diff options
Diffstat (limited to 'packages/server/src')
| -rw-r--r-- | packages/server/src/attestation/generateAttestationOptions.test.ts | 21 | ||||
| -rw-r--r-- | packages/server/src/attestation/generateAttestationOptions.ts | 4 |
2 files changed, 25 insertions, 0 deletions
diff --git a/packages/server/src/attestation/generateAttestationOptions.test.ts b/packages/server/src/attestation/generateAttestationOptions.test.ts index 73218bf..08507e7 100644 --- a/packages/server/src/attestation/generateAttestationOptions.test.ts +++ b/packages/server/src/attestation/generateAttestationOptions.test.ts @@ -82,3 +82,24 @@ test('defaults to direct attestation if no attestation type is specified', () => expect(options.attestation).toEqual('none'); }); + +test('should set authenticatorAttributes to authenticatorSelection if set', () => { + const options = generateAttestationOptions({ + serviceName: 'SimpleWebAuthn', + rpID: 'not.real', + challenge: 'totallyrandomvalue', + userID: '1234', + userName: 'usernameHere', + authenticatorAttributes: { + authenticatorAttachment: 'cross-platform', + requireResidentKey: false, + userVerification: 'preferred', + }, + }); + + expect(options.authenticatorSelection).toEqual({ + authenticatorAttachment: 'cross-platform', + requireResidentKey: false, + userVerification: 'preferred', + }); +}); diff --git a/packages/server/src/attestation/generateAttestationOptions.ts b/packages/server/src/attestation/generateAttestationOptions.ts index e2a9926..fbf62f4 100644 --- a/packages/server/src/attestation/generateAttestationOptions.ts +++ b/packages/server/src/attestation/generateAttestationOptions.ts @@ -13,6 +13,7 @@ type Options = { attestationType?: AttestationConveyancePreference, excludedBase64CredentialIDs?: string[], suggestedTransports?: AuthenticatorTransport[], + authenticatorAttributes?: AuthenticatorSelectionCriteria, }; /** @@ -31,6 +32,7 @@ type Options = { * @param excludedBase64CredentialIDs Array of base64-encoded authenticator IDs registered by the * user so the user can't register the same credential multiple times * @param suggestedTransports Suggested types of authenticators for attestation + * @param authenticatorAttributes Advanced criteria for the types of authenticators that may be used */ export default function generateAttestationOptions( options: Options, @@ -46,6 +48,7 @@ export default function generateAttestationOptions( attestationType = 'none', excludedBase64CredentialIDs = [], suggestedTransports = ['usb', 'ble', 'nfc', 'internal'], + authenticatorAttributes, } = options; return { @@ -72,5 +75,6 @@ export default function generateAttestationOptions( type: 'public-key', transports: suggestedTransports, })), + authenticatorSelection: authenticatorAttributes, }; } |