updated docs, tests & version

passwordless-id · Mar 11, 2024 · 748d359 · 748d359
1 parent efed234
commit 748d359
Show file tree

Hide file tree

Showing 10 changed files with 38 additions and 20 deletions.
diff --git a/README.md b/README.md
@@ -50,7 +50,7 @@ import * as webauthn from '@passwordless-id/webauthn'
 
 ```html
 <script type="module">
- import { client } from 'https://unpkg.com/@passwordless-id/webauthn@1.4.1/dist/webauthn.min.js'
+ import { client } from 'https://unpkg.com/@passwordless-id/webauthn@1.5.0/dist/webauthn.min.js'
 </script>
 ```
 ### Import
@@ -135,7 +135,7 @@ const registration = await client.register("Arnaud", challenge, {
  userVerification: "required",
  timeout: 60000,
  attestation: true,
- userHandle: "recommended to set it to a random 64 bytes value",
+ userHandle: "Optional server-side user id. Must not reveal personal information.",
  debug: false
 })
 ```
@@ -189,7 +189,10 @@ Example result:
  },
  "authenticator": {
  ...
- "name": "Windows Hello Hardware Authenticator"
+ "name": "Windows Hello",
+ "icon_dark": "https://webauthn.passwordless.id/authenticators/08987058-cadc-4b81-b6e1-30de50dcbe96-dark.png",
+ "icon_light": "https://webauthn.passwordless.id/authenticators/08987058-cadc-4b81-b6e1-30de50dcbe96-light.png",
+ "synced": true
  },
  ...
 }
@@ -396,7 +399,7 @@ Registration options
 
 - `discoverable`: (`'discouraged'`, `'preferred'` or `'required'`) If the credential is "discoverable", it can be selected using `authenticate` without providing credential IDs. In that case, a native pop-up will appear for user selection. This may have an impact on the "passkeys" user experience and syncing behavior of the key. *(Default: 'preferred')*
 - `attestation`: If enabled, the device attestation and clientData will be provided as base64 encoded binary data. Note that this may impact the authenticator information available or the UX depending on the platform. *(Default: false)*
-- `userHandle`: The `userHandle` can be used to re-register credentials for an existing user, thus overriding the current the key pair and username for that `userHandle`. *The default here is based on a hash of the `username`, and thus has some security implications as described in [issue](https://github.com/passwordless-id/webauthn/issues/29). For optimal security and privacy, it is recommended to set the `userHandle` to a random 64 bytes value.*
+- `userHandle`: The user "handle" (also known as user "id") can be used to re-register credentials for an existing user, thus overriding the current credential key pair and username for that `userHandle`. *The default here is based on a hash of the `username`, and thus has some security implications as described in [issue](https://github.com/passwordless-id/webauthn/issues/29).*
 
 
 Authentication options
@@ -454,7 +457,10 @@ parsers.parseRegistration({
  },
  "counter": 0,
  "aaguid": "08987058-cadc-4b81-b6e1-30de50dcbe96",
- "name": "Windows Hello Hardware Authenticator"
+ "name": "Windows Hello",
+ "icon_dark": "https://webauthn.passwordless.id/authenticators/08987058-cadc-4b81-b6e1-30de50dcbe96-dark.png",
+ "icon_light": "https://webauthn.passwordless.id/authenticators/08987058-cadc-4b81-b6e1-30de50dcbe96-light.png",
+ "synced": true
  },
  "attestation": null
 }
@@ -540,7 +546,10 @@ parsers.parseAuthenticator("SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2NFAAAAAAiY
  },
  "counter": 0,
  "aaguid": "08987058-cadc-4b81-b6e1-30de50dcbe96",
- "name": "Windows Hello Hardware Authenticator"
+ "name": "Windows Hello",
+ "icon_dark": "https://webauthn.passwordless.id/authenticators/08987058-cadc-4b81-b6e1-30de50dcbe96-dark.png",
+ "icon_light": "https://webauthn.passwordless.id/authenticators/08987058-cadc-4b81-b6e1-30de50dcbe96-light.png",
+ "synced": true
  }
 ```
 

diff --git a/demos/example-cdn.html b/demos/example-cdn.html
@@ -10,7 +10,7 @@
 
 
 <script type="module">
-import { client } from 'https://unpkg.com/@passwordless-id/webauthn@1.4.1/dist/webauthn.min.js'
+import { client } from 'https://unpkg.com/@passwordless-id/webauthn@1.5.0/dist/webauthn.min.js'
 
 window.register = async function() {
  console.log('Registering...')

