summaryrefslogtreecommitdiffhomepage
path: root/packages/server/src
diff options
context:
space:
mode:
Diffstat (limited to 'packages/server/src')
-rw-r--r--packages/server/src/assertion/generateAssertionOptions.ts16
1 files changed, 5 insertions, 11 deletions
diff --git a/packages/server/src/assertion/generateAssertionOptions.ts b/packages/server/src/assertion/generateAssertionOptions.ts
index 0bd6218..f018aa3 100644
--- a/packages/server/src/assertion/generateAssertionOptions.ts
+++ b/packages/server/src/assertion/generateAssertionOptions.ts
@@ -1,13 +1,13 @@
import type {
PublicKeyCredentialRequestOptionsJSON,
- Base64URLString,
+ PublicKeyCredentialDescriptorJSON,
} from '@simplewebauthn/typescript-types';
import base64url from 'base64url';
import generateChallenge from '../helpers/generateChallenge';
type Options = {
- allowedCredentialIDs: Base64URLString[];
+ allowCredentials: PublicKeyCredentialDescriptorJSON[];
challenge?: string | Buffer;
suggestedTransports?: AuthenticatorTransport[];
timeout?: number;
@@ -18,11 +18,10 @@ type Options = {
/**
* Prepare a value to pass into navigator.credentials.get(...) for authenticator "login"
*
- * @param allowedCredentialIDs Array of base64url-encoded authenticator IDs registered by the
+ * @param allowCredentials Authenticators previously registered by the user
* @param challenge Random value the authenticator needs to sign and pass back
* user for assertion
* @param timeout How long (in ms) the user can take to complete assertion
- * @param suggestedTransports Suggested types of authenticators for assertion
* @param userVerification Set to `'discouraged'` when asserting as part of a 2FA flow, otherwise
* set to `'preferred'` or `'required'` as desired.
* @param extensions Additional plugins the authenticator or browser should use during assertion
@@ -31,9 +30,8 @@ export default function generateAssertionOptions(
options: Options,
): PublicKeyCredentialRequestOptionsJSON {
const {
- allowedCredentialIDs,
+ allowCredentials,
challenge = generateChallenge(),
- suggestedTransports = ['usb', 'ble', 'nfc', 'internal'],
timeout = 60000,
userVerification,
extensions,
@@ -41,11 +39,7 @@ export default function generateAssertionOptions(
return {
challenge: base64url.encode(challenge),
- allowCredentials: allowedCredentialIDs.map(id => ({
- id,
- type: 'public-key',
- transports: suggestedTransports,
- })),
+ allowCredentials,
timeout,
userVerification,
extensions,
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-29 20:54:17 +0000