Simplified Webauthn
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
interface SimpleCredential { | |
id: string; | |
publicKey: ArrayBuffer; | |
} | |
async function create(name: string) : Promise<SimpleCredential> { | |
// NOTE: We don't care about the challenge because we don't check attestation | |
const challenge = crypto.getRandomValues(new Uint8Array(16)); | |
let credential = await navigator.credentials.create({ | |
publicKey: { | |
rp: { name: "Passkey", }, | |
user: { | |
id: crypto.getRandomValues(new Uint8Array(16)), | |
name, | |
displayName: name, | |
}, | |
challenge, | |
pubKeyCredParams: [{ type: "public-key", alg: -7 }], | |
}, | |
}); | |
if (!(credential instanceof PublicKeyCredential)) { | |
throw new Error("Unexpected credential type"); | |
} | |
const response = credential.response | |
if (!(response instanceof AuthenticatorAttestationResponse)) { | |
throw new Error("Unexpected response type"); | |
} | |
const publicKey = response.getPublicKey() | |
if (!publicKey) { | |
throw new Error("No public key"); | |
} | |
return { | |
id: credential.id, | |
publicKey, | |
} | |
} | |
async function get(id: string, challenge: ArrayBuffer) : Promise<AuthenticatorAssertionResponse> { | |
let credential = await navigator.credentials.get({ | |
publicKey: { | |
challenge, | |
allowCredentials: [{ type: "public-key", id }], | |
}, | |
}); | |
if (!(credential instanceof PublicKeyCredential)) { | |
throw new Error("Unexpected credential type"); | |
} | |
const response = credential.response | |
if (!(response instanceof AuthenticatorAssertionResponse)) { | |
throw new Error("Unexpected response type"); | |
} | |
return response | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment