@simplewebauthn/server - npm Package Compare versions

Comparing version 0.7.4 to 0.8.0

dist/assertion/generateAssertionOptions.d.ts

@@ -0,5 +1,6 @@
+/// <reference types="node" />
 import type { PublicKeyCredentialRequestOptionsJSON, Base64URLString } from '@simplewebauthn/typescript-types';
 declare type Options = {
-    challenge: string;
     allowedCredentialIDs: Base64URLString[];
+    challenge?: string | Buffer;
     suggestedTransports?: AuthenticatorTransport[];
@@ -13,4 +14,4 @@ timeout?: number;
  *
- * @param challenge Random string the authenticator needs to sign and pass back
  * @param allowedCredentialIDs Array of base64url-encoded authenticator IDs registered by the
+ * @param challenge Random value the authenticator needs to sign and pass back
  * user for assertion
@@ -17,0 +18,0 @@ * @param timeout How long (in ms) the user can take to complete assertion

dist/assertion/generateAssertionOptions.js

 "use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
+const base64url_1 = __importDefault(require("base64url"));
+const generateChallenge_1 = __importDefault(require("../helpers/generateChallenge"));
 /**
  * Prepare a value to pass into navigator.credentials.get(...) for authenticator "login"
  *
- * @param challenge Random string the authenticator needs to sign and pass back
  * @param allowedCredentialIDs Array of base64url-encoded authenticator IDs registered by the
+ * @param challenge Random value the authenticator needs to sign and pass back
  * user for assertion
@@ -16,5 +21,5 @@ * @param timeout How long (in ms) the user can take to complete assertion
 function generateAssertionOptions(options) {
-    const { challenge, allowedCredentialIDs, suggestedTransports = ['usb', 'ble', 'nfc', 'internal'], timeout = 60000, userVerification, extensions, } = options;
+    const { allowedCredentialIDs, challenge = generateChallenge_1.default(), suggestedTransports = ['usb', 'ble', 'nfc', 'internal'], timeout = 60000, userVerification, extensions, } = options;
     return {
-        challenge,
+        challenge: base64url_1.default.encode(challenge),
         allowCredentials: allowedCredentialIDs.map(id => ({
@@ -21,0 +26,0 @@ id,

dist/assertion/verifyAssertionResponse.d.ts

@@ -16,4 +16,4 @@ import { AssertionCredentialJSON, AuthenticatorDevice } from '@simplewebauthn/typescript-types';
  * @param credential Authenticator credential returned by browser's `startAssertion()`
- * @param expectedChallenge The random value provided to generateAssertionOptions for the
- * authenticator to sign
+ * @param expectedChallenge The base64url-encoded `options.challenge` returned by
+ * `generateAssertionOptions()`
  * @param expectedOrigin Website URL that the attestation should have occurred on
@@ -20,0 +20,0 @@ * @param expectedRPID RP ID that was specified in the attestation options

dist/assertion/verifyAssertionResponse.js

@@ -19,4 +19,4 @@ "use strict";
  * @param credential Authenticator credential returned by browser's `startAssertion()`
- * @param expectedChallenge The random value provided to generateAssertionOptions for the
- * authenticator to sign
+ * @param expectedChallenge The base64url-encoded `options.challenge` returned by
+ * `generateAssertionOptions()`
  * @param expectedOrigin Website URL that the attestation should have occurred on
@@ -57,5 +57,4 @@ * @param expectedRPID RP ID that was specified in the attestation options
     // Ensure the device provided the challenge we gave it
-    const encodedExpectedChallenge = base64url_1.default.encode(expectedChallenge);
-    if (challenge !== encodedExpectedChallenge) {
-        throw new Error(`Unexpected assertion challenge "${challenge}", expected "${encodedExpectedChallenge}"`);
+    if (challenge !== expectedChallenge) {
+        throw new Error(`Unexpected assertion challenge "${challenge}", expected "${expectedChallenge}"`);
     }
@@ -62,0 +61,0 @@ // Check that the origin is our site

dist/attestation/generateAttestationOptions.d.ts

@@ -0,1 +1,2 @@
+/// <reference types="node" />
 import type { PublicKeyCredentialCreationOptionsJSON, Base64URLString } from '@simplewebauthn/typescript-types';
@@ -5,5 +6,5 @@ declare type Options = {
     rpID: string;
-    challenge: string;
     userID: string;
     userName: string;
+    challenge?: string | Buffer;
     userDisplayName?: string;
@@ -31,5 +32,5 @@ timeout?: number;
  * @param rpID Valid domain name (after `https://`)
- * @param challenge Random string the authenticator needs to sign and pass back
  * @param userID User's website-specific unique ID
  * @param userName User's website-specific username (email, etc...)
+ * @param challenge Random value the authenticator needs to sign and pass back
  * @param userDisplayName User's actual name
@@ -36,0 +37,0 @@ * @param timeout How long (in ms) the user can take to complete attestation

