james-d-elliott
commented
2 years ago For reference this is the JSON property the major browser libraries use from what I can tell.
Closed james-d-elliott closed 1 year ago
james-d-elliott
commented
2 years ago For reference this is the JSON property the major browser libraries use from what I can tell.
james-d-elliott
commented
2 years ago Just noticed this ignores any unknown value, however the spec mentions the following:
This internal slot contains a sequence of zero or more unique DOMStrings in lexicographical order. These values are the transports that the authenticator is believed to support, or an empty sequence if the information is unavailable. The values SHOULD be members of AuthenticatorTransport but Relying Parties SHOULD accept and store unknown values.
Hence I'm updating it to include any values sent from the client.
james-d-elliott
commented
2 years ago Actually this is kind of interesting. Maybe the placement of transports is wrong. It looks like based on the indent that it should be part of the publicKey.response object. While the value is an internal slot, it seems kind of strange that the layout would change as drastically as this. Interested to hear some thoughts specifically about this topic prior to merging.
MasterKale
commented
1 year ago @james-d-elliott Apologies, but I'm closing out this PR as this project is now deprecated.
This parses the credential attestation and obtains the transports if provided. This must be manually done at the client level using AuthenticatorAttestationResponse.getTransports(). See https://developer.mozilla.org/en-US/docs/Web/API/AuthenticatorAttestationResponse. As per the spec this allows any values from the client. See https://w3c.github.io/webauthn/#dom-authenticatorattestationresponse-transports-slot.