diff --git a/dist/webauthn.min.js b/dist/webauthn.min.js
diff --git a/dist/webauthn.min.js.map b/dist/webauthn.min.js.map
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
  "name": "@passwordless-id/webauthn",
- "version": "1.4.1",
+ "version": "1.5.0",
  "description": "A small wrapper around the webauthn protocol to make one's life easier.",
  "type": "module",
  "main": "dist/esm/index.js",

diff --git a/src/client.ts b/src/client.ts
@@ -199,11 +199,10 @@ export async function authenticate(credentialIds :string[], challenge :string, o
 
  const authentication :AuthenticationEncoded = {
  credentialId: auth.id,
- //userHash: utils.toBase64url(response.userHandle), // unreliable, optional for authenticators
  authenticatorData: utils.toBase64url(response.authenticatorData),
  clientData: utils.toBase64url(response.clientDataJSON),
  signature: utils.toBase64url(response.signature),
- userHandle: response.userHandle ? utils.toBase64url(response.userHandle) : null
+ userHandle: response.userHandle ? utils.toBase64url(response.userHandle) : undefined // may not be returned by every authenticator
  }
 
  return authentication

diff --git a/src/parsers.test.ts b/src/parsers.test.ts
@@ -36,7 +36,10 @@ test('Test parseRegistration', async () => {
  },
  "counter": 0,
  "aaguid": "08987058-cadc-4b81-b6e1-30de50dcbe96",
- "name": "Windows Hello Hardware Authenticator"
+ "icon_dark": "https://webauthn.passwordless.id/authenticators/08987058-cadc-4b81-b6e1-30de50dcbe96-dark.png",
+ "icon_light": "https://webauthn.passwordless.id/authenticators/08987058-cadc-4b81-b6e1-30de50dcbe96-light.png",
+ "name": "Windows Hello",
+ "synced": false,
  },
  "attestation": null
  })
@@ -69,7 +72,8 @@ test('Test parseAuthentication', async () => {
  "attestedData": false,
  "extensionsIncluded": false
  },
- "counter": 1
+ "counter": 1,
+ "synced": false
  },
  "signature": "MEUCIAqtFVRrn7q9HvJCAsOhE3oKJ-Hb4ISfjABu4lH70MKSAiEA666slmop_oCbmNZdc-QemTv2Rq4g_D7UvIhWT_vVp8M="
  })
@@ -90,7 +94,10 @@ test('Test parseAuthenticator', async () => {
  },
  "counter": 0,
  "aaguid": "08987058-cadc-4b81-b6e1-30de50dcbe96",
- "name": "Windows Hello Hardware Authenticator"
+ "icon_dark": "https://webauthn.passwordless.id/authenticators/08987058-cadc-4b81-b6e1-30de50dcbe96-dark.png",
+ "icon_light": "https://webauthn.passwordless.id/authenticators/08987058-cadc-4b81-b6e1-30de50dcbe96-light.png",
+ "name": "Windows Hello",
+ "synced": false,
  })
 })
 

diff --git a/src/server.test.ts b/src/server.test.ts
@@ -69,7 +69,10 @@ test('Test README registration example', async () => {
  },
  "counter": 0,
  "aaguid": "08987058-cadc-4b81-b6e1-30de50dcbe96",
- "name": "Windows Hello Hardware Authenticator"
+ "icon_dark": "https://webauthn.passwordless.id/authenticators/08987058-cadc-4b81-b6e1-30de50dcbe96-dark.png",
+ "icon_light": "https://webauthn.passwordless.id/authenticators/08987058-cadc-4b81-b6e1-30de50dcbe96-light.png",
+ "name": "Windows Hello",
+ "synced": false,
  },
  "attestation": null
  })

diff --git a/src/types.ts b/src/types.ts
@@ -26,7 +26,7 @@ export interface AuthenticationEncoded {
  authenticatorData: string
  clientData: string
  signature: string
- userHandle?: string | null
+ userHandle?: string
 }
 
 export interface AuthenticationParsed {