search

github / webauthn-json

🔏 A small WebAuthn API wrapper that translates to/from pure JSON using base64url.
https://github.github.com/webauthn-json/demo/
MIT License
752 stars 58 forks source link

Add `prf` extension #65

Open lgarron opened 2 years ago

lgarron commented 2 years ago

https://github.com/w3c/webauthn/pull/1732 re-added this: https://w3c.github.io/webauthn/#prf-extension

We need to add support here:

https://github.com/github/webauthn-json/blob/5206e71dd596929bb30ee46534e59f9bc20c68ee/src/webauthn-json/extended/schema.ts#L12-L34

https://github.com/github/webauthn-json/blob/5206e71dd596929bb30ee46534e59f9bc20c68ee/src/webauthn-json/extended/json.ts#L12-L36

imrishabh18 commented 2 years ago

Hey @lgarron, I am new to this codebase. But would like to take up this issue.

lgarron commented 2 years ago

Hey @lgarron, I am new to this codebase. But would like to take up this issue.

Feel free to tackle a PR. Do you need any help beyond the links above?

fcorneli commented 11 months ago

The following is working for me:

webauthnJSON.schema.credentialCreationOptions.publicKey.schema.extensions.schema.prf = {
            required: false,
            schema: {
                eval: {
                    required: false,
                    schema: {
                        first: {
                            required: true,
                            schema: "convert"
                        }
                    }
                },
                evalByCredential: {
                    required: false,
                    schema: "copy",
                    derive: function (input) {
                        console.log("derive");
                        console.log(input);
                        let evalByCredentialObject = input.evalByCredential;
                        if (!(evalByCredentialObject instanceof Object)) {
                            return;
                        }
                        for (const [key, value] of Object.entries(evalByCredentialObject)) {
                            console.log("first: " + value.first);
                            value.first = $this.base64urlToBuffer(value.first);
                        }
                        return evalByCredentialObject;
                    }
                }
            }
        };
        webauthnJSON.schema.credentialCreationOptions.publicKey.schema.extensions.schema.uvm = {
            required: false,
            schema: "copy"
        };
        webauthnJSON.schema.publicKeyCredentialWithAttestation.clientExtensionResults.schema.prf = {
            required: false,
            schema: {
                enabled: {
                    required: false,
                    schema: "copy"
                },
                results: {
                    required: false,
                    schema: {
                        first: {
                            required: true,
                            schema: "convert"
                        }
                    }
                }
            }
        };
        webauthnJSON.schema.publicKeyCredentialWithAttestation.clientExtensionResults.schema.uvm = {
            required: false,
            schema: "copy"
        };

Only getting evalByCredential right was a bit tricky.

fcorneli commented 10 months ago

See also: https://github.com/e-Contract/enterprise-jsf/blob/master/ejsf-taglib/src/main/resources/META-INF/resources/ejsf/webauthn.js#L18

raashidanwar commented 8 months ago

Hey @lgarron 👋 ,

I want to take this up.

lgarron commented 8 months ago

@raashidanwar As I no longer work at GitHub, I can't maintain this project. Perhaps @KyFaSt or @fletchto99 can tell you if this project is open to contributions.