Add additional fields to AuthenticatorAttestationResponse

[mitar]

Description

So AuthenticatorAttestationResponse struct contains only minimal fields which might be sent in JSON, but it looks the spec allows additional fields (which are just extracted from attestationOjbect):

To remove the need to parse CBOR at all in many cases, getAuthenticatorData() returns the authenticator data from attestationObject. The authenticator data contains other fields that are encoded in a binary format. However, helper functions are not provided to access them because Relying Parties already need to extract those fields when getting an assertion.

The issue I have is that I send AuthenticatorAttestationResponse over the wire in JSON from the client. And client adds those fields. But on the server I want to use JSON unmarshal with DisallowUnknownFields set (primarily to detect changes in API I should check and possibly adapt to). And this is then currently not possible.

So I wonder if struct should define those additional optional fields, but not use them/ignore them?

Use Case

No response

Documentation

No response

[james-d-elliott]

We will add the specific fields mentioned, but will purposefully decline to officially support DisallowUnknownFields due to the extensible and evolving nature of the specification itself.

[mitar]

Thanks, this looks great!