summaryrefslogtreecommitdiffhomepage
path: root/packages/server/src/authentication/verifyAuthenticationResponse.test.ts
diff options
context:
space:
mode:
Diffstat (limited to 'packages/server/src/authentication/verifyAuthenticationResponse.test.ts')
-rw-r--r--packages/server/src/authentication/verifyAuthenticationResponse.test.ts40
1 files changed, 20 insertions, 20 deletions
diff --git a/packages/server/src/authentication/verifyAuthenticationResponse.test.ts b/packages/server/src/authentication/verifyAuthenticationResponse.test.ts
index 89ffdd3..fcd1b4f 100644
--- a/packages/server/src/authentication/verifyAuthenticationResponse.test.ts
+++ b/packages/server/src/authentication/verifyAuthenticationResponse.test.ts
@@ -24,7 +24,7 @@ afterEach(() => {
test('should verify an assertion response', async () => {
const verification = await verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: assertionOrigin,
expectedRPID: 'dev.dontneeda.pw',
@@ -37,7 +37,7 @@ test('should verify an assertion response', async () => {
test('should return authenticator info after verification', async () => {
const verification = await verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: assertionOrigin,
expectedRPID: 'dev.dontneeda.pw',
@@ -52,7 +52,7 @@ test('should return authenticator info after verification', async () => {
test('should throw when response challenge is not expected value', async () => {
await expect(
verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: 'shouldhavebeenthisvalue',
expectedOrigin: 'https://different.address',
expectedRPID: 'dev.dontneeda.pw',
@@ -64,7 +64,7 @@ test('should throw when response challenge is not expected value', async () => {
test('should throw when response origin is not expected value', async () => {
await expect(
verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: 'https://different.address',
expectedRPID: 'dev.dontneeda.pw',
@@ -83,7 +83,7 @@ test('should throw when assertion type is not webauthn.create', async () => {
await expect(
verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: assertionOrigin,
expectedRPID: 'dev.dontneeda.pw',
@@ -100,7 +100,7 @@ test('should throw error if user was not present', async () => {
await expect(
verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: assertionOrigin,
expectedRPID: 'dev.dontneeda.pw',
@@ -119,7 +119,7 @@ test('should throw error if previous counter value is not less than in response'
await expect(
verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: assertionOrigin,
expectedRPID: 'dev.dontneeda.pw',
@@ -137,7 +137,7 @@ test('should throw error if assertion RP ID is unexpected value', async () => {
await expect(
verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: assertionOrigin,
expectedRPID: 'dev.dontneeda.pw',
@@ -148,7 +148,7 @@ test('should throw error if assertion RP ID is unexpected value', async () => {
test('should not compare counters if both are 0', async () => {
const verification = await verifyAuthenticationResponse({
- credential: assertionFirstTimeUsedResponse,
+ response: assertionFirstTimeUsedResponse,
expectedChallenge: assertionFirstTimeUsedChallenge,
expectedOrigin: assertionFirstTimeUsedOrigin,
expectedRPID: 'dev.dontneeda.pw',
@@ -174,7 +174,7 @@ test('should throw an error if user verification is required but user was not ve
await expect(
verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: assertionOrigin,
expectedRPID: 'dev.dontneeda.pw',
@@ -189,7 +189,7 @@ test.skip('should verify TPM assertion', async () => {
const expectedChallenge = 'dG90YWxseVVuaXF1ZVZhbHVlRXZlcnlBc3NlcnRpb24';
jest.spyOn(isoBase64URL, 'toString').mockReturnValueOnce(expectedChallenge);
const verification = await verifyAuthenticationResponse({
- credential: {
+ response: {
id: 'YJ8FMM-AmcUt73XPX341WXWd7ypBMylGjjhu0g3VzME',
rawId: 'YJ8FMM-AmcUt73XPX341WXWd7ypBMylGjjhu0g3VzME',
response: {
@@ -218,7 +218,7 @@ test.skip('should verify TPM assertion', async () => {
test('should support multiple possible origins', async () => {
const verification = await verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: ['https://simplewebauthn.dev', assertionOrigin],
expectedRPID: 'dev.dontneeda.pw',
@@ -232,7 +232,7 @@ test('should support multiple possible origins', async () => {
test('should throw an error if origin not in list of expected origins', async () => {
await expect(
verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: ['https://simplewebauthn.dev', 'https://fizz.buzz'],
expectedRPID: 'dev.dontneeda.pw',
@@ -243,7 +243,7 @@ test('should throw an error if origin not in list of expected origins', async ()
test('should support multiple possible RP IDs', async () => {
const verification = await verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: assertionOrigin,
expectedRPID: ['dev.dontneeda.pw', 'simplewebauthn.dev'],
@@ -257,7 +257,7 @@ test('should support multiple possible RP IDs', async () => {
test('should throw an error if RP ID not in list of possible RP IDs', async () => {
await expect(
verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: assertionOrigin,
expectedRPID: ['simplewebauthn.dev'],
@@ -268,7 +268,7 @@ test('should throw an error if RP ID not in list of possible RP IDs', async () =
test('should pass verification if custom challenge verifier returns true', async () => {
const verification = await verifyAuthenticationResponse({
- credential: {
+ response: {
id: 'AaIBxnYfL2pDWJmIii6CYgHBruhVvFGHheWamphVioG_TnEXxKA9MW4FWnJh21zsbmRpRJso9i2JmAtWOtXfVd4oXTgYVusXwhWWsA',
rawId:
'AaIBxnYfL2pDWJmIii6CYgHBruhVvFGHheWamphVioG_TnEXxKA9MW4FWnJh21zsbmRpRJso9i2JmAtWOtXfVd4oXTgYVusXwhWWsA',
@@ -308,7 +308,7 @@ test('should pass verification if custom challenge verifier returns true', async
test('should fail verification if custom challenge verifier returns false', async () => {
await expect(
verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: challenge => challenge === 'willNeverMatch',
expectedOrigin: assertionOrigin,
expectedRPID: 'dev.dontneeda.pw',
@@ -319,7 +319,7 @@ test('should fail verification if custom challenge verifier returns false', asyn
test('should return authenticator extension output', async () => {
const verification = await verifyAuthenticationResponse({
- credential: {
+ response: {
response: {
clientDataJSON:
'eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiaVpzVkN6dHJEVzdEMlVfR0hDSWxZS0x3VjJiQ3NCVFJxVlFVbkpYbjlUayIsIm9yaWdpbiI6ImFuZHJvaWQ6YXBrLWtleS1oYXNoOmd4N3NxX3B4aHhocklRZEx5ZkcwcHhLd2lKN2hPazJESlE0eHZLZDQzOFEiLCJhbmRyb2lkUGFja2FnZU5hbWUiOiJjb20uZmlkby5leGFtcGxlLmZpZG8yYXBpZXhhbXBsZSJ9',
@@ -365,7 +365,7 @@ test('should return authenticator extension output', async () => {
test('should return credential backup info', async () => {
const verification = await verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: assertionOrigin,
expectedRPID: 'dev.dontneeda.pw',
@@ -440,7 +440,7 @@ const authenticatorFirstTimeUsed: AuthenticatorDevice = {
test('should return user verified flag after successful auth', async () => {
const verification = await verifyAuthenticationResponse({
- credential: assertionResponse,
+ response: assertionResponse,
expectedChallenge: assertionChallenge,
expectedOrigin: assertionOrigin,
expectedRPID: 'dev.dontneeda.pw',
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-23 13:37:35 +0000