test.ts @@ -1,26 +1,26 @@ -import { browserSupportsWebAuthn } from "./browserSupportsWebAuthn"; +import { browserSupportsWebAuthn } from './browserSupportsWebAuthn'; beforeEach(() => { // @ts-ignore 2741 window.PublicKeyCredential = jest.fn().mockReturnValue(() => {}); }); -test("should return true when browser supports WebAuthn", () => { +test('should return true when browser supports WebAuthn', () => { expect(browserSupportsWebAuthn()).toBe(true); }); -test("should return false when browser does not support WebAuthn", () => { +test('should return false when browser does not support WebAuthn', () => { // This looks weird but it appeases the linter so it's _fiiiine_ delete (window as { PublicKeyCredential: unknown }).PublicKeyCredential; expect(browserSupportsWebAuthn()).toBe(false); }); -test("should return false when window is undefined", () => { +test('should return false when window is undefined', () => { // Make window undefined as it is in node environments. - const windowSpy = jest.spyOn<typeof globalThis, "window">( + const windowSpy = jest.spyOn<typeof globalThis, 'window'>( global, - "window", - "get", + 'window', + 'get', ); // @ts-ignore: Intentionally making window unavailable windowSpy.mockImplementation(() => undefined); diff --git a/packages/browser/src/helpers/browserSupportsWebAuthn.ts b/packages/browser/src/helpers/browserSupportsWebAuthn.ts index 02b3c43..706862d 100644 --- a/packages/browser/src/helpers/browserSupportsWebAuthn.ts +++ b/packages/browser/src/helpers/browserSupportsWebAuthn.ts @@ -4,6 +4,6 @@ export function browserSupportsWebAuthn(): boolean { return ( window?.PublicKeyCredential !== undefined && - typeof window.PublicKeyCredential === "function" + typeof window.PublicKeyCredential === 'function' ); } diff --git a/packages/browser/src/helpers/browserSupportsWebAuthnAutofill.ts b/packages/browser/src/helpers/browserSupportsWebAuthnAutofill.ts index 621ab9a..cfdfb52 100644 --- a/packages/browser/src/helpers/browserSupportsWebAuthnAutofill.ts +++ b/packages/browser/src/helpers/browserSupportsWebAuthnAutofill.ts @@ -1,4 +1,4 @@ -import { PublicKeyCredentialFuture } from "@simplewebauthn/typescript-types"; +import { PublicKeyCredentialFuture } from '@simplewebauthn/typescript-types'; /** * Determine if the browser supports conditional UI, so that WebAuthn credentials can diff --git a/packages/browser/src/helpers/bufferToBase64URLString.ts b/packages/browser/src/helpers/bufferToBase64URLString.ts index 0bd29b5..6a40cbb 100644 --- a/packages/browser/src/helpers/bufferToBase64URLString.ts +++ b/packages/browser/src/helpers/bufferToBase64URLString.ts @@ -6,7 +6,7 @@ */ export function bufferToBase64URLString(buffer: ArrayBuffer): string { const bytes = new Uint8Array(buffer); - let str = ""; + let str = ''; for (const charCode of bytes) { str += String.fromCharCode(charCode); @@ -14,5 +14,5 @@ export function bufferToBase64URLString(buffer: ArrayBuffer): string { const base64String = btoa(str); - return base64String.replace(/\+/g, "-").replace(/\//g, "_").replace(/=/g, ""); + return base64String.replace(/\+/g, '-').replace(/\//g, '_').replace(/=/g, ''); } diff --git a/packages/browser/src/helpers/bufferToUTF8String.ts b/packages/browser/src/helpers/bufferToUTF8String.ts index 8a6c3b9..0da3246 100644 --- a/packages/browser/src/helpers/bufferToUTF8String.ts +++ b/packages/browser/src/helpers/bufferToUTF8String.ts @@ -3,5 +3,5 @@ * string. */ export function bufferToUTF8String(value: ArrayBuffer): string { - return new TextDecoder("utf-8").decode(value); + return new TextDecoder('utf-8').decode(value); } diff --git a/packages/browser/src/helpers/identifyAuthenticationError.ts b/packages/browser/src/helpers/identifyAuthenticationError.ts index 3d84ce2..78732b2 100644 --- a/packages/browser/src/helpers/identifyAuthenticationError.ts +++ b/packages/browser/src/helpers/identifyAuthenticationError.ts @@ -1,5 +1,5 @@ -import { isValidDomain } from "./isValidDomain"; -import { WebAuthnError } from "./webAuthnError"; +import { isValidDomain } from './isValidDomain'; +import { WebAuthnError } from './webAuthnError'; /** * Attempt to intuit _why_ an error was raised after calling `navigator.credentials.get()` @@ -14,52 +14,52 @@ export function identifyAuthenticationError({ const { publicKey } = options; if (!publicKey) { - throw Error("options was missing required publicKey property"); + throw Error('options was missing required publicKey property'); } - if (error.name === "AbortError") { + if (error.name === 'AbortError') { if (options.signal instanceof AbortSignal) { // https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 16) return new WebAuthnError({ - message: "Authentication ceremony was sent an abort signal", - code: "ERROR_CEREMONY_ABORTED", + message: 'Authentication ceremony was sent an abort signal', + code: 'ERROR_CEREMONY_ABORTED', cause: error, }); } - } else if (error.name === "NotAllowedError") { + } else if (error.name === 'NotAllowedError') { /** * Pass the error directly through. Platforms are overloading this error beyond what the spec * defines and we don't want to overwrite potentially useful error messages. */ return new WebAuthnError({ message: error.message, - code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY", + code: 'ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY', cause: error, }); - } else if (error.name === "SecurityError") { + } else if (error.name === 'SecurityError') { const effectiveDomain = window.location.hostname; if (!isValidDomain(effectiveDomain)) { // https://www.w3.org/TR/webauthn-2/#sctn-discover-from-external-source (Step 5) return new WebAuthnError({ message: `${window.location.hostname} is an invalid domain`, - code: "ERROR_INVALID_DOMAIN", + code: 'ERROR_INVALID_DOMAIN', cause: error, }); } else if (publicKey.rpId !== effectiveDomain) { // https://www.w3.org/TR/webauthn-2/#sctn-discover-from-external-source (Step 6) return new WebAuthnError({ message: `The RP ID "${publicKey.rpId}" is invalid for this domain`, - code: "ERROR_INVALID_RP_ID", + code: 'ERROR_INVALID_RP_ID', cause: error, }); } - } else if (error.name === "UnknownError") { + } else if (error.name === 'UnknownError') { // https://www.w3.org/TR/webauthn-2/#sctn-op-get-assertion (Step 1) // https://www.w3.org/TR/webauthn-2/#sctn-op-get-assertion (Step 12) return new WebAuthnError({ message: - "The authenticator was unable to process the specified options, or could not create a new assertion signature", - code: "ERROR_AUTHENTICATOR_GENERAL_ERROR", + 'The authenticator was unable to process the specified options, or could not create a new assertion signature', + code: 'ERROR_AUTHENTICATOR_GENERAL_ERROR', cause: error, }); } diff --git a/packages/browser/src/helpers/identifyRegistrationError.ts b/packages/browser/src/helpers/identifyRegistrationError.ts index d0def65..59533da 100644 --- a/packages/browser/src/helpers/identifyRegistrationError.ts +++ b/packages/browser/src/helpers/identifyRegistrationError.ts @@ -1,5 +1,5 @@ -import { isValidDomain } from "./isValidDomain"; -import { WebAuthnError } from "./webAuthnError"; +import { isValidDomain } from './isValidDomain'; +import { WebAuthnError } from './webAuthnError'; /** * Attempt to intuit _why_ an error was raised after calling `navigator.credentials.create()` @@ -14,66 +14,65 @@ export function identifyRegistrationError({ const { publicKey } = options; if (!publicKey) { - throw Error("options was missing required publicKey property"); + throw Error('options was missing required publicKey property'); } - if (error.name === "AbortError") { + if (error.name === 'AbortError') { if (options.signal instanceof AbortSignal) { // https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 16) return new WebAuthnError({ - message: "Registration ceremony was sent an abort signal", - code: "ERROR_CEREMONY_ABORTED", + message: 'Registration ceremony was sent an abort signal', + code: 'ERROR_CEREMONY_ABORTED', cause: error, }); } - } else if (error.name === "ConstraintError") { + } else if (error.name === 'ConstraintError') { if (publicKey.authenticatorSelection?.requireResidentKey === true) { // https://www.w3.org/TR/webauthn-2/#sctn-op-make-cred (Step 4) return new WebAuthnError({ message: - "Discoverable credentials were required but no available authenticator supported it", - code: "ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT", + 'Discoverable credentials were required but no available authenticator supported it', + code: 'ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT', cause: error, }); } else if ( - publicKey.authenticatorSelection?.userVerification === "required" + publicKey.authenticatorSelection?.userVerification === 'required' ) { // https://www.w3.org/TR/webauthn-2/#sctn-op-make-cred (Step 5) return new WebAuthnError({ - message: - "User verification was required but no available authenticator supported it", - code: "ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT", + message: 'User verification was required but no available authenticator supported it', + code: 'ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT', cause: error, }); } - } else if (error.name === "InvalidStateError") { + } else if (error.name === 'InvalidStateError') { // https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 20) // https://www.w3.org/TR/webauthn-2/#sctn-op-make-cred (Step 3) return new WebAuthnError({ - message: "The authenticator was previously registered", - code: "ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED", + message: 'The authenticator was previously registered', + code: 'ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED', cause: error, }); - } else if (error.name === "NotAllowedError") { + } else if (error.name === 'NotAllowedError') { /** * Pass the error directly through. Platforms are overloading this error beyond what the spec * defines and we don't want to overwrite potentially useful error messages. */ return new WebAuthnError({ message: error.message, - code: "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY", + code: 'ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY', cause: error, }); - } else if (error.name === "NotSupportedError") { + } else if (error.name === 'NotSupportedError') { const validPubKeyCredParams = publicKey.pubKeyCredParams.filter( - (param) => param.type === "public-key", + (param) => param.type === 'public-key', ); if (validPubKeyCredParams.length === 0) { // https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 10) return new WebAuthnError({ message: 'No entry in pubKeyCredParams was of type "public-key"', - code: "ERROR_MALFORMED_PUBKEYCREDPARAMS", + code: 'ERROR_MALFORMED_PUBKEYCREDPARAMS', cause: error, }); } @@ -81,43 +80,43 @@ export function identifyRegistrationError({ // https://www.w3.org/TR/webauthn-2/#sctn-op-make-cred (Step 2) return new WebAuthnError({ message: - "No available authenticator supported any of the specified pubKeyCredParams algorithms", - code: "ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG", + 'No available authenticator supported any of the specified pubKeyCredParams algorithms', + code: 'ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG', cause: error, }); - } else if (error.name === "SecurityError") { + } else if (error.name === 'SecurityError') { const effectiveDomain = window.location.hostname; if (!isValidDomain(effectiveDomain)) { // https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 7) return new WebAuthnError({ message: `${window.location.hostname} is an invalid domain`, - code: "ERROR_INVALID_DOMAIN", + code: 'ERROR_INVALID_DOMAIN', cause: error, }); } else if (publicKey.rp.id !== effectiveDomain) { // https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 8) return new WebAuthnError({ message: `The RP ID "${publicKey.rp.id}" is invalid for this domain`, - code: "ERROR_INVALID_RP_ID", + code: 'ERROR_INVALID_RP_ID', cause: error, }); } - } else if (error.name === "TypeError") { + } else if (error.name === 'TypeError') { if (publicKey.user.id.byteLength < 1 || publicKey.user.id.byteLength > 64) { // https://www.w3.org/TR/webauthn-2/#sctn-createCredential (Step 5) return new WebAuthnError({ - message: "User ID was not between 1 and 64 characters", - code: "ERROR_INVALID_USER_ID_LENGTH", + message: 'User ID was not between 1 and 64 characters', + code: 'ERROR_INVALID_USER_ID_LENGTH', cause: error, }); } - } else if (error.name === "UnknownError") { + } else if (error.name === 'UnknownError') { // https://www.w3.org/TR/webauthn-2/#sctn-op-make-cred (Step 1) // https://www.w3.org/TR/webauthn-2/#sctn-op-make-cred (Step 8) return new WebAuthnError({ message: - "The authenticator was unable to process the specified options, or could not create a new credential", - code: "ERROR_AUTHENTICATOR_GENERAL_ERROR", + 'The authenticator was unable to process the specified options, or could not create a new credential', + code: 'ERROR_AUTHENTICATOR_GENERAL_ERROR', cause: error, }); } diff --git a/packages/browser/src/helpers/isValidDomain.ts b/packages/browser/src/helpers/isValidDomain.ts index 3e1ad10..22f045f 100644 --- a/packages/browser/src/helpers/isValidDomain.ts +++ b/packages/browser/src/helpers/isValidDomain.ts @@ -9,7 +9,7 @@ export function isValidDomain(hostname: string): boolean { return ( // Consider localhost valid as well since it's okay wrt Secure Contexts - hostname === "localhost" || + hostname === 'localhost' || /^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(hostname) ); } diff --git a/packages/browser/src/helpers/platformAuthenticatorIsAvailable.test.ts b/packages/browser/src/helpers/platformAuthenticatorIsAvailable.test.ts index 6b3e90c..6f2b91d 100644 --- a/packages/browser/src/helpers/platformAuthenticatorIsAvailable.test.ts +++ b/packages/browser/src/helpers/platformAuthenticatorIsAvailable.test.ts @@ -1,4 +1,4 @@ -import { platformAuthenticatorIsAvailable } from "./platformAuthenticatorIsAvailable"; +import { platformAuthenticatorIsAvailable } from './platformAuthenticatorIsAvailable'; const mockIsUVPAA = jest.fn(); @@ -7,17 +7,17 @@ beforeEach(() => { // @ts-ignore 2741 window.PublicKeyCredential = jest.fn().mockReturnValue(() => {}); - window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable = - mockIsUVPAA.mockResolvedValue(true); + window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable = mockIsUVPAA + .mockResolvedValue(true); }); -test("should return true when platform authenticator is available", async () => { +test('should return true when platform authenticator is available', async () => { const isAvailable = await platformAuthenticatorIsAvailable(); expect(isAvailable).toEqual(true); }); -test("should return false when platform authenticator is unavailable", async () => { +test('should return false when platform authenticator is unavailable', async () => { mockIsUVPAA.mockResolvedValue(false); const isAvailable = await platformAuthenticatorIsAvailable(); @@ -25,7 +25,7 @@ test("should return false when platform authenticator is unavailable", async () expect(isAvailable).toEqual(false); }); -test("should return false when browser does not support WebAuthn", async () => { +test('should return false when browser does not support WebAuthn', async () => { // This looks weird but it appeases the linter so it's _fiiiine_ delete (window as { PublicKeyCredential: unknown }).PublicKeyCredential; const isAvailable = await platformAuthenticatorIsAvailable(); diff --git a/packages/browser/src/helpers/platformAuthenticatorIsAvailable.ts b/packages/browser/src/helpers/platformAuthenticatorIsAvailable.ts index d188669..269789c 100644 --- a/packages/browser/src/helpers/platformAuthenticatorIsAvailable.ts +++ b/packages/browser/src/helpers/platformAuthenticatorIsAvailable.ts @@ -1,4 +1,4 @@ -import { browserSupportsWebAuthn } from "./browserSupportsWebAuthn"; +import { browserSupportsWebAuthn } from './browserSupportsWebAuthn'; /** * Determine whether the browser can communicate with a built-in authenticator, like diff --git a/packages/browser/src/helpers/toAuthenticatorAttachment.ts b/packages/browser/src/helpers/toAuthenticatorAttachment.ts index 99319fb..366cf8f 100644 --- a/packages/browser/src/helpers/toAuthenticatorAttachment.ts +++ b/packages/browser/src/helpers/toAuthenticatorAttachment.ts @@ -1,6 +1,6 @@ -import { AuthenticatorAttachment } from "@simplewebauthn/typescript-types"; +import { AuthenticatorAttachment } from '@simplewebauthn/typescript-types'; -const attachments: AuthenticatorAttachment[] = ["cross-platform", "platform"]; +const attachments: AuthenticatorAttachment[] = ['cross-platform', 'platform']; /** * If possible coerce a `string` value into a known `AuthenticatorAttachment` diff --git a/packages/browser/src/helpers/toPublicKeyCredentialDescriptor.ts b/packages/browser/src/helpers/toPublicKeyCredentialDescriptor.ts index 258efe2..e4c34a2 100644 --- a/packages/browser/src/helpers/toPublicKeyCredentialDescriptor.ts +++ b/packages/browser/src/helpers/toPublicKeyCredentialDescriptor.ts @@ -1,6 +1,6 @@ -import type { PublicKeyCredentialDescriptorJSON } from "@simplewebauthn/typescript-types"; +import type { PublicKeyCredentialDescriptorJSON } from '@simplewebauthn/typescript-types'; -import { base64URLStringToBuffer } from "./base64URLStringToBuffer"; +import { base64URLStringToBuffer } from './base64URLStringToBuffer'; export function toPublicKeyCredentialDescriptor( descriptor: PublicKeyCredentialDescriptorJSON, diff --git a/packages/browser/src/helpers/webAuthnAbortService.test.ts b/packages/browser/src/helpers/webAuthnAbortService.test.ts index e8d358e..506bb2a 100644 --- a/packages/browser/src/helpers/webAuthnAbortService.test.ts +++ b/packages/browser/src/helpers/webAuthnAbortService.test.ts @@ -1,13 +1,13 @@ -import { webauthnAbortService } from "./webAuthnAbortService"; +import { webauthnAbortService } from './webAuthnAbortService'; -test("should create a new abort signal every time", () => { +test('should create a new abort signal every time', () => { const signal1 = webauthnAbortService.createNewAbortSignal(); const signal2 = webauthnAbortService.createNewAbortSignal(); expect(signal2).not.toBe(signal1); }); -test("should call abort() with AbortError on existing controller when creating a new signal", () => { +test('should call abort() with AbortError on existing controller when creating a new signal', () => { // Populate `.controller` webauthnAbortService.createNewAbortSignal(); @@ -23,5 +23,5 @@ test("should call abort() with AbortError on existing controller when creating a // Make sure we raise an AbortError so it can be detected correctly const abortReason = abortSpy.mock.calls[0][0]; expect(abortReason).toBeInstanceOf(Error); - expect(abortReason.name).toEqual("AbortError"); + expect(abortReason.name).toEqual('AbortError'); }); diff --git a/packages/browser/src/helpers/webAuthnAbortService.ts b/packages/browser/src/helpers/webAuthnAbortService.ts index eb0e9be..50e00ba 100644 --- a/packages/browser/src/helpers/webAuthnAbortService.ts +++ b/packages/browser/src/helpers/webAuthnAbortService.ts @@ -13,9 +13,9 @@ class WebAuthnAbortService { // Abort any existing calls to navigator.credentials.create() or navigator.credentials.get() if (this.controller) { const abortError = new Error( - "Cancelling existing WebAuthn API call for new one", + 'Cancelling existing WebAuthn API call for new one', ); - abortError.name = "AbortError"; + abortError.name = 'AbortError'; this.controller.abort(abortError); } diff --git a/packages/browser/src/helpers/webAuthnError.ts b/packages/browser/src/helpers/webAuthnError.ts index bf60341..fb1def5 100644 --- a/packages/browser/src/helpers/webAuthnError.ts +++ b/packages/browser/src/helpers/webAuthnError.ts @@ -37,14 +37,14 @@ export class WebAuthnError extends Error { } export type WebAuthnErrorCode = - | "ERROR_CEREMONY_ABORTED" - | "ERROR_INVALID_DOMAIN" - | "ERROR_INVALID_RP_ID" - | "ERROR_INVALID_USER_ID_LENGTH" - | "ERROR_MALFORMED_PUBKEYCREDPARAMS" - | "ERROR_AUTHENTICATOR_GENERAL_ERROR" - | "ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT" - | "ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT" - | "ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED" - | "ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG" - | "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY"; + | 'ERROR_CEREMONY_ABORTED' + | 'ERROR_INVALID_DOMAIN' + | 'ERROR_INVALID_RP_ID' + | 'ERROR_INVALID_USER_ID_LENGTH' + | 'ERROR_MALFORMED_PUBKEYCREDPARAMS' + | 'ERROR_AUTHENTICATOR_GENERAL_ERROR' + | 'ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT' + | 'ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT' + | 'ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED' + | 'ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG' + | 'ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY'; diff --git a/packages/browser/src/index.test.ts b/packages/browser/src/index.test.ts index ee659d2..945ea1a 100644 --- a/packages/browser/src/index.test.ts +++ b/packages/browser/src/index.test.ts @@ -1,17 +1,17 @@ -import * as index from "./index"; +import * as index from './index'; -test("should export method `startRegistration`", () => { +test('should export method `startRegistration`', () => { expect(index.startRegistration).toBeDefined(); }); -test("should export method `startAuthentication`", () => { +test('should export method `startAuthentication`', () => { expect(index.startAuthentication).toBeDefined(); }); -test("should export method `browserSupportsWebAuthn`", () => { +test('should export method `browserSupportsWebAuthn`', () => { expect(index.browserSupportsWebAuthn).toBeDefined(); }); -test("should export method `platformAuthenticatorIsAvailable`", () => { +test('should export method `platformAuthenticatorIsAvailable`', () => { expect(index.browserSupportsWebAuthn).toBeDefined(); }); diff --git a/packages/browser/src/index.ts b/packages/browser/src/index.ts index 7fe2c4b..77cd491 100644 --- a/packages/browser/src/index.ts +++ b/packages/browser/src/index.ts @@ -2,11 +2,11 @@ * @packageDocumentation * @module @simplewebauthn/browser */ -import { startRegistration } from "./methods/startRegistration"; -import { startAuthentication } from "./methods/startAuthentication"; -import { browserSupportsWebAuthn } from "./helpers/browserSupportsWebAuthn"; -import { platformAuthenticatorIsAvailable } from "./helpers/platformAuthenticatorIsAvailable"; -import { browserSupportsWebAuthnAutofill } from "./helpers/browserSupportsWebAuthnAutofill"; +import { startRegistration } from './methods/startRegistration'; +import { startAuthentication } from './methods/startAuthentication'; +import { browserSupportsWebAuthn } from './helpers/browserSupportsWebAuthn'; +import { platformAuthenticatorIsAvailable } from './helpers/platformAuthenticatorIsAvailable'; +import { browserSupportsWebAuthnAutofill } from './helpers/browserSupportsWebAuthnAutofill'; export { browserSupportsWebAuthn, @@ -16,4 +16,4 @@ export { startRegistration, }; -export type { WebAuthnErrorCode } from "./helpers/webAuthnError"; +export type { WebAuthnErrorCode } from './helpers/webAuthnError'; diff --git a/packages/browser/src/methods/startAuthentication.test.ts b/packages/browser/src/methods/startAuthentication.test.ts index 73770d8..11f078e 100644 --- a/packages/browser/src/methods/startAuthentication.test.ts +++ b/packages/browser/src/methods/startAuthentication.test.ts @@ -3,39 +3,38 @@ import { AuthenticationExtensionsClientInputs, AuthenticationExtensionsClientOutputs, PublicKeyCredentialRequestOptionsJSON, -} from "@simplewebauthn/typescript-types"; +} from '@simplewebauthn/typescript-types'; -import { browserSupportsWebAuthn } from "../helpers/browserSupportsWebAuthn"; -import { browserSupportsWebAuthnAutofill } from "../helpers/browserSupportsWebAuthnAutofill"; -import { utf8StringToBuffer } from "../helpers/utf8StringToBuffer"; -import { bufferToBase64URLString } from "../helpers/bufferToBase64URLString"; -import { WebAuthnError } from "../helpers/webAuthnError"; -import { generateCustomError } from "../helpers/__jest__/generateCustomError"; -import { webauthnAbortService } from "../helpers/webAuthnAbortService"; +import { browserSupportsWebAuthn } from '../helpers/browserSupportsWebAuthn'; +import { browserSupportsWebAuthnAutofill } from '../helpers/browserSupportsWebAuthnAutofill'; +import { utf8StringToBuffer } from '../helpers/utf8StringToBuffer'; +import { bufferToBase64URLString } from '../helpers/bufferToBase64URLString'; +import { WebAuthnError } from '../helpers/webAuthnError'; +import { generateCustomError } from '../helpers/__jest__/generateCustomError'; +import { webauthnAbortService } from '../helpers/webAuthnAbortService'; -import { startAuthentication } from "./startAuthentication"; +import { startAuthentication } from './startAuthentication'; -jest.mock("../helpers/browserSupportsWebAuthn"); -jest.mock("../helpers/browserSupportsWebAuthnAutofill"); +jest.mock('../helpers/browserSupportsWebAuthn'); +jest.mock('../helpers/browserSupportsWebAuthnAutofill'); const mockNavigatorGet = window.navigator.credentials.get as jest.Mock; const mockSupportsWebAuthn = browserSupportsWebAuthn as jest.Mock; const mockSupportsAutofill = browserSupportsWebAuthnAutofill as jest.Mock; -const mockAuthenticatorData = "mockAuthenticatorData"; -const mockClientDataJSON = "mockClientDataJSON"; -const mockSignature = "mockSignature"; -const mockUserHandle = "mockUserHandle"; +const mockAuthenticatorData = 'mockAuthenticatorData'; +const mockClientDataJSON = 'mockClientDataJSON'; +const mockSignature = 'mockSignature'; +const mockUserHandle = 'mockUserHandle'; // With ASCII challenge const goodOpts1: PublicKeyCredentialRequestOptionsJSON = { - challenge: bufferToBase64URLString(utf8StringToBuffer("fizz")), + challenge: bufferToBase64URLString(utf8StringToBuffer('fizz')), allowCredentials: [ { - id: - "C0VGlvYFratUdAV1iCw-ULpUW8E-exHPXQChBfyVeJZCMfjMFcwDmOFgoMUz39LoMtCJUBW8WPlLkGT6q8qTCg", - type: "public-key", - transports: ["nfc"], + id: 'C0VGlvYFratUdAV1iCw-ULpUW8E-exHPXQChBfyVeJZCMfjMFcwDmOFgoMUz39LoMtCJUBW8WPlLkGT6q8qTCg', + type: 'public-key', + transports: ['nfc'], }, ], timeout: 1, @@ -43,7 +42,7 @@ const goodOpts1: PublicKeyCredentialRequestOptionsJSON = { // With UTF-8 challenge const goodOpts2UTF8: PublicKeyCredentialRequestOptionsJSON = { - challenge: bufferToBase64URLString(utf8StringToBuffer("やれやれだぜ")), + challenge: bufferToBase64URLString(utf8StringToBuffer('やれやれだぜ')), allowCredentials: [], timeout: 1, }; @@ -73,7 +72,7 @@ afterEach(() => { mockSupportsAutofill.mockReset(); }); -test("should convert options before passing to navigator.credentials.get(...)", async () => { +test('should convert options before passing to navigator.credentials.get(...)', async () => { await startAuthentication(goodOpts1); const argsPublicKey = mockNavigatorGet.mock.calls[0][0].publicKey; @@ -87,63 +86,63 @@ test("should convert options before passing to navigator.credentials.get(...)", expect(credId.byteLength).toEqual(64); }); -test("should support optional allowCredential", async () => { +test('should support optional allowCredential', async () => { await startAuthentication({ - challenge: bufferToBase64URLString(utf8StringToBuffer("fizz")), + challenge: bufferToBase64URLString(utf8StringToBuffer('fizz')), timeout: 1, }); expect(mockNavigatorGet.mock.calls[0][0].allowCredentials).toEqual(undefined); }); -test("should convert allow allowCredential to undefined when empty", async () => { +test('should convert allow allowCredential to undefined when empty', async () => { await startAuthentication({ - challenge: bufferToBase64URLString(utf8StringToBuffer("fizz")), + challenge: bufferToBase64URLString(utf8StringToBuffer('fizz')), timeout: 1, allowCredentials: [], }); expect(mockNavigatorGet.mock.calls[0][0].allowCredentials).toEqual(undefined); }); -test("should return base64url-encoded response values", async () => { +test('should return base64url-encoded response values', async () => { mockNavigatorGet.mockImplementation((): Promise<AuthenticationCredential> => { return new Promise((resolve) => { resolve({ - id: "foobar", - rawId: Buffer.from("foobar", "ascii"), + id: 'foobar', + rawId: Buffer.from('foobar', 'ascii'), response: { - authenticatorData: Buffer.from(mockAuthenticatorData, "ascii"), - clientDataJSON: Buffer.from(mockClientDataJSON, "ascii"), - signature: Buffer.from(mockSignature, "ascii"), - userHandle: Buffer.from(mockUserHandle, "ascii"), + authenticatorData: Buffer.from(mockAuthenticatorData, 'ascii'), + clientDataJSON: Buffer.from(mockClientDataJSON, 'ascii'), + signature: Buffer.from(mockSignature, 'ascii'), + userHandle: Buffer.from(mockUserHandle, 'ascii'), }, getClientExtensionResults: () => ({}), - type: "public-key", - authenticatorAttachment: "", + type: 'public-key', + authenticatorAttachment: '', }); }); }); const response = await startAuthentication(goodOpts1); - expect(response.rawId).toEqual("Zm9vYmFy"); + expect(response.rawId).toEqual('Zm9vYmFy'); expect(response.response.authenticatorData).toEqual( - "bW9ja0F1dGhlbnRpY2F0b3JEYXRh", + 'bW9ja0F1dGhlbnRpY2F0b3JEYXRh', ); - expect(response.response.clientDataJSON).toEqual("bW9ja0NsaWVudERhdGFKU09O"); - expect(response.response.signature).toEqual("bW9ja1NpZ25hdHVyZQ"); - expect(response.response.userHandle).toEqual("mockUserHandle"); + expect(response.response.clientDataJSON).toEqual('bW9ja0NsaWVudERhdGFKU09O'); + expect(response.response.signature).toEqual('bW9ja1NpZ25hdHVyZQ'); + expect(response.response.userHandle).toEqual('mockUserHandle'); }); -test("should throw error if WebAuthn isn't supported", async () => { +test('should throw error if WebAuthn isn\'t supported', async () => { mockSupportsWebAuthn.mockReturnValue(false); await expect(startAuthentication(goodOpts1)).rejects.toThrow( - "WebAuthn is not supported in this browser", + 'WebAuthn is not supported in this browser', ); }); -test("should throw error if assertion is cancelled for some reason", async () => { +test('should throw error if assertion is cancelled for some reason', async () => { mockNavigatorGet.mockImplementation((): Promise<null> => { return new Promise((resolve) => { resolve(null); @@ -151,11 +150,11 @@ test("should throw error if assertion is cancelled for some reason", async () => }); await expect(startAuthentication(goodOpts1)).rejects.toThrow( - "Authentication was not completed", + 'Authentication was not completed', ); }); -test("should handle UTF-8 challenges", async () => { +test('should handle UTF-8 challenges', async () => { await startAuthentication(goodOpts2UTF8); const argsPublicKey = mockNavigatorGet.mock.calls[0][0].publicKey; @@ -184,14 +183,14 @@ test("should handle UTF-8 challenges", async () => { ); }); -test("should send extensions to authenticator if present in options", async () => { +test('should send extensions to authenticator if present in options', async () => { const extensions: AuthenticationExtensionsClientInputs = { credProps: true, - appid: "appidHere", + appid: 'appidHere', // @ts-ignore: Send arbitrary extensions uvm: true, // @ts-ignore: Send arbitrary extensions - appidExclude: "appidExcludeHere", + appidExclude: 'appidExcludeHere', }; const optsWithExts: PublicKeyCredentialRequestOptionsJSON = { ...goodOpts1, @@ -204,7 +203,7 @@ test("should send extensions to authenticator if present in options", async () = expect(argsExtensions).toEqual(extensions); }); -test("should not set any extensions if not present in options", async () => { +test('should not set any extensions if not present in options', async () => { await startAuthentication(goodOpts1); const argsExtensions = mockNavigatorGet.mock.calls[0][0].publicKey.extensions; @@ -212,7 +211,7 @@ test("should not set any extensions if not present in options", async () => { expect(argsExtensions).toEqual(undefined); }); -test("should include extension results", async () => { +test('should include extension results', async () => { const extResults: AuthenticationExtensionsClientOutputs = { appid: true, credProps: { @@ -233,7 +232,7 @@ test("should include extension results", async () => { expect(response.clientExtensionResults).toEqual(extResults); }); -test("should include extension results when no extensions specified", async () => { +test('should include extension results when no extensions specified', async () => { const response = await startAuthentication(goodOpts1); expect(response.clientExtensionResults).toEqual({}); @@ -245,7 +244,7 @@ test('should support "cable" transport', async () => { allowCredentials: [ { ...goodOpts1.allowCredentials![0], - transports: ["cable"], + transports: ['cable'], }, ], }; @@ -256,12 +255,12 @@ test('should support "cable" transport', async () => { mockNavigatorGet.mock.calls[0][0].publicKey.allowCredentials[0] .transports[0], ).toEqual( - "cable", + 'cable', ); }); -test("should cancel an existing call when executed again", async () => { - const abortSpy = jest.spyOn(AbortController.prototype, "abort"); +test('should cancel an existing call when executed again', async () => { + const abortSpy = jest.spyOn(AbortController.prototype, 'abort'); // Fire off a request and immediately attempt a second one startAuthentication(goodOpts1); @@ -269,13 +268,13 @@ test("should cancel an existing call when executed again", async () => { expect(abortSpy).toHaveBeenCalledTimes(1); }); -test("should set up autofill a.k.a. Conditional UI", async () => { +test('should set up autofill a.k.a. Conditional UI', async () => { const opts: PublicKeyCredentialRequestOptionsJSON = { ...goodOpts1, allowCredentials: [ { ...goodOpts1.allowCredentials![0], - transports: ["cable"], + transports: ['cable'], }, ], }; @@ -290,7 +289,7 @@ test("should set up autofill a.k.a. Conditional UI", async () => { await startAuthentication(opts, true); // The most important bit - expect(mockNavigatorGet.mock.calls[0][0].mediation).toEqual("conditional"); + expect(mockNavigatorGet.mock.calls[0][0].mediation).toEqual('conditional'); // The latest version of https://github.com/w3c/webauthn/pull/1576 says allowCredentials should // be an "empty list", as opposed to being undefined expect(mockNavigatorGet.mock.calls[0][0].publicKey.allowCredentials) @@ -299,7 +298,7 @@ test("should set up autofill a.k.a. Conditional UI", async () => { .toEqual(0); }); -test("should throw error if autofill not supported", async () => { +test('should throw error if autofill not supported', async () => { mockSupportsAutofill.mockResolvedValue(false); const rejected = await expect(startAuthentication(goodOpts1, true)).rejects; @@ -307,7 +306,7 @@ test("should throw error if autofill not supported", async () => { rejected.toThrow(/does not support webauthn autofill/i); }); -test("should throw error if no acceptable <input> is found", async () => { +test('should throw error if no acceptable <input> is found', async () => { // <input> is missing "webauthn" from the autocomplete attribute document.body.innerHTML = ` <form> @@ -322,26 +321,26 @@ test("should throw error if no acceptable <input> is found", async () => { rejected.toThrow(/no <input>/i); }); -test("should return authenticatorAttachment if present", async () => { +test('should return authenticatorAttachment if present', async () => { // Mock extension return values from authenticator mockNavigatorGet.mockImplementation((): Promise<unknown> => { return new Promise((resolve) => { resolve({ response: {}, getClientExtensionResults: () => {}, - authenticatorAttachment: "cross-platform", + authenticatorAttachment: 'cross-platform', }); }); }); const response = await startAuthentication(goodOpts1); - expect(response.authenticatorAttachment).toEqual("cross-platform"); + expect(response.authenticatorAttachment).toEqual('cross-platform'); }); -describe("WebAuthnError", () => { - describe("AbortError", () => { - const AbortError = generateCustomError("AbortError"); +describe('WebAuthnError', () => { + describe('AbortError', () => { + const AbortError = generateCustomError('AbortError'); /** * We can't actually test this because nothing in startAuthentication() propagates the abort @@ -350,20 +349,20 @@ describe("WebAuthnError", () => { * * As a matter of fact I couldn't actually get any browser to respect the abort signal... */ - test.skip("should identify abort signal", async () => { + test.skip('should identify abort signal', async () => { mockNavigatorGet.mockRejectedValueOnce(AbortError); const rejected = await expect(startAuthentication(goodOpts1)).rejects; rejected.toThrow(WebAuthnError); rejected.toThrow(/abort signal/i); - rejected.toHaveProperty("name", "AbortError"); - rejected.toHaveProperty("code", "ERROR_CEREMONY_ABORTED"); - rejected.toHaveProperty("cause", AbortError); + rejected.toHaveProperty('name', 'AbortError'); + rejected.toHaveProperty('code', 'ERROR_CEREMONY_ABORTED'); + rejected.toHaveProperty('cause', AbortError); }); }); - describe("NotAllowedError", () => { - test("should pass through error message (iOS Safari - Operation failed)", async () => { + describe('NotAllowedError', () => { + test('should pass through error message (iOS Safari - Operation failed)', async () => { /** * Thrown when biometric is not enrolled, or a Safari bug prevents conditional UI from being * aborted properly between page reloads. @@ -371,20 +370,20 @@ describe("WebAuthnError", () => { * See https://github.com/MasterKale/SimpleWebAuthn/discussions/350#discussioncomment-4896572 */ const NotAllowedError = generateCustomError( - "NotAllowedError", - "Operation failed.", + 'NotAllowedError', + 'Operation failed.', ); mockNavigatorGet.mockRejectedValueOnce(NotAllowedError); const rejected = await expect(startAuthentication(goodOpts1)).rejects; rejected.toThrow(Error); rejected.toThrow(/operation