Huge News!Announcing our $40M Series B led by Abstract Ventures.Learn More
Socket
Sign inDemoInstall
Socket

@simplewebauthn/server

Package Overview
Dependencies
Maintainers
1
Versions
85
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@simplewebauthn/server - npm Package Compare versions

Comparing version 0.3.0 to 0.4.0

9

dist/assertion/generateAssertionOptions.d.ts
import type { PublicKeyCredentialRequestOptionsJSON } from '@simplewebauthn/typescript-types';
declare type Options = {
challenge: string;
allowedBase64CredentialIDs: string[];
suggestedTransports?: AuthenticatorTransport[];
timeout?: number;
};
/**

@@ -11,2 +17,3 @@ * Prepare a value to pass into navigator.credentials.get(...) for authenticator "login"

*/
export default function generateAssertionOptions(challenge: string, timeout: number | undefined, allowedBase64CredentialIDs: string[], suggestedTransports?: AuthenticatorTransport[]): PublicKeyCredentialRequestOptionsJSON;
export default function generateAssertionOptions(options: Options): PublicKeyCredentialRequestOptionsJSON;
export {};

19

dist/assertion/generateAssertionOptions.js

@@ -12,13 +12,12 @@ "use strict";

*/
function generateAssertionOptions(challenge, timeout = 60000, allowedBase64CredentialIDs, suggestedTransports = ['usb', 'ble', 'nfc', 'internal']) {
function generateAssertionOptions(options) {
const { challenge, allowedBase64CredentialIDs, suggestedTransports = ['usb', 'ble', 'nfc', 'internal'], timeout = 60000, } = options;
return {
publicKey: {
challenge,
allowCredentials: allowedBase64CredentialIDs.map(id => ({
id,
type: 'public-key',
transports: suggestedTransports,
})),
timeout,
},
challenge,
allowCredentials: allowedBase64CredentialIDs.map(id => ({
id,
type: 'public-key',
transports: suggestedTransports,
})),
timeout,
};

@@ -25,0 +24,0 @@ }

import { PublicKeyCredentialCreationOptionsJSON } from '@simplewebauthn/typescript-types';
declare type Options = {
serviceName: string;
rpID: string;
challenge: string;
userID: string;
userName: string;
userDisplayName?: string;
timeout?: number;
attestationType?: AttestationConveyancePreference;
excludedBase64CredentialIDs?: string[];
suggestedTransports?: AuthenticatorTransport[];
};
/**
* Prepare a value to pass into navigator.credentials.create(...) for authenticator "registration"
*
* **Options:**
*
* @param serviceName Friendly user-visible website name

@@ -9,5 +23,6 @@ * @param rpID Valid domain name (after `https://`)

* @param userID User's website-specific unique ID
* @param username User's website-specific username
* @param userName User's website-specific username (email, etc...)
* @param userDisplayName User's actual name
* @param timeout How long (in ms) the user can take to complete attestation
* @param attestationType Request a full ("direct") or anonymized ("indirect") attestation statement
* @param attestationType Specific attestation statement
* @param excludedBase64CredentialIDs Array of base64-encoded authenticator IDs registered by the

@@ -17,2 +32,3 @@ * user so the user can't register the same credential multiple times

*/
export default function generateAttestationOptions(serviceName: string, rpID: string, challenge: string, userID: string, username: string, timeout?: number, attestationType?: 'direct' | 'indirect', excludedBase64CredentialIDs?: string[], suggestedTransports?: AuthenticatorTransport[]): PublicKeyCredentialCreationOptionsJSON;
export default function generateAttestationOptions(options: Options): PublicKeyCredentialCreationOptionsJSON;
export {};

@@ -6,2 +6,4 @@ "use strict";

*
* **Options:**
*
* @param serviceName Friendly user-visible website name

@@ -11,5 +13,6 @@ * @param rpID Valid domain name (after `https://`)

* @param userID User's website-specific unique ID
* @param username User's website-specific username
* @param userName User's website-specific username (email, etc...)
* @param userDisplayName User's actual name
* @param timeout How long (in ms) the user can take to complete attestation
* @param attestationType Request a full ("direct") or anonymized ("indirect") attestation statement
* @param attestationType Specific attestation statement
* @param excludedBase64CredentialIDs Array of base64-encoded authenticator IDs registered by the

@@ -19,31 +22,28 @@ * user so the user can't register the same credential multiple times

*/
function generateAttestationOptions(serviceName, rpID, challenge, userID, username, timeout = 60000, attestationType = 'direct', excludedBase64CredentialIDs = [], suggestedTransports = ['usb', 'ble', 'nfc', 'internal']) {
function generateAttestationOptions(options) {
const { serviceName, rpID, challenge, userID, userName, userDisplayName = userName, timeout = 60000, attestationType = 'none', excludedBase64CredentialIDs = [], suggestedTransports = ['usb', 'ble', 'nfc', 'internal'], } = options;
return {
publicKey: {
// Cryptographically random bytes to prevent replay attacks
challenge,
// The organization registering and authenticating the user
rp: {
name: serviceName,
id: rpID,
challenge,
rp: {
name: serviceName,
id: rpID,
},
user: {
id: userID,
name: userName,
displayName: userDisplayName,
},
pubKeyCredParams: [
{
alg: -7,
type: 'public-key',
},
user: {
id: userID,
name: username,
displayName: username,
},
pubKeyCredParams: [
{
alg: -7,
type: 'public-key',
},
],
timeout,
attestation: attestationType,
excludeCredentials: excludedBase64CredentialIDs.map((id) => ({
id,
type: 'public-key',
transports: suggestedTransports,
})),
},
],
timeout,
attestation: attestationType,
excludeCredentials: excludedBase64CredentialIDs.map((id) => ({
id,
type: 'public-key',
transports: suggestedTransports,
})),
};

@@ -50,0 +50,0 @@ }

{
"name": "@simplewebauthn/server",
"version": "0.3.0",
"version": "0.4.0",
"description": "SimpleWebAuthn for Servers",

@@ -29,3 +29,3 @@ "main": "dist/index.js",

"dependencies": {
"@simplewebauthn/typescript-types": "^0.3.0",
"@simplewebauthn/typescript-types": "^0.4.0",
"base64url": "^3.0.1",

@@ -37,3 +37,3 @@ "cbor": "^5.0.2",

},
"gitHead": "0c4a5f127cc66456a7f17c77926ce671e3535d43"
"gitHead": "edca8a8ba7014118db5d4687e6069dbbc7be3e56"
}

Sorry, the diff of this file is not supported yet

Sorry, the diff of this file is not supported yet

SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

Packages

npm

Stay in touch

Get open source security insights delivered straight into your inbox.


  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc