Closed infinisil closed 2 years ago
I talked about this with @ErinvanderVeen. We came to this conclusion:
SupportedAttestationStatementFormats
is good.WebAuthnRegistries
type. Breaking compatibility is alright once we start supporting extensions. Also, we have to break compatibility anyways, even with a WebAuthnRegistries
type if it gets an additional field (unless we don't export the direct constructors/deconstructors)allSupportedFormats
decodeCredentialRegistration
that doesn't take a SupportedAttestationStatementFormats
, while still providing a prime version, decodeCredentialRegistration'
which does have the supported formats as an argument. By doing this we allow library users to stay backwards compatible if they use the non-prime version. This later then also works for extensions, at which point we will also introduce a decodeCredentialAuthentication'
, but keep the decodeCredentialAuthentication
with the same typeOnly the last point of the previous comment is remaining to do, which is being done in #138
Makes sure that we won't have to break compatibility in the future when extensions are implemented, see #35
SupportedAttestationStatementFormats
toAttestationStatementFormatRegistry
WebAuthnRegistries
type, currently only consisting of anAttestationStatementFormatRegistry
and use it throughout instead of the latterallSupportedFormats :: AttestationStatementFormatRegistry
withsupportedRegistries :: WebAuthnRegistries
WebAuthnRegistries
, but also the authentication response decoding, so that we later don't have to break compatibility when extensions are implemented