failed/i); - rejected.toHaveProperty("name", "NotAllowedError"); - rejected.toHaveProperty("code", "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY"); - rejected.toHaveProperty("cause", NotAllowedError); + rejected.toHaveProperty('name', 'NotAllowedError'); + rejected.toHaveProperty('code', 'ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY'); + rejected.toHaveProperty('cause', NotAllowedError); }); - test("should pass through error message (Chrome M110 - Bad TLS Cert)", async () => { + test('should pass through error message (Chrome M110 - Bad TLS Cert)', async () => { /** * Starting from Chrome M110, WebAuthn is blocked if the site is being displayed on a URL with * TLS certificate issues. This includes during development. @@ -392,22 +391,22 @@ describe("WebAuthnError", () => { * See https://github.com/MasterKale/SimpleWebAuthn/discussions/351#discussioncomment-4910458 */ const NotAllowedError = generateCustomError( - "NotAllowedError", - "WebAuthn is not supported on sites with TLS certificate errors.", + 'NotAllowedError', + 'WebAuthn is not supported on sites with TLS certificate errors.', ); mockNavigatorGet.mockRejectedValueOnce(NotAllowedError); const rejected = await expect(startAuthentication(goodOpts1)).rejects; rejected.toThrow(Error); rejected.toThrow(/sites with TLS certificate errors/i); - rejected.toHaveProperty("name", "NotAllowedError"); - rejected.toHaveProperty("code", "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY"); - rejected.toHaveProperty("cause", NotAllowedError); + rejected.toHaveProperty('name', 'NotAllowedError'); + rejected.toHaveProperty('code', 'ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY'); + rejected.toHaveProperty('cause', NotAllowedError); }); }); - describe("SecurityError", () => { - const SecurityError = generateCustomError("SecurityError"); + describe('SecurityError', () => { + const SecurityError = generateCustomError('SecurityError'); let _originalHostName: string; @@ -419,8 +418,8 @@ describe("WebAuthnError", () => { window.location.hostname = _originalHostName; }); - test("should identify invalid domain", async () => { - window.location.hostname = "1.2.3.4"; + test('should identify invalid domain', async () => { + window.location.hostname = '1.2.3.4'; mockNavigatorGet.mockRejectedValueOnce(SecurityError); @@ -428,13 +427,13 @@ describe("WebAuthnError", () => { rejected.toThrowError(WebAuthnError); rejected.toThrow(/1\.2\.3\.4/); rejected.toThrow(/invalid domain/i); - rejected.toHaveProperty("name", "SecurityError"); - rejected.toHaveProperty("code", "ERROR_INVALID_DOMAIN"); - rejected.toHaveProperty("cause", SecurityError); + rejected.toHaveProperty('name', 'SecurityError'); + rejected.toHaveProperty('code', 'ERROR_INVALID_DOMAIN'); + rejected.toHaveProperty('cause', SecurityError); }); - test("should identify invalid RP ID", async () => { - window.location.hostname = "simplewebauthn.com"; + test('should identify invalid RP ID', async () => { + window.location.hostname = 'simplewebauthn.com'; mockNavigatorGet.mockRejectedValueOnce(SecurityError); @@ -442,16 +441,16 @@ describe("WebAuthnError", () => { rejected.toThrowError(WebAuthnError); rejected.toThrow(goodOpts1.rpId); rejected.toThrow(/invalid for this domain/i); - rejected.toHaveProperty("name", "SecurityError"); - rejected.toHaveProperty("code", "ERROR_INVALID_RP_ID"); - rejected.toHaveProperty("cause", SecurityError); + rejected.toHaveProperty('name', 'SecurityError'); + rejected.toHaveProperty('code', 'ERROR_INVALID_RP_ID'); + rejected.toHaveProperty('cause', SecurityError); }); }); - describe("UnknownError", () => { - const UnknownError = generateCustomError("UnknownError"); + describe('UnknownError', () => { + const UnknownError = generateCustomError('UnknownError'); - test("should identify potential authenticator issues", async () => { + test('should identify potential authenticator issues', async () => { mockNavigatorGet.mockRejectedValueOnce(UnknownError); const rejected = await expect(startAuthentication(goodOpts1)).rejects; @@ -459,9 +458,9 @@ describe("WebAuthnError", () => { rejected.toThrow(/authenticator/i); rejected.toThrow(/unable to process the specified options/i); rejected.toThrow(/could not create a new assertion signature/i); - rejected.toHaveProperty("name", "UnknownError"); - rejected.toHaveProperty("code", "ERROR_AUTHENTICATOR_GENERAL_ERROR"); - rejected.toHaveProperty("cause", UnknownError); + rejected.toHaveProperty('name', 'UnknownError'); + rejected.toHaveProperty('code', 'ERROR_AUTHENTICATOR_GENERAL_ERROR'); + rejected.toHaveProperty('cause', UnknownError); }); }); }); diff --git a/packages/browser/src/methods/startAuthentication.ts b/packages/browser/src/methods/startAuthentication.ts index 5147232..f6782ab 100644 --- a/packages/browser/src/methods/startAuthentication.ts +++ b/packages/browser/src/methods/startAuthentication.ts @@ -2,17 +2,17 @@ import { AuthenticationCredential, AuthenticationResponseJSON, PublicKeyCredentialRequestOptionsJSON, -} from "@simplewebauthn/typescript-types"; +} from '@simplewebauthn/typescript-types'; -import { bufferToBase64URLString } from "../helpers/bufferToBase64URLString"; -import { base64URLStringToBuffer } from "../helpers/base64URLStringToBuffer"; -import { bufferToUTF8String } from "../helpers/bufferToUTF8String"; -import { browserSupportsWebAuthn } from "../helpers/browserSupportsWebAuthn"; -import { browserSupportsWebAuthnAutofill } from "../helpers/browserSupportsWebAuthnAutofill"; -import { toPublicKeyCredentialDescriptor } from "../helpers/toPublicKeyCredentialDescriptor"; -import { identifyAuthenticationError } from "../helpers/identifyAuthenticationError"; -import { webauthnAbortService } from "../helpers/webAuthnAbortService"; -import { toAuthenticatorAttachment } from "../helpers/toAuthenticatorAttachment"; +import { bufferToBase64URLString } from '../helpers/bufferToBase64URLString'; +import { base64URLStringToBuffer } from '../helpers/base64URLStringToBuffer'; +import { bufferToUTF8String } from '../helpers/bufferToUTF8String'; +import { browserSupportsWebAuthn } from '../helpers/browserSupportsWebAuthn'; +import { browserSupportsWebAuthnAutofill } from '../helpers/browserSupportsWebAuthnAutofill'; +import { toPublicKeyCredentialDescriptor } from '../helpers/toPublicKeyCredentialDescriptor'; +import { identifyAuthenticationError } from '../helpers/identifyAuthenticationError'; +import { webauthnAbortService } from '../helpers/webAuthnAbortService'; +import { toAuthenticatorAttachment } from '../helpers/toAuthenticatorAttachment'; /** * Begin authenticator "login" via WebAuthn assertion @@ -26,7 +26,7 @@ export async function startAuthentication( useBrowserAutofill = false, ): Promise<AuthenticationResponseJSON> { if (!browserSupportsWebAuthn()) { - throw new Error("WebAuthn is not supported in this browser"); + throw new Error('WebAuthn is not supported in this browser'); } // We need to avoid passing empty array to avoid blocking retrieval @@ -54,12 +54,12 @@ export async function startAuthentication( */ if (useBrowserAutofill) { if (!(await browserSupportsWebAuthnAutofill())) { - throw Error("Browser does not support WebAuthn autofill"); + throw Error('Browser does not support WebAuthn autofill'); } // Check for an <input> with "webauthn" in its `autocomplete` attribute const eligibleInputs = document.querySelectorAll( - "input[autocomplete*='webauthn']", + 'input[autocomplete*=\'webauthn\']', ); // WebAuthn autofill requires at least one valid input @@ -71,7 +71,7 @@ export async function startAuthentication( // `CredentialMediationRequirement` doesn't know about "conditional" yet as of // typescript@4.6.3 - options.mediation = "conditional" as CredentialMediationRequirement; + options.mediation = 'conditional' as CredentialMediationRequirement; // Conditional UI requires an empty allow list publicKey.allowCredentials = []; } @@ -84,14 +84,13 @@ export async function startAuthentication( // Wait for the user to complete assertion let credential; try { - credential = - (await navigator.credentials.get(options)) as AuthenticationCredential; + credential = (await navigator.credentials.get(options)) as AuthenticationCredential; } catch (err) { throw identifyAuthenticationError({ error: err as Error, options }); } if (!credential) { - throw new Error("Authentication was not completed"); + throw new Error('Authentication was not completed'); } const { id, rawId, response, type } = credential; diff --git a/packages/browser/src/methods/startRegistration.test.ts b/packages/browser/src/methods/startRegistration.test.ts index c094278..b8ca081 100644 --- a/packages/browser/src/methods/startRegistration.test.ts +++ b/packages/browser/src/methods/startRegistration.test.ts @@ -3,50 +3,49 @@ import { AuthenticationExtensionsClientOutputs, PublicKeyCredentialCreationOptionsJSON, RegistrationCredential, -} from "@simplewebauthn/typescript-types"; -import { generateCustomError } from "../helpers/__jest__/generateCustomError"; -import { browserSupportsWebAuthn } from "../helpers/browserSupportsWebAuthn"; -import { bufferToBase64URLString } from "../helpers/bufferToBase64URLString"; -import { WebAuthnError } from "../helpers/webAuthnError"; -import { webauthnAbortService } from "../helpers/webAuthnAbortService"; +} from '@simplewebauthn/typescript-types'; +import { generateCustomError } from '../helpers/__jest__/generateCustomError'; +import { browserSupportsWebAuthn } from '../helpers/browserSupportsWebAuthn'; +import { bufferToBase64URLString } from '../helpers/bufferToBase64URLString'; +import { WebAuthnError } from '../helpers/webAuthnError'; +import { webauthnAbortService } from '../helpers/webAuthnAbortService'; -import { utf8StringToBuffer } from "../helpers/utf8StringToBuffer"; +import { utf8StringToBuffer } from '../helpers/utf8StringToBuffer'; -import { startRegistration } from "./startRegistration"; +import { startRegistration } from './startRegistration'; -jest.mock("../helpers/browserSupportsWebAuthn"); +jest.mock('../helpers/browserSupportsWebAuthn'); const mockNavigatorCreate = window.navigator.credentials.create as jest.Mock; const mockSupportsWebauthn = browserSupportsWebAuthn as jest.Mock; -const mockAttestationObject = "mockAtte"; -const mockClientDataJSON = "mockClie"; +const mockAttestationObject = 'mockAtte'; +const mockClientDataJSON = 'mockClie'; const goodOpts1: PublicKeyCredentialCreationOptionsJSON = { - challenge: bufferToBase64URLString(utf8StringToBuffer("fizz")), - attestation: "direct", + challenge: bufferToBase64URLString(utf8StringToBuffer('fizz')), + attestation: 'direct', pubKeyCredParams: [ { alg: -7, - type: "public-key", + type: 'public-key', }, ], rp: { - id: "simplewebauthn.dev", - name: "SimpleWebAuthn", + id: 'simplewebauthn.dev', + name: 'SimpleWebAuthn', }, user: { - id: "5678", - displayName: "username", - name: "username", + id: '5678', + displayName: 'username', + name: 'username', }, timeout: 1, excludeCredentials: [ { - id: - "C0VGlvYFratUdAV1iCw-ULpUW8E-exHPXQChBfyVeJZCMfjMFcwDmOFgoMUz39LoMtCJUBW8WPlLkGT6q8qTCg", - type: "public-key", - transports: ["internal"], + id: 'C0VGlvYFratUdAV1iCw-ULpUW8E-exHPXQChBfyVeJZCMfjMFcwDmOFgoMUz39LoMtCJUBW8WPlLkGT6q8qTCg', + type: 'public-key', + transports: ['internal'], }, ], }; @@ -71,7 +70,7 @@ afterEach(() => { mockSupportsWebauthn.mockReset(); }); -test("should convert options before passing to navigator.credentials.create(...)", async () => { +test('should convert options before passing to navigator.credentials.create(...)', async () => { await startRegistration(goodOpts1); const argsPublicKey = mockNavigatorCreate.mock.calls[0][0].publicKey; @@ -88,28 +87,28 @@ test("should convert options before passing to navigator.credentials.create(...) // Confirm construction of excludeCredentials array expect(credId instanceof ArrayBuffer).toEqual(true); expect(credId.byteLength).toEqual(64); - expect(argsPublicKey.excludeCredentials[0].type).toEqual("public-key"); - expect(argsPublicKey.excludeCredentials[0].transports).toEqual(["internal"]); + expect(argsPublicKey.excludeCredentials[0].type).toEqual('public-key'); + expect(argsPublicKey.excludeCredentials[0].transports).toEqual(['internal']); }); -test("should return base64url-encoded response values", async () => { +test('should return base64url-encoded response values', async () => { mockNavigatorCreate.mockImplementation( (): Promise<RegistrationCredential> => { return new Promise((resolve) => { resolve({ - id: "foobar", - rawId: utf8StringToBuffer("foobar"), + id: 'foobar', + rawId: utf8StringToBuffer('foobar'), response: { - attestationObject: Buffer.from(mockAttestationObject, "ascii"), - clientDataJSON: Buffer.from(mockClientDataJSON, "ascii"), + attestationObject: Buffer.from(mockAttestationObject, 'ascii'), + clientDataJSON: Buffer.from(mockClientDataJSON, 'ascii'), getTransports: () => [], getAuthenticatorData: () => new Uint8Array(), getPublicKey: () => null, getPublicKeyAlgorithm: () => -999, }, getClientExtensionResults: () => ({}), - type: "public-key", - authenticatorAttachment: "", + type: 'public-key', + authenticatorAttachment: '', }); }); }, @@ -117,20 +116,20 @@ test("should return base64url-encoded response values", async () => { const response = await startRegistration(goodOpts1); - expect(response.rawId).toEqual("Zm9vYmFy"); - expect(response.response.attestationObject).toEqual("bW9ja0F0dGU"); - expect(response.response.clientDataJSON).toEqual("bW9ja0NsaWU"); + expect(response.rawId).toEqual('Zm9vYmFy'); + expect(response.response.attestationObject).toEqual('bW9ja0F0dGU'); + expect(response.response.clientDataJSON).toEqual('bW9ja0NsaWU'); }); -test("should throw error if WebAuthn isn't supported", async () => { +test('should throw error if WebAuthn isn\'t supported', async () => { mockSupportsWebauthn.mockReturnValue(false); await expect(startRegistration(goodOpts1)).rejects.toThrow( - "WebAuthn is not supported in this browser", + 'WebAuthn is not supported in this browser', ); }); -test("should throw error if attestation is cancelled for some reason", async () => { +test('should throw error if attestation is cancelled for some reason', async () => { mockNavigatorCreate.mockImplementation((): Promise<null> => { return new Promise((resolve) => { resolve(null); @@ -138,18 +137,18 @@ test("should throw error if attestation is cancelled for some reason", async () }); await expect(startRegistration(goodOpts1)).rejects.toThrow( - "Registration was not completed", + 'Registration was not completed', ); }); -test("should send extensions to authenticator if present in options", async () => { +test('should send extensions to authenticator if present in options', async () => { const extensions: AuthenticationExtensionsClientInputs = { credProps: true, - appid: "appidHere", + appid: 'appidHere', // @ts-ignore: Send arbitrary extensions uvm: true, // @ts-ignore: Send arbitrary extensions - appidExclude: "appidExcludeHere", + appidExclude: 'appidExcludeHere', }; const optsWithExts: PublicKeyCredentialCreationOptionsJSON = { ...goodOpts1, @@ -157,22 +156,20 @@ test("should send extensions to authenticator if present in options", async () = }; await startRegistration(optsWithExts); - const argsExtensions = - mockNavigatorCreate.mock.calls[0][0].publicKey.extensions; + const argsExtensions = mockNavigatorCreate.mock.calls[0][0].publicKey.extensions; expect(argsExtensions).toEqual(extensions); }); -test("should not set any extensions if not present in options", async () => { +test('should not set any extensions if not present in options', async () => { await startRegistration(goodOpts1); - const argsExtensions = - mockNavigatorCreate.mock.calls[0][0].publicKey.extensions; + const argsExtensions = mockNavigatorCreate.mock.calls[0][0].publicKey.extensions; expect(argsExtensions).toEqual(undefined); }); -test("should include extension results", async () => { +test('should include extension results', async () => { const extResults: AuthenticationExtensionsClientOutputs = { appid: true, credProps: { @@ -193,7 +190,7 @@ test("should include extension results", async () => { expect(response.clientExtensionResults).toEqual(extResults); }); -test("should include extension results when no extensions specified", async () => { +test('should include extension results when no extensions specified', async () => { const response = await startRegistration(goodOpts1); expect(response.clientExtensionResults).toEqual({}); @@ -205,7 +202,7 @@ test('should support "cable" transport in excludeCredentials', async () => { excludeCredentials: [ { ...goodOpts1.excludeCredentials![0], - transports: ["cable"], + transports: ['cable'], }, ], }; @@ -215,29 +212,29 @@ test('should support "cable" transport in excludeCredentials', async () => { expect( mockNavigatorCreate.mock.calls[0][0].publicKey.excludeCredentials[0] .transports[0], - ).toEqual("cable"); + ).toEqual('cable'); }); test('should return "cable" transport from response', async () => { mockNavigatorCreate.mockResolvedValue({ - id: "foobar", - rawId: utf8StringToBuffer("foobar"), + id: 'foobar', + rawId: utf8StringToBuffer('foobar'), response: { - attestationObject: Buffer.from(mockAttestationObject, "ascii"), - clientDataJSON: Buffer.from(mockClientDataJSON, "ascii"), - getTransports: () => ["cable"], + attestationObject: Buffer.from(mockAttestationObject, 'ascii'), + clientDataJSON: Buffer.from(mockClientDataJSON, 'ascii'), + getTransports: () => ['cable'], }, getClientExtensionResults: () => ({}), - type: "webauthn.create", + type: 'webauthn.create', }); const regResponse = await startRegistration(goodOpts1); - expect(regResponse.response.transports).toEqual(["cable"]); + expect(regResponse.response.transports).toEqual(['cable']); }); -test("should cancel an existing call when executed again", async () => { - const abortSpy = jest.spyOn(AbortController.prototype, "abort"); +test('should cancel an existing call when executed again', async () => { + const abortSpy = jest.spyOn(AbortController.prototype, 'abort'); // Fire off a request and immediately attempt a second one startRegistration(goodOpts1); @@ -245,24 +242,24 @@ test("should cancel an existing call when executed again", async () => { expect(abortSpy).toHaveBeenCalledTimes(1); }); -test("should return authenticatorAttachment if present", async () => { +test('should return authenticatorAttachment if present', async () => { // Mock extension return values from authenticator mockNavigatorCreate.mockImplementation((): Promise<unknown> => { return new Promise((resolve) => { resolve({ response: {}, getClientExtensionResults: () => {}, - authenticatorAttachment: "cross-platform", + authenticatorAttachment: 'cross-platform', }); }); }); const response = await startRegistration(goodOpts1); - expect(response.authenticatorAttachment).toEqual("cross-platform"); + expect(response.authenticatorAttachment).toEqual('cross-platform'); }); -test("should return convenience values if getters present", async () => { +test('should return convenience values if getters present', async () => { /** * I call them "convenience values" because the getters for public key algorithm, * public key bytes, and authenticator data are alternative ways to access information @@ -285,11 +282,11 @@ test("should return convenience values if getters present", async () => { const response = await startRegistration(goodOpts1); expect(response.response.publicKeyAlgorithm).toEqual(777); - expect(response.response.publicKey).toEqual("AAAAAA"); - expect(response.response.authenticatorData).toEqual("AAAAAA"); + expect(response.response.publicKey).toEqual('AAAAAA'); + expect(response.response.authenticatorData).toEqual('AAAAAA'); }); -test("should not return convenience values if getters missing", async () => { +test('should not return convenience values if getters missing', async () => { /** * I call them "convenience values" because the getters for public key algorithm, * public key bytes, and authenticator data are alternative ways to access information @@ -312,9 +309,9 @@ test("should not return convenience values if getters missing", async () => { expect(response.response.authenticatorData).toBeUndefined(); }); -describe("WebAuthnError", () => { - describe("AbortError", () => { - const AbortError = generateCustomError("AbortError"); +describe('WebAuthnError', () => { + describe('AbortError', () => { + const AbortError = generateCustomError('AbortError'); /** * We can't actually test this because nothing in startRegistration() propagates the abort * signal. But if you invoked WebAuthn via this and then manually sent an abort signal I guess @@ -322,28 +319,28 @@ describe("WebAuthnError", () => { * * As a matter of fact I couldn't actually get any browser to respect the abort signal... */ - test.skip("should identify abort signal", async () => { + test.skip('should identify abort signal', async () => { mockNavigatorCreate.mockRejectedValueOnce(AbortError); const rejected = await expect(startRegistration(goodOpts1)).rejects; rejected.toThrow(WebAuthnError); rejected.toThrow(/abort signal/i); rejected.toThrow(/AbortError/); - rejected.toHaveProperty("code", "ERROR_CEREMONY_ABORTED"); - rejected.toHaveProperty("cause", AbortError); + rejected.toHaveProperty('code', 'ERROR_CEREMONY_ABORTED'); + rejected.toHaveProperty('cause', AbortError); }); }); - describe("ConstraintError", () => { - const ConstraintError = generateCustomError("ConstraintError"); + describe('ConstraintError', () => { + const ConstraintError = generateCustomError('ConstraintError'); - test("should identify unsupported discoverable credentials", async () => { + test('should identify unsupported discoverable credentials', async () => { mockNavigatorCreate.mockRejectedValueOnce(ConstraintError); const opts: PublicKeyCredentialCreationOptionsJSON = { ...goodOpts1, authenticatorSelection: { - residentKey: "required", + residentKey: 'required', requireResidentKey: true, }, }; @@ -352,21 +349,21 @@ describe("WebAuthnError", () => { rejected.toThrow(WebAuthnError); rejected.toThrow(/discoverable credentials were required/i); rejected.toThrow(/no available authenticator supported/i); - rejected.toHaveProperty("name", "ConstraintError"); + rejected.toHaveProperty('name', 'ConstraintError'); rejected.toHaveProperty( - "code", - "ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT", + 'code', + 'ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT', ); - rejected.toHaveProperty("cause", ConstraintError); + rejected.toHaveProperty('cause', ConstraintError); }); - test("should identify unsupported user verification", async () => { + test('should identify unsupported user verification', async () => { mockNavigatorCreate.mockRejectedValueOnce(ConstraintError); const opts: PublicKeyCredentialCreationOptionsJSON = { ...goodOpts1, authenticatorSelection: { - userVerification: "required", + userVerification: 'required', }, }; @@ -374,36 +371,36 @@ describe("WebAuthnError", () => { rejected.toThrow(WebAuthnError); rejected.toThrow(/user verification was required/i); rejected.toThrow(/no available authenticator supported/i); - rejected.toHaveProperty("name", "ConstraintError"); + rejected.toHaveProperty('name', 'ConstraintError'); rejected.toHaveProperty( - "code", - "ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT", + 'code', + 'ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT', ); - rejected.toHaveProperty("cause", ConstraintError); + rejected.toHaveProperty('cause', ConstraintError); }); }); - describe("InvalidStateError", () => { - const InvalidStateError = generateCustomError("InvalidStateError"); + describe('InvalidStateError', () => { + const InvalidStateError = generateCustomError('InvalidStateError'); - test("should identify re-registration attempt", async () => { + test('should identify re-registration attempt', async () => { mockNavigatorCreate.mockRejectedValueOnce(InvalidStateError); const rejected = await expect(startRegistration(goodOpts1)).rejects; rejected.toThrow(WebAuthnError); rejected.toThrow(/authenticator/i); rejected.toThrow(/previously registered/i); - rejected.toHaveProperty("name", "InvalidStateError"); + rejected.toHaveProperty('name', 'InvalidStateError'); rejected.toHaveProperty( - "code", - "ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED", + 'code', + 'ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED', ); - rejected.toHaveProperty("cause", InvalidStateError); + rejected.toHaveProperty('cause', InvalidStateError); }); }); - describe("NotAllowedError", () => { - test("should pass through error message (iOS Safari - Operation failed)", async () => { + describe('NotAllowedError', () => { + test('should pass through error message (iOS Safari - Operation failed)', async () => { /** * Thrown when biometric is not enrolled, or a Safari bug prevents conditional UI from being * aborted properly between page reloads. @@ -411,20 +408,20 @@ describe("WebAuthnError", () => { * See https://github.com/MasterKale/SimpleWebAuthn/discussions/350#discussioncomment-4896572 */ const NotAllowedError = generateCustomError( - "NotAllowedError", - "Operation failed.", + 'NotAllowedError', + 'Operation failed.', ); mockNavigatorCreate.mockRejectedValueOnce(NotAllowedError); const rejected = await expect(startRegistration(goodOpts1)).rejects; rejected.toThrow(Error); rejected.toThrow(/operation failed/i); - rejected.toHaveProperty("name", "NotAllowedError"); - rejected.toHaveProperty("code", "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY"); - rejected.toHaveProperty("cause", NotAllowedError); + rejected.toHaveProperty('name', 'NotAllowedError'); + rejected.toHaveProperty('code', 'ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY'); + rejected.toHaveProperty('cause', NotAllowedError); }); - test("should pass through error message (Chrome M110 - Bad TLS Cert)", async () => { + test('should pass through error message (Chrome M110 - Bad TLS Cert)', async () => { /** * Starting from Chrome M110, WebAuthn is blocked if the site is being displayed on a URL with * TLS certificate issues. This includes during development. @@ -432,22 +429,22 @@ describe("WebAuthnError", () => { * See https://github.com/MasterKale/SimpleWebAuthn/discussions/351#discussioncomment-4910458 */ const NotAllowedError = generateCustomError( - "NotAllowedError", - "WebAuthn is not supported on sites with TLS certificate errors.", + 'NotAllowedError', + 'WebAuthn is not supported on sites with TLS certificate errors.', ); mockNavigatorCreate.mockRejectedValueOnce(NotAllowedError); const rejected = await expect(startRegistration(goodOpts1)).rejects; rejected.toThrow(Error); rejected.toThrow(/sites with TLS certificate errors/i); - rejected.toHaveProperty("name", "NotAllowedError"); - rejected.toHaveProperty("code", "ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY"); - rejected.toHaveProperty("cause", NotAllowedError); + rejected.toHaveProperty('name', 'NotAllowedError'); + rejected.toHaveProperty('code', 'ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY'); + rejected.toHaveProperty('cause', NotAllowedError); }); }); - describe("NotSupportedError", () => { - const NotSupportedError = generateCustomError("NotSupportedError"); + describe('NotSupportedError', () => { + const NotSupportedError = generateCustomError('NotSupportedError'); test('should identify missing "public-key" entries in pubKeyCredParams', async () => { mockNavigatorCreate.mockRejectedValueOnce(NotSupportedError); @@ -461,34 +458,34 @@ describe("WebAuthnError", () => { rejected.toThrow(WebAuthnError); rejected.toThrow(/pubKeyCredParams/i); rejected.toThrow(/public-key/i); - rejected.toHaveProperty("name", "NotSupportedError"); - rejected.toHaveProperty("code", "ERROR_MALFORMED_PUBKEYCREDPARAMS"); - rejected.toHaveProperty("cause", NotSupportedError); + rejected.toHaveProperty('name', 'NotSupportedError'); + rejected.toHaveProperty('code', 'ERROR_MALFORMED_PUBKEYCREDPARAMS'); + rejected.toHaveProperty('cause', NotSupportedError); }); - test("should identify no authenticator supports algs in pubKeyCredParams", async () => { + test('should identify no authenticator supports algs in pubKeyCredParams', async () => { mockNavigatorCreate.mockRejectedValueOnce(NotSupportedError); const opts: PublicKeyCredentialCreationOptionsJSON = { ...goodOpts1, - pubKeyCredParams: [{ alg: -7, type: "public-key" }], + pubKeyCredParams: [{ alg: -7, type: 'public-key' }], }; const rejected = await expect(startRegistration(opts)).rejects; rejected.toThrow(WebAuthnError); rejected.toThrow(/No available authenticator/i); rejected.toThrow(/pubKeyCredParams/i); - rejected.toHaveProperty("name", "NotSupportedError"); + rejected.toHaveProperty('name', 'NotSupportedError'); rejected.toHaveProperty( - "code", - "ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG", + 'code', + 'ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG', ); - rejected.toHaveProperty("cause", NotSupportedError); + rejected.toHaveProperty('cause', NotSupportedError); }); }); - describe("SecurityError", () => { - const SecurityError = generateCustomError("SecurityError"); + describe('SecurityError', () => { + const SecurityError = generateCustomError('SecurityError'); let _originalHostName: string; @@ -500,8 +497,8 @@ describe("WebAuthnError", () => { window.location.hostname = _originalHostName; }); - test("should identify invalid domain", async () => { - window.location.hostname = "1.2.3.4"; + test('should identify invalid domain', async () => { + window.location.hostname = '1.2.3.4'; mockNavigatorCreate.mockRejectedValueOnce(SecurityError); @@ -509,13 +506,13 @@ describe("WebAuthnError", () => { rejected.toThrowError(WebAuthnError); rejected.toThrow(/1\.2\.3\.4/); rejected.toThrow(/invalid domain/i); - rejected.toHaveProperty("name", "SecurityError"); - rejected.toHaveProperty("code", "ERROR_INVALID_DOMAIN"); - rejected.toHaveProperty("cause", SecurityError); + rejected.toHaveProperty('name', 'SecurityError'); + rejected.toHaveProperty('code', 'ERROR_INVALID_DOMAIN'); + rejected.toHaveProperty('cause', SecurityError); }); - test("should identify invalid RP ID", async () => { - window.location.hostname = "simplewebauthn.com"; + test('should identify invalid RP ID', async () => { + window.location.hostname = 'simplewebauthn.com'; mockNavigatorCreate.mockRejectedValueOnce(SecurityError); @@ -523,22 +520,22 @@ describe("WebAuthnError", () => { rejected.toThrowError(WebAuthnError); rejected.toThrow(goodOpts1.rp.id); rejected.toThrow(/invalid for this domain/i); - rejected.toHaveProperty("name", "SecurityError"); - rejected.toHaveProperty("code", "ERROR_INVALID_RP_ID"); - rejected.toHaveProperty("cause", SecurityError); + rejected.toHaveProperty('name', 'SecurityError'); + rejected.toHaveProperty('code', 'ERROR_INVALID_RP_ID'); + rejected.toHaveProperty('cause', SecurityError); }); }); - describe("TypeError", () => { - test("should identify malformed user ID", async () => { - const typeError = new TypeError("user id is bad"); + describe('TypeError', () => { + test('should identify malformed user ID', async () => { + const typeError = new TypeError('user id is bad'); mockNavigatorCreate.mockRejectedValueOnce(typeError); const opts = { ...goodOpts1, user: { ...goodOpts1.user, - id: Array(65).fill("a").join(""), + id: Array(65).fill('a').join(''), }, }; @@ -546,16 +543,16 @@ describe("WebAuthnError", () => { rejected.toThrowError(WebAuthnError); rejected.toThrow(/user id/i); rejected.toThrow(/not between 1 and 64 characters/i); - rejected.toHaveProperty("name", "TypeError"); - rejected.toHaveProperty("code", "ERROR_INVALID_USER_ID_LENGTH"); - rejected.toHaveProperty("cause", typeError); + rejected.toHaveProperty('name', 'TypeError'); + rejected.toHaveProperty('code', 'ERROR_INVALID_USER_ID_LENGTH'); + rejected.toHaveProperty('cause', typeError); }); }); - describe("UnknownError", () => { - const UnknownError = generateCustomError("UnknownError"); + describe('UnknownError', () => { + const UnknownError = generateCustomError('UnknownError'); - test("should identify potential authenticator issues", async () => { + test('should identify potential authenticator issues', async () => { mockNavigatorCreate.mockRejectedValueOnce(UnknownError); const rejected = await expect(startRegistration(goodOpts1)).rejects; @@ -563,9 +560,9 @@ describe("WebAuthnError", () => { rejected.toThrow(/authenticator/i); rejected.toThrow(/unable to process the specified options/i); rejected.toThrow(/could not create a new credential/i); - rejected.toHaveProperty("name", "UnknownError"); - rejected.toHaveProperty("code", "ERROR_AUTHENTICATOR_GENERAL_ERROR"); - rejected.toHaveProperty("cause", UnknownError); + rejected.toHaveProperty('name', 'UnknownError'); + rejected.toHaveProperty('code', 'ERROR_AUTHENTICATOR_GENERAL_ERROR'); + rejected.toHaveProperty('cause', UnknownError); }); }); }); diff --git a/packages/browser/src/methods/startRegistration.ts b/packages/browser/src/methods/startRegistration.ts index c56f0ed..74da7fd 100644 --- a/packages/browser/src/methods/startRegistration.ts +++ b/packages/browser/src/methods/startRegistration.ts @@ -3,16 +3,16 @@ import { PublicKeyCredentialCreationOptionsJSON, RegistrationCredential, RegistrationResponseJSON, -} from "@simplewebauthn/typescript-types"; +} from '@simplewebauthn/typescript-types'; -import { utf8StringToBuffer } from "../helpers/utf8StringToBuffer"; -import { bufferToBase64URLString } from "../helpers/bufferToBase64URLString"; -import { base64URLStringToBuffer } from "../helpers/base64URLStringToBuffer"; -import { browserSupportsWebAuthn } from "../helpers/browserSupportsWebAuthn"; -import { toPublicKeyCredentialDescriptor } from "../helpers/toPublicKeyCredentialDescriptor"; -import { identifyRegistrationError } from "../helpers/identifyRegistrationError"; -import { webauthnAbortService } from "../helpers/webAuthnAbortService"; -import { toAuthenticatorAttachment } from "../helpers/toAuthenticatorAttachment"; +import { utf8StringToBuffer } from '../helpers/utf8StringToBuffer'; +import { bufferToBase64URLString } from '../helpers/bufferToBase64URLString'; +import { base64URLStringToBuffer } from '../helpers/base64URLStringToBuffer'; +import { browserSupportsWebAuthn } from '../helpers/browserSupportsWebAuthn'; +import { toPublicKeyCredentialDescriptor } from '../helpers/toPublicKeyCredentialDescriptor'; +import { identifyRegistrationError } from '../helpers/identifyRegistrationError'; +import { webauthnAbortService } from '../helpers/webAuthnAbortService'; +import { toAuthenticatorAttachment } from '../helpers/toAuthenticatorAttachment'; /** * Begin authenticator "registration" via WebAuthn attestation @@ -23,7 +23,7 @@ export async function startRegistration( creationOptionsJSON: PublicKeyCredentialCreationOptionsJSON, ): Promise<RegistrationResponseJSON> { if (!browserSupportsWebAuthn()) { - throw new Error("WebAuthn is not supported in this browser"); + throw new Error('WebAuthn is not supported in this browser'); } // We need to convert some values to Uint8Arrays before passing the credentials to the navigator @@ -47,32 +47,31 @@ export async function startRegistration( // Wait for the user to complete attestation let credential; try { - credential = - (await navigator.credentials.create(options)) as RegistrationCredential; + credential = (await navigator.credentials.create(options)) as RegistrationCredential; } catch (err) { throw identifyRegistrationError({ error: err as Error, options }); } if (!credential) { - throw new Error("Registration was not completed"); + throw new Error('Registration was not completed'); } const { id, rawId, response, type } = credential; // Continue to play it safe with `getTransports()` for now, even when L3 types say it's required let transports: AuthenticatorTransportFuture[] | undefined = undefined; - if (typeof response.getTransports === "function") { + if (typeof response.getTransports === 'function') { transports = response.getTransports(); } // L3 says this is required, but browser and webview support are still not guaranteed. let responsePublicKeyAlgorithm: number | undefined = undefined; - if (typeof response.getPublicKeyAlgorithm === "function") { + if (typeof response.getPublicKeyAlgorithm === 'function') { responsePublicKeyAlgorithm = response.getPublicKeyAlgorithm(); } let responsePublicKey: string | undefined = undefined; - if (typeof response.getPublicKey === "function") { + if (typeof response.getPublicKey === 'function') { const _publicKey = response.getPublicKey(); if (_publicKey !== null) { responsePublicKey = bufferToBase64URLString(_publicKey); @@ -81,7 +80,7 @@ export async function startRegistration( // L3 says this is required, but browser and webview support are still not guaranteed. let responseAuthenticatorData: string | undefined; - if (typeof response.getAuthenticatorData === "function") { + if (typeof response.getAuthenticatorData === 'function') { responseAuthenticatorData = bufferToBase64URLString( response.getAuthenticatorData(), ); diff --git a/packages/browser/src/setupTests.ts b/packages/browser/src/setupTests.ts index 09ae162..2ac528a 100644 --- a/packages/browser/src/setupTests.ts +++ b/packages/browser/src/setupTests.ts @@ -7,7 +7,7 @@ * JSDom doesn't seem to support `credentials`, so let's define them here so we can mock their * implementations in specific tests. */ -Object.defineProperty(globalThis.window.navigator, "credentials", { +Object.defineProperty(globalThis.window.navigator, 'credentials', { writable: true, value: { create: jest.fn(), @@ -18,9 +18,9 @@ Object.defineProperty(globalThis.window.navigator, "credentials", { /** * Allow for setting values to `window.location.hostname` */ -Object.defineProperty(window, "location", { +Object.defineProperty(window, 'location', { writable: true, value: { - hostname: "", + hostname: '', }, }); |