dist/attestation/generateAttestationOptions.js

 "use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.supportedCOSEAlgorithmIdentifiers = void 0;
+const base64url_1 = __importDefault(require("base64url"));
+const generateChallenge_1 = __importDefault(require("../helpers/generateChallenge"));
 /**
@@ -38,5 +43,5 @@ * Supported crypto algo identifiers
  * @param rpID Valid domain name (after `https://`)
- * @param challenge Random string the authenticator needs to sign and pass back
  * @param userID User's website-specific unique ID
  * @param userName User's website-specific username (email, etc...)
+ * @param challenge Random value the authenticator needs to sign and pass back
  * @param userDisplayName User's actual name
@@ -55,3 +60,3 @@ * @param timeout How long (in ms) the user can take to complete attestation
 function generateAttestationOptions(options) {
-    const { serviceName, rpID, challenge, userID, userName, userDisplayName = userName, timeout = 60000, attestationType = 'none', excludedCredentialIDs = [], suggestedTransports = ['usb', 'ble', 'nfc', 'internal'], authenticatorSelection, extensions, supportedAlgorithmIDs = exports.supportedCOSEAlgorithmIdentifiers, } = options;
+    const { serviceName, rpID, userID, userName, challenge = generateChallenge_1.default(), userDisplayName = userName, timeout = 60000, attestationType = 'none', excludedCredentialIDs = [], suggestedTransports = ['usb', 'ble', 'nfc', 'internal'], authenticatorSelection, extensions, supportedAlgorithmIDs = exports.supportedCOSEAlgorithmIdentifiers, } = options;
     /**
@@ -68,3 +73,3 @@ * Filter out known bad/deprecated/etc... algorithm ID's before preparing pubKeyCredParams
     return {
-        challenge,
+        challenge: base64url_1.default.encode(challenge),
         rp: {
@@ -71,0 +76,0 @@ name: serviceName,

dist/attestation/verifyAttestationResponse.d.ts

@@ -17,4 +17,4 @@ import { AttestationCredentialJSON } from '@simplewebauthn/typescript-types';
  * @param credential Authenticator credential returned by browser's `startAttestation()`
- * @param expectedChallenge The random value provided to generateAttestationOptions for the
- * authenticator to sign
+ * @param expectedChallenge The base64url-encoded `options.challenge` returned by
+ * `generateAttestationOptions()`
  * @param expectedOrigin Website URL that the attestation should have occurred on
@@ -21,0 +21,0 @@ * @param expectedRPID RP ID that was specified in the attestation options

dist/attestation/verifyAttestationResponse.js

@@ -44,4 +44,4 @@ "use strict";
  * @param credential Authenticator credential returned by browser's `startAttestation()`
- * @param expectedChallenge The random value provided to generateAttestationOptions for the
- * authenticator to sign
+ * @param expectedChallenge The base64url-encoded `options.challenge` returned by
+ * `generateAttestationOptions()`
  * @param expectedOrigin Website URL that the attestation should have occurred on
@@ -76,5 +76,4 @@ * @param expectedRPID RP ID that was specified in the attestation options
     // Ensure the device provided the challenge we gave it
-    const encodedExpectedChallenge = base64url_1.default.encode(expectedChallenge);
-    if (challenge !== encodedExpectedChallenge) {
-        throw new Error(`Unexpected attestation challenge "${challenge}", expected "${encodedExpectedChallenge}"`);
+    if (challenge !== expectedChallenge) {
+        throw new Error(`Unexpected attestation challenge "${challenge}", expected "${expectedChallenge}"`);
     }
@@ -81,0 +80,0 @@ // Check that the origin is our site

package.json

 {
   "name": "@simplewebauthn/server",
-  "version": "0.7.4",
+  "version": "0.8.0",
   "description": "SimpleWebAuthn for Servers",
@@ -37,3 +37,3 @@ "main": "dist/index.js",
     "@peculiar/asn1-x509": "^2.0.10",
-    "@simplewebauthn/typescript-types": "^0.7.1",
+    "@simplewebauthn/typescript-types": "^0.8.0",
     "base64url": "^3.0.1",
@@ -46,3 +46,3 @@ "cbor": "^5.0.2",
   },
-  "gitHead": "b9479527f354ccf499d84c9cf022eb2937fb6763",
+  "gitHead": "ad53568973cfd2c6c99bf70d1628f191642d7b9b",
   "devDependencies": {
@@ -49,0 +49,0 @@ "@types/node-fetch": "^2.5.7"

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

187627

increased by1.62%

Number of package files

97

increased by4.3%

Lines of code

2952

increased by1.23%

Dependency changes

• + Added@simplewebauthn/typescript-types@0.8.2(transitive)

• - Removed@simplewebauthn/typescript-types@0.7.1(transitive)

• Updated@simplewebauthn/typescript-types@^0.8.0