@simplewebauthn/server - npm Package Compare versions

Comparing version 5.3.0 to 5.4.0

dist/authentication/generateAuthenticationOptions.d.ts

@@ -24,2 +24,2 @@ /// <reference types="node" />
  */
-export default function generateAuthenticationOptions(options?: GenerateAuthenticationOptionsOpts): PublicKeyCredentialRequestOptionsJSON;
+export declare function generateAuthenticationOptions(options?: GenerateAuthenticationOptionsOpts): PublicKeyCredentialRequestOptionsJSON;

dist/authentication/generateAuthenticationOptions.js

@@ -6,4 +6,5 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateAuthenticationOptions = void 0;
 const base64url_1 = __importDefault(require("base64url"));
-const generateChallenge_1 = __importDefault(require("../helpers/generateChallenge"));
+const generateChallenge_1 = require("../helpers/generateChallenge");
 /**
@@ -23,3 +24,3 @@ * Prepare a value to pass into navigator.credentials.get(...) for authenticator "login"
 function generateAuthenticationOptions(options = {}) {
-    const { allowCredentials, challenge = (0, generateChallenge_1.default)(), timeout = 60000, userVerification, extensions, rpID, } = options;
+    const { allowCredentials, challenge = (0, generateChallenge_1.generateChallenge)(), timeout = 60000, userVerification, extensions, rpID, } = options;
     return {
@@ -37,3 +38,3 @@ challenge: base64url_1.default.encode(challenge),
 }
-exports.default = generateAuthenticationOptions;
+exports.generateAuthenticationOptions = generateAuthenticationOptions;
 //# sourceMappingURL=generateAuthenticationOptions.js.map

dist/authentication/verifyAuthenticationResponse.d.ts

 /// <reference types="node" />
 import { AuthenticationCredentialJSON, AuthenticatorDevice, CredentialDeviceType } from '@simplewebauthn/typescript-types';
+import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions';
 export declare type VerifyAuthenticationResponseOpts = {
@@ -25,3 +26,3 @@ credential: AuthenticationCredentialJSON;
  */
-export default function verifyAuthenticationResponse(options: VerifyAuthenticationResponseOpts): VerifiedAuthenticationResponse;
+export declare function verifyAuthenticationResponse(options: VerifyAuthenticationResponseOpts): VerifiedAuthenticationResponse;
 /**
@@ -42,2 +43,4 @@ * Result of authentication verification
  * reference!**
+ * @param authenticationInfo?.authenticatorExtensionResults The authenticator extensions returned
+ * by the browser
  */
@@ -51,3 +54,4 @@ export declare type VerifiedAuthenticationResponse = {
         credentialBackedUp: boolean;
+        authenticatorExtensionResults?: AuthenticationExtensionsAuthenticatorOutputs;
     };
 };

dist/authentication/verifyAuthenticationResponse.js

@@ -6,9 +6,10 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyAuthenticationResponse = void 0;
 const base64url_1 = __importDefault(require("base64url"));
-const decodeClientDataJSON_1 = __importDefault(require("../helpers/decodeClientDataJSON"));
-const toHash_1 = __importDefault(require("../helpers/toHash"));
-const convertPublicKeyToPEM_1 = __importDefault(require("../helpers/convertPublicKeyToPEM"));
-const verifySignature_1 = __importDefault(require("../helpers/verifySignature"));
-const parseAuthenticatorData_1 = __importDefault(require("../helpers/parseAuthenticatorData"));
-const isBase64URLString_1 = __importDefault(require("../helpers/isBase64URLString"));
+const decodeClientDataJSON_1 = require("../helpers/decodeClientDataJSON");
+const toHash_1 = require("../helpers/toHash");
+const convertPublicKeyToPEM_1 = require("../helpers/convertPublicKeyToPEM");
+const verifySignature_1 = require("../helpers/verifySignature");
+const parseAuthenticatorData_1 = require("../helpers/parseAuthenticatorData");
+const isBase64URLString_1 = require("../helpers/isBase64URLString");
 const parseBackupFlags_1 = require("../helpers/parseBackupFlags");
@@ -50,3 +51,3 @@ /**
     }
-    const clientDataJSON = (0, decodeClientDataJSON_1.default)(response.clientDataJSON);
+    const clientDataJSON = (0, decodeClientDataJSON_1.decodeClientDataJSON)(response.clientDataJSON);
     const { type, origin, challenge, tokenBinding } = clientDataJSON;
@@ -78,6 +79,6 @@ // Make sure we're handling an authentication
     }
-    if (!(0, isBase64URLString_1.default)(response.authenticatorData)) {
+    if (!(0, isBase64URLString_1.isBase64URLString)(response.authenticatorData)) {
         throw new Error('Credential response authenticatorData was not a base64url string');
     }
-    if (!(0, isBase64URLString_1.default)(response.signature)) {
+    if (!(0, isBase64URLString_1.isBase64URLString)(response.signature)) {
         throw new Error('Credential response signature was not a base64url string');
@@ -97,7 +98,7 @@ }
     const authDataBuffer = base64url_1.default.toBuffer(response.authenticatorData);
-    const parsedAuthData = (0, parseAuthenticatorData_1.default)(authDataBuffer);
-    const { rpIdHash, flags, counter } = parsedAuthData;
+    const parsedAuthData = (0, parseAuthenticatorData_1.parseAuthenticatorData)(authDataBuffer);
+    const { rpIdHash, flags, counter, extensionsData } = parsedAuthData;
     // Make sure the response's RP ID is ours
     if (typeof expectedRPID === 'string') {
-        const expectedRPIDHash = (0, toHash_1.default)(Buffer.from(expectedRPID, 'ascii'));
+        const expectedRPIDHash = (0, toHash_1.toHash)(Buffer.from(expectedRPID, 'ascii'));
         if (!rpIdHash.equals(expectedRPIDHash)) {
@@ -110,3 +111,3 @@ throw new Error(`Unexpected RP ID hash`);
         const foundMatch = expectedRPID.some(expected => {
-            const expectedRPIDHash = (0, toHash_1.default)(Buffer.from(expected, 'ascii'));
+            const expectedRPIDHash = (0, toHash_1.toHash)(Buffer.from(expected, 'ascii'));
             return rpIdHash.equals(expectedRPIDHash);
@@ -126,5 +127,5 @@ });
     }
-    const clientDataHash = (0, toHash_1.default)(base64url_1.default.toBuffer(response.clientDataJSON));
+    const clientDataHash = (0, toHash_1.toHash)(base64url_1.default.toBuffer(response.clientDataJSON));
     const signatureBase = Buffer.concat([authDataBuffer, clientDataHash]);
-    const publicKey = (0, convertPublicKeyToPEM_1.default)(authenticator.credentialPublicKey);
+    const publicKey = (0, convertPublicKeyToPEM_1.convertPublicKeyToPEM)(authenticator.credentialPublicKey);
     const signature = base64url_1.default.toBuffer(response.signature);
@@ -140,3 +141,3 @@ if ((counter > 0 || authenticator.counter > 0) && counter <= authenticator.counter) {
     const toReturn = {
-        verified: (0, verifySignature_1.default)(signature, signatureBase, publicKey),
+        verified: (0, verifySignature_1.verifySignature)(signature, signatureBase, publicKey),
         authenticationInfo: {
@@ -147,2 +148,3 @@ newCounter: counter,
             credentialBackedUp,
+            authenticatorExtensionResults: extensionsData,
         },
@@ -152,3 +154,3 @@ };
 }
-exports.default = verifyAuthenticationResponse;
+exports.verifyAuthenticationResponse = verifyAuthenticationResponse;
 //# sourceMappingURL=verifyAuthenticationResponse.js.map

dist/helpers/convertAAGUIDToString.d.ts

@@ -5,2 +5,2 @@ /// <reference types="node" />
  */
-export default function convertAAGUIDToString(aaguid: Buffer): string;
+export declare function convertAAGUIDToString(aaguid: Buffer): string;

dist/helpers/convertAAGUIDToString.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.convertAAGUIDToString = void 0;
 /**
@@ -19,3 +20,3 @@ * Convert the aaguid buffer in authData into a UUID string
 }
-exports.default = convertAAGUIDToString;
+exports.convertAAGUIDToString = convertAAGUIDToString;
 //# sourceMappingURL=convertAAGUIDToString.js.map

dist/helpers/convertCertBufferToPEM.d.ts

@@ -6,2 +6,2 @@ /// <reference types="node" />
  */
-export default function convertCertBufferToPEM(certBuffer: Buffer | Base64URLString): string;
+export declare function convertCertBufferToPEM(certBuffer: Buffer | Base64URLString): string;

dist/helpers/convertCertBufferToPEM.js

@@ -6,2 +6,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.convertCertBufferToPEM = void 0;
 const base64url_1 = __importDefault(require("base64url"));
@@ -28,3 +29,3 @@ /**
 }
-exports.default = convertCertBufferToPEM;
+exports.convertCertBufferToPEM = convertCertBufferToPEM;
 //# sourceMappingURL=convertCertBufferToPEM.js.map

dist/helpers/convertCOSEtoPKCS.d.ts

@@ -7,3 +7,3 @@ /// <reference types="node" />
  */
-export default function convertCOSEtoPKCS(cosePublicKey: Buffer): Buffer;
+export declare function convertCOSEtoPKCS(cosePublicKey: Buffer): Buffer;
 export declare type COSEPublicKey = Map<COSEAlgorithmIdentifier, number | Buffer>;
@@ -10,0 +10,0 @@ export declare enum COSEKEYS {

dist/helpers/convertCOSEtoPKCS.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.COSEALGHASH = exports.COSECRV = exports.COSERSASCHEME = exports.COSEKTY = exports.COSEKEYS = void 0;
+exports.COSEALGHASH = exports.COSECRV = exports.COSERSASCHEME = exports.COSEKTY = exports.COSEKEYS = exports.convertCOSEtoPKCS = void 0;
 const decodeCbor_1 = require("./decodeCbor");
@@ -21,3 +21,3 @@ /**
 }
-exports.default = convertCOSEtoPKCS;
+exports.convertCOSEtoPKCS = convertCOSEtoPKCS;
 var COSEKEYS;
@@ -24,0 +24,0 @@ (function (COSEKEYS) {

dist/helpers/convertPublicKeyToPEM.d.ts

 /// <reference types="node" />
-export default function convertPublicKeyToPEM(publicKey: Buffer): string;
+export declare function convertPublicKeyToPEM(publicKey: Buffer): string;

dist/helpers/convertPublicKeyToPEM.js

@@ -6,2 +6,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.convertPublicKeyToPEM = void 0;
 const cbor_1 = __importDefault(require("cbor"));
@@ -63,3 +64,3 @@ const jwk_to_pem_1 = __importDefault(require("jwk-to-pem"));
 }
-exports.default = convertPublicKeyToPEM;
+exports.convertPublicKeyToPEM = convertPublicKeyToPEM;
 //# sourceMappingURL=convertPublicKeyToPEM.js.map

dist/helpers/decodeAttestationObject.d.ts

@@ -7,3 +7,3 @@ /// <reference types="node" />
  */
-export default function decodeAttestationObject(attestationObject: Buffer): AttestationObject;
+export declare function decodeAttestationObject(attestationObject: Buffer): AttestationObject;
 export declare type AttestationFormat = 'fido-u2f' | 'packed' | 'android-safetynet' | 'android-key' | 'tpm' | 'apple' | 'none';
@@ -10,0 +10,0 @@ export declare type AttestationObject = {

dist/helpers/decodeAttestationObject.js

@@ -6,2 +6,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.decodeAttestationObject = void 0;
 const cbor_1 = __importDefault(require("cbor"));
@@ -17,3 +18,3 @@ /**
 }
-exports.default = decodeAttestationObject;
+exports.decodeAttestationObject = decodeAttestationObject;
 //# sourceMappingURL=decodeAttestationObject.js.map

dist/helpers/decodeClientDataJSON.d.ts

 /**
  * Decode an authenticator's base64url-encoded clientDataJSON to JSON
  */
-export default function decodeClientDataJSON(data: string): ClientDataJSON;
+export declare function decodeClientDataJSON(data: string): ClientDataJSON;
 export declare type ClientDataJSON = {
@@ -6,0 +6,0 @@ type: string;

dist/helpers/decodeClientDataJSON.js

@@ -6,2 +6,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.decodeClientDataJSON = void 0;
 const base64url_1 = __importDefault(require("base64url"));
@@ -16,3 +17,3 @@ /**
 }
-exports.default = decodeClientDataJSON;
+exports.decodeClientDataJSON = decodeClientDataJSON;
 //# sourceMappingURL=decodeClientDataJSON.js.map

dist/helpers/decodeCredentialPublicKey.d.ts

 /// <reference types="node" />
 import { COSEPublicKey } from './convertCOSEtoPKCS';
-export default function decodeCredentialPublicKey(publicKey: Buffer): COSEPublicKey;
+export declare function decodeCredentialPublicKey(publicKey: Buffer): COSEPublicKey;

dist/helpers/decodeCredentialPublicKey.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.decodeCredentialPublicKey = void 0;
 const decodeCbor_1 = require("./decodeCbor");
@@ -7,3 +8,3 @@ function decodeCredentialPublicKey(publicKey) {
 }
-exports.default = decodeCredentialPublicKey;
+exports.decodeCredentialPublicKey = decodeCredentialPublicKey;
 //# sourceMappingURL=decodeCredentialPublicKey.js.map

dist/helpers/generateChallenge.d.ts

@@ -5,2 +5,2 @@ /// <reference types="node" />
  */
-export default function generateChallenge(): Buffer;
+export declare function generateChallenge(): Buffer;

dist/helpers/generateChallenge.js

@@ -6,2 +6,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateChallenge = void 0;
 const crypto_1 = __importDefault(require("crypto"));
@@ -22,3 +23,3 @@ /**
 }
-exports.default = generateChallenge;
+exports.generateChallenge = generateChallenge;
 //# sourceMappingURL=generateChallenge.js.map

dist/helpers/getCertificateInfo.d.ts

@@ -27,3 +27,3 @@ /// <reference types="node" />
  */
-export default function getCertificateInfo(leafCertBuffer: Buffer): CertificateInfo;
+export declare function getCertificateInfo(leafCertBuffer: Buffer): CertificateInfo;
 export {};

dist/helpers/getCertificateInfo.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.getCertificateInfo = void 0;
 const asn1_schema_1 = require("@peculiar/asn1-schema");
@@ -54,3 +55,3 @@ const asn1_x509_1 = require("@peculiar/asn1-x509");
 }
-exports.default = getCertificateInfo;
+exports.getCertificateInfo = getCertificateInfo;
 //# sourceMappingURL=getCertificateInfo.js.map

dist/helpers/index.d.ts

@@ -1,17 +0,17 @@
-import convertAAGUIDToString from './convertAAGUIDToString';
-import convertCertBufferToPEM from './convertCertBufferToPEM';
-import convertCOSEtoPKCS from './convertCOSEtoPKCS';
-import convertPublicKeyToPEM from './convertPublicKeyToPEM';
-import decodeAttestationObject from './decodeAttestationObject';
+import { convertAAGUIDToString } from './convertAAGUIDToString';
+import { convertCertBufferToPEM } from './convertCertBufferToPEM';
+import { convertCOSEtoPKCS } from './convertCOSEtoPKCS';
+import { convertPublicKeyToPEM } from './convertPublicKeyToPEM';
+import { decodeAttestationObject } from './decodeAttestationObject';
 import { decodeCborFirst } from './decodeCbor';
-import decodeClientDataJSON from './decodeClientDataJSON';
-import decodeCredentialPublicKey from './decodeCredentialPublicKey';
-import generateChallenge from './generateChallenge';
-import getCertificateInfo from './getCertificateInfo';
-import isBase64URLString from './isBase64URLString';
-import isCertRevoked from './isCertRevoked';
-import parseAuthenticatorData from './parseAuthenticatorData';
-import toHash from './toHash';
-import validateCertificatePath from './validateCertificatePath';
-import verifySignature from './verifySignature';
+import { decodeClientDataJSON } from './decodeClientDataJSON';
+import { decodeCredentialPublicKey } from './decodeCredentialPublicKey';
+import { generateChallenge } from './generateChallenge';
+import { getCertificateInfo } from './getCertificateInfo';
+import { isBase64URLString } from './isBase64URLString';
+import { isCertRevoked } from './isCertRevoked';
+import { parseAuthenticatorData } from './parseAuthenticatorData';
+import { toHash } from './toHash';
+import { validateCertificatePath } from './validateCertificatePath';
+import { verifySignature } from './verifySignature';
 export { convertAAGUIDToString, convertCertBufferToPEM, convertCOSEtoPKCS, convertPublicKeyToPEM, decodeAttestationObject, decodeCborFirst, decodeClientDataJSON, decodeCredentialPublicKey, generateChallenge, getCertificateInfo, isBase64URLString, isCertRevoked, parseAuthenticatorData, toHash, validateCertificatePath, verifySignature, };
@@ -18,0 +18,0 @@ import type { AttestationFormat, AttestationObject, AttestationStatement } from './decodeAttestationObject';

dist/helpers/index.js

 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
 exports.verifySignature = exports.validateCertificatePath = exports.toHash = exports.parseAuthenticatorData = exports.isCertRevoked = exports.isBase64URLString = exports.getCertificateInfo = exports.generateChallenge = exports.decodeCredentialPublicKey = exports.decodeClientDataJSON = exports.decodeCborFirst = exports.decodeAttestationObject = exports.convertPublicKeyToPEM = exports.convertCOSEtoPKCS = exports.convertCertBufferToPEM = exports.convertAAGUIDToString = void 0;
-const convertAAGUIDToString_1 = __importDefault(require("./convertAAGUIDToString"));
-exports.convertAAGUIDToString = convertAAGUIDToString_1.default;
-const convertCertBufferToPEM_1 = __importDefault(require("./convertCertBufferToPEM"));
-exports.convertCertBufferToPEM = convertCertBufferToPEM_1.default;
-const convertCOSEtoPKCS_1 = __importDefault(require("./convertCOSEtoPKCS"));
-exports.convertCOSEtoPKCS = convertCOSEtoPKCS_1.default;
-const convertPublicKeyToPEM_1 = __importDefault(require("./convertPublicKeyToPEM"));
-exports.convertPublicKeyToPEM = convertPublicKeyToPEM_1.default;
-const decodeAttestationObject_1 = __importDefault(require("./decodeAttestationObject"));
-exports.decodeAttestationObject = decodeAttestationObject_1.default;
+const convertAAGUIDToString_1 = require("./convertAAGUIDToString");
+Object.defineProperty(exports, "convertAAGUIDToString", { enumerable: true, get: function () { return convertAAGUIDToString_1.convertAAGUIDToString; } });
+const convertCertBufferToPEM_1 = require("./convertCertBufferToPEM");
+Object.defineProperty(exports, "convertCertBufferToPEM", { enumerable: true, get: function () { return convertCertBufferToPEM_1.convertCertBufferToPEM; } });
+const convertCOSEtoPKCS_1 = require("./convertCOSEtoPKCS");
+Object.defineProperty(exports, "convertCOSEtoPKCS", { enumerable: true, get: function () { return convertCOSEtoPKCS_1.convertCOSEtoPKCS; } });
+const convertPublicKeyToPEM_1 = require("./convertPublicKeyToPEM");
+Object.defineProperty(exports, "convertPublicKeyToPEM", { enumerable: true, get: function () { return convertPublicKeyToPEM_1.convertPublicKeyToPEM; } });
+const decodeAttestationObject_1 = require("./decodeAttestationObject");
+Object.defineProperty(exports, "decodeAttestationObject", { enumerable: true, get: function () { return decodeAttestationObject_1.decodeAttestationObject; } });
 const decodeCbor_1 = require("./decodeCbor");
 Object.defineProperty(exports, "decodeCborFirst", { enumerable: true, get: function () { return decodeCbor_1.decodeCborFirst; } });
-const decodeClientDataJSON_1 = __importDefault(require("./decodeClientDataJSON"));
-exports.decodeClientDataJSON = decodeClientDataJSON_1.default;
-const decodeCredentialPublicKey_1 = __importDefault(require("./decodeCredentialPublicKey"));
-exports.decodeCredentialPublicKey = decodeCredentialPublicKey_1.default;
-const generateChallenge_1 = __importDefault(require("./generateChallenge"));
-exports.generateChallenge = generateChallenge_1.default;
-const getCertificateInfo_1 = __importDefault(require("./getCertificateInfo"));
-exports.getCertificateInfo = getCertificateInfo_1.default;
-const isBase64URLString_1 = __importDefault(require("./isBase64URLString"));
-exports.isBase64URLString = isBase64URLString_1.default;
-const isCertRevoked_1 = __importDefault(require("./isCertRevoked"));
-exports.isCertRevoked = isCertRevoked_1.default;
-const parseAuthenticatorData_1 = __importDefault(require("./parseAuthenticatorData"));
-exports.parseAuthenticatorData = parseAuthenticatorData_1.default;
-const toHash_1 = __importDefault(require("./toHash"));
-exports.toHash = toHash_1.default;
-const validateCertificatePath_1 = __importDefault(require("./validateCertificatePath"));
-exports.validateCertificatePath = validateCertificatePath_1.default;
-const verifySignature_1 = __importDefault(require("./verifySignature"));
-exports.verifySignature = verifySignature_1.default;
+const decodeClientDataJSON_1 = require("./decodeClientDataJSON");
+Object.defineProperty(exports, "decodeClientDataJSON", { enumerable: true, get: function () { return decodeClientDataJSON_1.decodeClientDataJSON; } });
+const decodeCredentialPublicKey_1 = require("./decodeCredentialPublicKey");
+Object.defineProperty(exports, "decodeCredentialPublicKey", { enumerable: true, get: function () { return decodeCredentialPublicKey_1.decodeCredentialPublicKey; } });
+const generateChallenge_1 = require("./generateChallenge");
+Object.defineProperty(exports, "generateChallenge", { enumerable: true, get: function () { return generateChallenge_1.generateChallenge; } });
+const getCertificateInfo_1 = require("./getCertificateInfo");
+Object.defineProperty(exports, "getCertificateInfo", { enumerable: true, get: function () { return getCertificateInfo_1.getCertificateInfo; } });
+const isBase64URLString_1 = require("./isBase64URLString");
+Object.defineProperty(exports, "isBase64URLString", { enumerable: true, get: function () { return isBase64URLString_1.isBase64URLString; } });
+const isCertRevoked_1 = require("./isCertRevoked");
+Object.defineProperty(exports, "isCertRevoked", { enumerable: true, get: function () { return isCertRevoked_1.isCertRevoked; } });
+const parseAuthenticatorData_1 = require("./parseAuthenticatorData");
+Object.defineProperty(exports, "parseAuthenticatorData", { enumerable: true, get: function () { return parseAuthenticatorData_1.parseAuthenticatorData; } });
+const toHash_1 = require("./toHash");
+Object.defineProperty(exports, "toHash", { enumerable: true, get: function () { return toHash_1.toHash; } });
+const validateCertificatePath_1 = require("./validateCertificatePath");
+Object.defineProperty(exports, "validateCertificatePath", { enumerable: true, get: function () { return validateCertificatePath_1.validateCertificatePath; } });
+const verifySignature_1 = require("./verifySignature");
+Object.defineProperty(exports, "verifySignature", { enumerable: true, get: function () { return verifySignature_1.verifySignature; } });
 //# sourceMappingURL=index.js.map

dist/helpers/isBase64URLString.d.ts

 /**
  * Check to see if a string only contains valid Base64URL values
  */
-export default function isBase64URLString(value: string): boolean;
+export declare function isBase64URLString(value: string): boolean;

dist/helpers/isBase64URLString.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.isBase64URLString = void 0;
 // Base64URL, with optional padding
@@ -14,3 +15,3 @@ const base64urlRegEx = /^([0-9a-zA-Z-_]{4})*(([0-9a-zA-Z-_]{2}(==)?)|([0-9a-zA-Z-_]{3}=?))?$/;
 }
-exports.default = isBase64URLString;
+exports.isBase64URLString = isBase64URLString;
 //# sourceMappingURL=isBase64URLString.js.map

dist/helpers/isCertRevoked.d.ts

@@ -8,2 +8,2 @@ import { X509 } from 'jsrsasign';
  */
-export default function isCertRevoked(cert: X509): Promise<boolean>;
+export declare function isCertRevoked(cert: X509): Promise<boolean>;

dist/helpers/isCertRevoked.js

@@ -6,2 +6,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.isCertRevoked = void 0;
 const jsrsasign_1 = require("jsrsasign");
@@ -11,3 +12,3 @@ const node_fetch_1 = __importDefault(require("node-fetch"));
 const asn1_x509_1 = require("@peculiar/asn1-x509");
-const convertCertBufferToPEM_1 = __importDefault(require("./convertCertBufferToPEM"));
+const convertCertBufferToPEM_1 = require("./convertCertBufferToPEM");
 const cacheRevokedCerts = {};
@@ -57,3 +58,3 @@ /**
         const dataCRL = await respCRL.buffer();
-        const dataPEM = (0, convertCertBufferToPEM_1.default)(dataCRL);
+        const dataPEM = (0, convertCertBufferToPEM_1.convertCertBufferToPEM)(dataCRL);
         crlCert.readCertPEM(dataPEM);
@@ -88,3 +89,3 @@ }
 }
-exports.default = isCertRevoked;
+exports.isCertRevoked = isCertRevoked;
 //# sourceMappingURL=isCertRevoked.js.map

dist/helpers/parseAuthenticatorData.d.ts

 /// <reference types="node" />
+import { AuthenticationExtensionsAuthenticatorOutputs } from './decodeAuthenticatorExtensions';
 /**
  * Make sense of the authData buffer contained in an Attestation
  */
-export default function parseAuthenticatorData(authData: Buffer): ParsedAuthenticatorData;
+export declare function parseAuthenticatorData(authData: Buffer): ParsedAuthenticatorData;
 export declare type ParsedAuthenticatorData = {
@@ -23,3 +24,4 @@ rpIdHash: Buffer;
     credentialPublicKey?: Buffer;
+    extensionsData?: AuthenticationExtensionsAuthenticatorOutputs;
     extensionsDataBuffer?: Buffer;
 };

dist/helpers/parseAuthenticatorData.js

@@ -6,4 +6,6 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseAuthenticatorData = void 0;
 const cbor_1 = __importDefault(require("cbor"));
 const decodeCbor_1 = require("./decodeCbor");
+const decodeAuthenticatorExtensions_1 = require("./decodeAuthenticatorExtensions");
 /**
@@ -23,8 +25,8 @@ * Make sense of the authData buffer contained in an Attestation
     const flags = {
-        up: !!(flagsInt & 1 << 0),
-        uv: !!(flagsInt & 1 << 2),
-        be: !!(flagsInt & 1 << 3),
-        bs: !!(flagsInt & 1 << 4),
-        at: !!(flagsInt & 1 << 6),
-        ed: !!(flagsInt & 1 << 7),
+        up: !!(flagsInt & (1 << 0)),
+        uv: !!(flagsInt & (1 << 2)),
+        be: !!(flagsInt & (1 << 3)),
+        bs: !!(flagsInt & (1 << 4)),
+        at: !!(flagsInt & (1 << 6)),
+        ed: !!(flagsInt & (1 << 7)),
         flagsInt,
@@ -48,2 +50,3 @@ };
     }
+    let extensionsData = undefined;
     let extensionsDataBuffer = undefined;
@@ -54,2 +57,3 @@ if (flags.ed) {
         extensionsDataBuffer = firstEncoded;
+        extensionsData = (0, decodeAuthenticatorExtensions_1.decodeAuthenticatorExtensions)(extensionsDataBuffer);
         pointer += firstEncoded.byteLength;
@@ -70,6 +74,7 @@ }
         credentialPublicKey,
+        extensionsData,
         extensionsDataBuffer,
     };
 }
-exports.default = parseAuthenticatorData;
+exports.parseAuthenticatorData = parseAuthenticatorData;
 //# sourceMappingURL=parseAuthenticatorData.js.map

dist/helpers/toHash.d.ts

@@ -7,2 +7,2 @@ /// <reference types="node" />
  */
-export default function toHash(data: Buffer | string, algo?: string): Buffer;
+export declare function toHash(data: Buffer | string, algo?: string): Buffer;

dist/helpers/toHash.js

@@ -6,2 +6,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.toHash = void 0;
 const crypto_1 = __importDefault(require("crypto"));
@@ -16,3 +17,3 @@ /**
 }
-exports.default = toHash;
+exports.toHash = toHash;
 //# sourceMappingURL=toHash.js.map

dist/helpers/validateCertificatePath.d.ts

@@ -6,2 +6,2 @@ /**
  */
-export default function validateCertificatePath(certificates: string[], rootCertificates?: string[]): Promise<boolean>;
+export declare function validateCertificatePath(certificates: string[], rootCertificates?: string[]): Promise<boolean>;

dist/helpers/validateCertificatePath.js

 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateCertificatePath = void 0;
 /* eslint-disable @typescript-eslint/ban-ts-comment */
@@ -10,3 +8,3 @@ // `ASN1HEX` exists in the lib but not in its typings
 const jsrsasign_1 = require("jsrsasign");
-const isCertRevoked_1 = __importDefault(require("./isCertRevoked"));
+const isCertRevoked_1 = require("./isCertRevoked");
 const { crypto } = jsrsasign_1.KJUR;
@@ -57,3 +55,3 @@ /**
 }
-exports.default = validateCertificatePath;
+exports.validateCertificatePath = validateCertificatePath;
 async function _validatePath(certificates) {
@@ -80,3 +78,3 @@ if (new Set(certificates).size !== certificates.length) {
         // Check for certificate revocation
-        const subjectCertRevoked = await (0, isCertRevoked_1.default)(subjectCert);
+        const subjectCertRevoked = await (0, isCertRevoked_1.isCertRevoked)(subjectCert);
         if (subjectCertRevoked) {
@@ -83,0 +81,0 @@ throw new Error(`Found revoked certificate in certificate path`);

dist/helpers/verifySignature.d.ts

@@ -10,2 +10,2 @@ /// <reference types="node" />
  */
-export default function verifySignature(signature: Buffer, signatureBase: Buffer, publicKey: string, algo?: string): boolean;
+export declare function verifySignature(signature: Buffer, signatureBase: Buffer, publicKey: string, algo?: string): boolean;

dist/helpers/verifySignature.js

@@ -6,2 +6,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifySignature = void 0;
 const crypto_1 = __importDefault(require("crypto"));
@@ -19,3 +20,3 @@ /**
 }
-exports.default = verifySignature;
+exports.verifySignature = verifySignature;
 //# sourceMappingURL=verifySignature.js.map

dist/index.d.ts

@@ -5,8 +5,8 @@ /**
  */
-import generateRegistrationOptions from './registration/generateRegistrationOptions';
-import verifyRegistrationResponse from './registration/verifyRegistrationResponse';
-import generateAuthenticationOptions from './authentication/generateAuthenticationOptions';
-import verifyAuthenticationResponse from './authentication/verifyAuthenticationResponse';
-import MetadataService from './services/metadataService';
-import SettingsService from './services/settingsService';
+import { generateRegistrationOptions } from './registration/generateRegistrationOptions';
+import { verifyRegistrationResponse } from './registration/verifyRegistrationResponse';
+import { generateAuthenticationOptions } from './authentication/generateAuthenticationOptions';
+import { verifyAuthenticationResponse } from './authentication/verifyAuthenticationResponse';
+import { MetadataService } from './services/metadataService';
+import { SettingsService } from './services/settingsService';
 export { generateRegistrationOptions, verifyRegistrationResponse, generateAuthenticationOptions as generateAuthenticationOptions, verifyAuthenticationResponse, MetadataService, SettingsService, };
@@ -13,0 +13,0 @@ import type { GenerateRegistrationOptionsOpts } from './registration/generateRegistrationOptions';

dist/index.js

 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
@@ -11,14 +8,14 @@ exports.SettingsService = exports.MetadataService = exports.verifyAuthenticationResponse = exports.generateAuthenticationOptions = exports.verifyRegistrationResponse = exports.generateRegistrationOptions = void 0;
  */
-const generateRegistrationOptions_1 = __importDefault(require("./registration/generateRegistrationOptions"));
-exports.generateRegistrationOptions = generateRegistrationOptions_1.default;
-const verifyRegistrationResponse_1 = __importDefault(require("./registration/verifyRegistrationResponse"));
-exports.verifyRegistrationResponse = verifyRegistrationResponse_1.default;
-const generateAuthenticationOptions_1 = __importDefault(require("./authentication/generateAuthenticationOptions"));
-exports.generateAuthenticationOptions = generateAuthenticationOptions_1.default;
-const verifyAuthenticationResponse_1 = __importDefault(require("./authentication/verifyAuthenticationResponse"));
-exports.verifyAuthenticationResponse = verifyAuthenticationResponse_1.default;
-const metadataService_1 = __importDefault(require("./services/metadataService"));
-exports.MetadataService = metadataService_1.default;
-const settingsService_1 = __importDefault(require("./services/settingsService"));
-exports.SettingsService = settingsService_1.default;
+const generateRegistrationOptions_1 = require("./registration/generateRegistrationOptions");
+Object.defineProperty(exports, "generateRegistrationOptions", { enumerable: true, get: function () { return generateRegistrationOptions_1.generateRegistrationOptions; } });
+const verifyRegistrationResponse_1 = require("./registration/verifyRegistrationResponse");
+Object.defineProperty(exports, "verifyRegistrationResponse", { enumerable: true, get: function () { return verifyRegistrationResponse_1.verifyRegistrationResponse; } });
+const generateAuthenticationOptions_1 = require("./authentication/generateAuthenticationOptions");
+Object.defineProperty(exports, "generateAuthenticationOptions", { enumerable: true, get: function () { return generateAuthenticationOptions_1.generateAuthenticationOptions; } });
+const verifyAuthenticationResponse_1 = require("./authentication/verifyAuthenticationResponse");
+Object.defineProperty(exports, "verifyAuthenticationResponse", { enumerable: true, get: function () { return verifyAuthenticationResponse_1.verifyAuthenticationResponse; } });
+const metadataService_1 = require("./services/metadataService");
+Object.defineProperty(exports, "MetadataService", { enumerable: true, get: function () { return metadataService_1.MetadataService; } });
+const settingsService_1 = require("./services/settingsService");
+Object.defineProperty(exports, "SettingsService", { enumerable: true, get: function () { return settingsService_1.SettingsService; } });
 //# sourceMappingURL=index.js.map

dist/metadata/parseJWT.d.ts

 /**
  * Process a JWT into Javascript-friendly data structures
  */
-export default function parseJWT<T1, T2>(jwt: string): [T1, T2, string];
+export declare function parseJWT<T1, T2>(jwt: string): [T1, T2, string];

dist/metadata/parseJWT.js

@@ -6,2 +6,3 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseJWT = void 0;
 const base64url_1 = __importDefault(require("base64url"));
@@ -19,3 +20,3 @@ /**
 }
-exports.default = parseJWT;
+exports.parseJWT = parseJWT;
 //# sourceMappingURL=parseJWT.js.map

dist/metadata/verifyAttestationWithMetadata.d.ts

@@ -8,2 +8,2 @@ /// <reference types="node" />
  */
-export default function verifyAttestationWithMetadata(statement: MetadataStatement, credentialPublicKey: Buffer, x5c: Buffer[] | Base64URLString[]): Promise<boolean>;
+export declare function verifyAttestationWithMetadata(statement: MetadataStatement, credentialPublicKey: Buffer, x5c: Buffer[] | Base64URLString[]): Promise<boolean>;

dist/metadata/verifyAttestationWithMetadata.js

 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-const convertCertBufferToPEM_1 = __importDefault(require("../helpers/convertCertBufferToPEM"));
-const validateCertificatePath_1 = __importDefault(require("../helpers/validateCertificatePath"));
-const decodeCredentialPublicKey_1 = __importDefault(require("../helpers/decodeCredentialPublicKey"));
+exports.verifyAttestationWithMetadata = void 0;
+const convertCertBufferToPEM_1 = require("../helpers/convertCertBufferToPEM");
+const validateCertificatePath_1 = require("../helpers/validateCertificatePath");
+const decodeCredentialPublicKey_1 = require("../helpers/decodeCredentialPublicKey");
 const convertCOSEtoPKCS_1 = require("../helpers/convertCOSEtoPKCS");
@@ -25,3 +23,3 @@ /**
     // Extract the public key's COSE info for comparison
-    const decodedPublicKey = (0, decodeCredentialPublicKey_1.default)(credentialPublicKey);
+    const decodedPublicKey = (0, decodeCredentialPublicKey_1.decodeCredentialPublicKey)(credentialPublicKey);
     // Assume everything is a number because these values should be
@@ -45,4 +43,4 @@ const publicKeyCOSEInfo = {
             // If not an RSA keypair then make sure curve numbers match too
-            if ((keypairAlg.kty === convertCOSEtoPKCS_1.COSEKTY.EC2 || keypairAlg.kty === convertCOSEtoPKCS_1.COSEKTY.OKP)
-                && keypairAlg.crv === publicKeyCOSEInfo.crv) {
+            if ((keypairAlg.kty === convertCOSEtoPKCS_1.COSEKTY.EC2 || keypairAlg.kty === convertCOSEtoPKCS_1.COSEKTY.OKP) &&
+                keypairAlg.crv === publicKeyCOSEInfo.crv) {
                 foundMatch = true;
@@ -65,3 +63,3 @@ }
     try {
-        await (0, validateCertificatePath_1.default)(x5c.map(convertCertBufferToPEM_1.default), statement.attestationRootCertificates.map(convertCertBufferToPEM_1.default));
+        await (0, validateCertificatePath_1.validateCertificatePath)(x5c.map(convertCertBufferToPEM_1.convertCertBufferToPEM), statement.attestationRootCertificates.map(convertCertBufferToPEM_1.convertCertBufferToPEM));
     }
@@ -74,3 +72,3 @@ catch (err) {
 }
-exports.default = verifyAttestationWithMetadata;
+exports.verifyAttestationWithMetadata = verifyAttestationWithMetadata;
 /**
@@ -77,0 +75,0 @@ * Convert ALG_SIGN values to COSE info

dist/registration/generateRegistrationOptions.d.ts

@@ -44,2 +44,2 @@ /// <reference types="node" />
  */
-export default function generateRegistrationOptions(options: GenerateRegistrationOptionsOpts): PublicKeyCredentialCreationOptionsJSON;
+export declare function generateRegistrationOptions(options: GenerateRegistrationOptionsOpts): PublicKeyCredentialCreationOptionsJSON;

dist/registration/generateRegistrationOptions.js

@@ -6,5 +6,5 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.supportedCOSEAlgorithmIdentifiers = void 0;
+exports.generateRegistrationOptions = exports.supportedCOSEAlgorithmIdentifiers = void 0;
 const base64url_1 = __importDefault(require("base64url"));
-const generateChallenge_1 = __importDefault(require("../helpers/generateChallenge"));
+const generateChallenge_1 = require("../helpers/generateChallenge");
 /**
@@ -75,3 +75,3 @@ * Supported crypto algo identifiers
 function generateRegistrationOptions(options) {
-    const { rpName, rpID, userID, userName, challenge = (0, generateChallenge_1.default)(), userDisplayName = userName, timeout = 60000, attestationType = 'none', excludeCredentials = [], authenticatorSelection = defaultAuthenticatorSelection, extensions, supportedAlgorithmIDs = defaultSupportedAlgorithmIDs, } = options;
+    const { rpName, rpID, userID, userName, challenge = (0, generateChallenge_1.generateChallenge)(), userDisplayName = userName, timeout = 60000, attestationType = 'none', excludeCredentials = [], authenticatorSelection = defaultAuthenticatorSelection, extensions, supportedAlgorithmIDs = defaultSupportedAlgorithmIDs, } = options;
     /**
@@ -118,3 +118,3 @@ * Prepare pubKeyCredParams from the array of algorithm ID's
 }
-exports.default = generateRegistrationOptions;
+exports.generateRegistrationOptions = generateRegistrationOptions;
 //# sourceMappingURL=generateRegistrationOptions.js.map

dist/registration/verifications/tpm/parseCertInfo.d.ts

@@ -5,3 +5,3 @@ /// <reference types="node" />
  */
-export default function parseCertInfo(certInfo: Buffer): ParsedCertInfo;
+export declare function parseCertInfo(certInfo: Buffer): ParsedCertInfo;
 declare type ParsedCertInfo = {
@@ -8,0 +8,0 @@ magic: number;

dist/registration/verifications/tpm/parseCertInfo.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.parseCertInfo = void 0;
 const constants_1 = require("./constants");
@@ -52,3 +53,3 @@ /**
 }
-exports.default = parseCertInfo;
+exports.parseCertInfo = parseCertInfo;
 //# sourceMappingURL=parseCertInfo.js.map

dist/registration/verifications/tpm/parsePubArea.d.ts

@@ -5,3 +5,3 @@ /// <reference types="node" />
  */
-export default function parsePubArea(pubArea: Buffer): ParsedPubArea;
+export declare function parsePubArea(pubArea: Buffer): ParsedPubArea;
 declare type ParsedPubArea = {
@@ -8,0 +8,0 @@ type: 'TPM_ALG_RSA' | 'TPM_ALG_ECC';

dist/registration/verifications/tpm/parsePubArea.js

 "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.parsePubArea = void 0;
 const constants_1 = require("./constants");
@@ -66,3 +67,3 @@ /**
 }
-exports.default = parsePubArea;
+exports.parsePubArea = parsePubArea;
 //# sourceMappingURL=parsePubArea.js.map

dist/registration/verifyRegistrationResponse.d.ts

 /// <reference types="node" />
 import { RegistrationCredentialJSON, COSEAlgorithmIdentifier, CredentialDeviceType } from '@simplewebauthn/typescript-types';
 import { AttestationFormat, AttestationStatement } from '../helpers/decodeAttestationObject';
+import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions';
 export declare type VerifyRegistrationResponseOpts = {
@@ -27,3 +28,3 @@ credential: RegistrationCredentialJSON;
  */
-export default function verifyRegistrationResponse(options: VerifyRegistrationResponseOpts): Promise<VerifiedRegistrationResponse>;
+export declare function verifyRegistrationResponse(options: VerifyRegistrationResponseOpts): Promise<VerifiedRegistrationResponse>;
 /**
@@ -49,2 +50,4 @@ * Result of registration verification
  * reference!**
+ * @param registrationInfo?.authenticatorExtensionResults The authenticator extensions returned
+ * by the browser
  */
@@ -59,3 +62,3 @@ export declare type VerifiedRegistrationResponse = {
         credentialPublicKey: Buffer;
-        credentialType: "public-key";
+        credentialType: 'public-key';
         attestationObject: Buffer;
@@ -65,2 +68,3 @@ userVerified: boolean;
         credentialBackedUp: boolean;
+        authenticatorExtensionResults?: AuthenticationExtensionsAuthenticatorOutputs;
     };
@@ -67,0 +71,0 @@ };

dist/registration/verifyRegistrationResponse.js

@@ -6,19 +6,20 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.verifyRegistrationResponse = void 0;
 const base64url_1 = __importDefault(require("base64url"));
-const decodeAttestationObject_1 = __importDefault(require("../helpers/decodeAttestationObject"));
-const decodeClientDataJSON_1 = __importDefault(require("../helpers/decodeClientDataJSON"));
-const parseAuthenticatorData_1 = __importDefault(require("../helpers/parseAuthenticatorData"));
-const toHash_1 = __importDefault(require("../helpers/toHash"));
-const decodeCredentialPublicKey_1 = __importDefault(require("../helpers/decodeCredentialPublicKey"));
+const decodeAttestationObject_1 = require("../helpers/decodeAttestationObject");
+const decodeClientDataJSON_1 = require("../helpers/decodeClientDataJSON");
+const parseAuthenticatorData_1 = require("../helpers/parseAuthenticatorData");
+const toHash_1 = require("../helpers/toHash");
+const decodeCredentialPublicKey_1 = require("../helpers/decodeCredentialPublicKey");
 const convertCOSEtoPKCS_1 = require("../helpers/convertCOSEtoPKCS");
-const convertAAGUIDToString_1 = __importDefault(require("../helpers/convertAAGUIDToString"));
+const convertAAGUIDToString_1 = require("../helpers/convertAAGUIDToString");
 const parseBackupFlags_1 = require("../helpers/parseBackupFlags");
-const settingsService_1 = __importDefault(require("../services/settingsService"));
+const settingsService_1 = require("../services/settingsService");
 const generateRegistrationOptions_1 = require("./generateRegistrationOptions");
-const verifyFIDOU2F_1 = __importDefault(require("./verifications/verifyFIDOU2F"));
-const verifyPacked_1 = __importDefault(require("./verifications/verifyPacked"));
-const verifyAndroidSafetyNet_1 = __importDefault(require("./verifications/verifyAndroidSafetyNet"));
-const verifyTPM_1 = __importDefault(require("./verifications/tpm/verifyTPM"));
-const verifyAndroidKey_1 = __importDefault(require("./verifications/verifyAndroidKey"));
-const verifyApple_1 = __importDefault(require("./verifications/verifyApple"));
+const verifyAttestationFIDOU2F_1 = require("./verifications/verifyAttestationFIDOU2F");
+const verifyAttestationPacked_1 = require("./verifications/verifyAttestationPacked");
+const verifyAttestationAndroidSafetyNet_1 = require("./verifications/verifyAttestationAndroidSafetyNet");
+const verifyAttestationTPM_1 = require("./verifications/tpm/verifyAttestationTPM");
+const verifyAttestationAndroidKey_1 = require("./verifications/verifyAttestationAndroidKey");
+const verifyAttestationApple_1 = require("./verifications/verifyAttestationApple");
 /**
@@ -54,3 +55,3 @@ * Verify that the user has legitimately completed the registration process
     }
-    const clientDataJSON = (0, decodeClientDataJSON_1.default)(response.clientDataJSON);
+    const clientDataJSON = (0, decodeClientDataJSON_1.decodeClientDataJSON)(response.clientDataJSON);
     const { type, origin, challenge, tokenBinding } = clientDataJSON;
@@ -90,10 +91,10 @@ // Make sure we're handling an registration
     const attestationObject = base64url_1.default.toBuffer(response.attestationObject);
-    const decodedAttestationObject = (0, decodeAttestationObject_1.default)(attestationObject);
+    const decodedAttestationObject = (0, decodeAttestationObject_1.decodeAttestationObject)(attestationObject);
     const { fmt, authData, attStmt } = decodedAttestationObject;
-    const parsedAuthData = (0, parseAuthenticatorData_1.default)(authData);
-    const { aaguid, rpIdHash, flags, credentialID, counter, credentialPublicKey } = parsedAuthData;
+    const parsedAuthData = (0, parseAuthenticatorData_1.parseAuthenticatorData)(authData);
+    const { aaguid, rpIdHash, flags, credentialID, counter, credentialPublicKey, extensionsData } = parsedAuthData;
     // Make sure the response's RP ID is ours
     if (expectedRPID) {
         if (typeof expectedRPID === 'string') {
-            const expectedRPIDHash = (0, toHash_1.default)(Buffer.from(expectedRPID, 'ascii'));
+            const expectedRPIDHash = (0, toHash_1.toHash)(Buffer.from(expectedRPID, 'ascii'));
             if (!rpIdHash.equals(expectedRPIDHash)) {
@@ -106,3 +107,3 @@ throw new Error(`Unexpected RP ID hash`);
             const foundMatch = expectedRPID.some(expected => {
-                const expectedRPIDHash = (0, toHash_1.default)(Buffer.from(expected, 'ascii'));
+                const expectedRPIDHash = (0, toHash_1.toHash)(Buffer.from(expected, 'ascii'));
                 return rpIdHash.equals(expectedRPIDHash);
@@ -132,3 +133,3 @@ });
     }
-    const decodedPublicKey = (0, decodeCredentialPublicKey_1.default)(credentialPublicKey);
+    const decodedPublicKey = (0, decodeCredentialPublicKey_1.decodeCredentialPublicKey)(credentialPublicKey);
     const alg = decodedPublicKey.get(convertCOSEtoPKCS_1.COSEKEYS.alg);
@@ -143,4 +144,4 @@ if (typeof alg !== 'number') {
     }
-    const clientDataHash = (0, toHash_1.default)(base64url_1.default.toBuffer(response.clientDataJSON));
-    const rootCertificates = settingsService_1.default.getRootCertificates({ identifier: fmt });
+    const clientDataHash = (0, toHash_1.toHash)(base64url_1.default.toBuffer(response.clientDataJSON));
+    const rootCertificates = settingsService_1.SettingsService.getRootCertificates({ identifier: fmt });
     // Prepare arguments to pass to the relevant verification method
@@ -162,18 +163,18 @@ const verifierOpts = {
     if (fmt === 'fido-u2f') {
-        verified = await (0, verifyFIDOU2F_1.default)(verifierOpts);
+        verified = await (0, verifyAttestationFIDOU2F_1.verifyAttestationFIDOU2F)(verifierOpts);
     }
     else if (fmt === 'packed') {
-        verified = await (0, verifyPacked_1.default)(verifierOpts);
+        verified = await (0, verifyAttestationPacked_1.verifyAttestationPacked)(verifierOpts);
     }
     else if (fmt === 'android-safetynet') {
-        verified = await (0, verifyAndroidSafetyNet_1.default)(verifierOpts);
+        verified = await (0, verifyAttestationAndroidSafetyNet_1.verifyAttestationAndroidSafetyNet)(verifierOpts);
     }
     else if (fmt === 'android-key') {
-        verified = await (0, verifyAndroidKey_1.default)(verifierOpts);
+        verified = await (0, verifyAttestationAndroidKey_1.verifyAttestationAndroidKey)(verifierOpts);
     }
     else if (fmt === 'tpm') {
-        verified = await (0, verifyTPM_1.default)(verifierOpts);
+        verified = await (0, verifyAttestationTPM_1.verifyAttestationTPM)(verifierOpts);
     }
     else if (fmt === 'apple') {
-        verified = await (0, verifyApple_1.default)(verifierOpts);
+        verified = await (0, verifyAttestationApple_1.verifyAttestationApple)(verifierOpts);
     }
@@ -198,3 +199,3 @@ else if (fmt === 'none') {
             counter,
-            aaguid: (0, convertAAGUIDToString_1.default)(aaguid),
+            aaguid: (0, convertAAGUIDToString_1.convertAAGUIDToString)(aaguid),
             credentialID,
@@ -207,2 +208,3 @@ credentialPublicKey,
             credentialBackedUp,
+            authenticatorExtensionResults: extensionsData,
         };
@@ -212,3 +214,3 @@ }
 }
-exports.default = verifyRegistrationResponse;
+exports.verifyRegistrationResponse = verifyRegistrationResponse;
 //# sourceMappingURL=verifyRegistrationResponse.js.map

dist/services/metadataService.d.ts

@@ -53,3 +53,3 @@ /// <reference types="node" />
 }
-declare const MetadataService: BaseMetadataService;
-export default MetadataService;
+export declare const MetadataService: BaseMetadataService;
+export {};

dist/services/metadataService.js

@@ -6,11 +6,11 @@ "use strict";
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.BaseMetadataService = void 0;
+exports.MetadataService = exports.BaseMetadataService = void 0;
 const node_fetch_1 = __importDefault(require("node-fetch"));
 const jsrsasign_1 = require("jsrsasign");
-const validateCertificatePath_1 = __importDefault(require("../helpers/validateCertificatePath"));
-const convertCertBufferToPEM_1 = __importDefault(require("../helpers/convertCertBufferToPEM"));
-const convertAAGUIDToString_1 = __importDefault(require("../helpers/convertAAGUIDToString"));
-const settingsService_1 = __importDefault(require("../services/settingsService"));
+const validateCertificatePath_1 = require("../helpers/validateCertificatePath");
+const convertCertBufferToPEM_1 = require("../helpers/convertCertBufferToPEM");
+const convertAAGUIDToString_1 = require("../helpers/convertAAGUIDToString");
+const settingsService_1 = require("../services/settingsService");
 const logging_1 = require("../helpers/logging");
-const parseJWT_1 = __importDefault(require("../metadata/parseJWT"));
+const parseJWT_1 = require("../metadata/parseJWT");
 const defaultURLMDS = 'https://mds.fidoalliance.org/'; // v3
@@ -51,3 +51,3 @@ var SERVICE_STATE;
     async initialize(opts = {}) {
-        const { mdsServers = [defaultURLMDS], statements, verificationMode, } = opts;
+        const { mdsServers = [defaultURLMDS], statements, verificationMode } = opts;
         this.setState(SERVICE_STATE.REFRESHING);
@@ -116,3 +116,3 @@ // If metadata statements are provided, load them into the cache first
         if (aaguid instanceof Buffer) {
-            aaguid = (0, convertAAGUIDToString_1.default)(aaguid);
+            aaguid = (0, convertAAGUIDToString_1.convertAAGUIDToString)(aaguid);
         }
@@ -167,3 +167,3 @@ // If a cache refresh is in progress then pause this until the service is ready
         // Parse the JWT
-        const parsedJWT = (0, parseJWT_1.default)(data);
+        const parsedJWT = (0, parseJWT_1.parseJWT)(data);
         const header = parsedJWT[0];
@@ -176,7 +176,7 @@ const payload = parsedJWT[1];
         }
-        const headerCertsPEM = header.x5c.map(convertCertBufferToPEM_1.default);
+        const headerCertsPEM = header.x5c.map(convertCertBufferToPEM_1.convertCertBufferToPEM);
         try {
             // Validate the certificate chain
-            const rootCerts = settingsService_1.default.getRootCertificates({ identifier: 'mds' });
-            await (0, validateCertificatePath_1.default)(headerCertsPEM, rootCerts);
+            const rootCerts = settingsService_1.SettingsService.getRootCertificates({ identifier: 'mds' });
+            await (0, validateCertificatePath_1.validateCertificatePath)(headerCertsPEM, rootCerts);
         }
@@ -266,4 +266,3 @@ catch (error) {
 // Export a service singleton
-const MetadataService = new BaseMetadataService();
-exports.default = MetadataService;
+exports.MetadataService = new BaseMetadataService();
 //# sourceMappingURL=metadataService.js.map

dist/services/settingsService.d.ts

 /// <reference types="node" />
 import { AttestationFormat } from '../helpers/decodeAttestationObject';
 declare type RootCertIdentifier = AttestationFormat | 'mds';
-declare class SettingsService {
+declare class BaseSettingsService {
     private pemCertificates;
@@ -25,3 +25,3 @@ constructor();
 }
-declare const settingsService: SettingsService;
-export default settingsService;
+export declare const SettingsService: BaseSettingsService;
+export {};

dist/services/settingsService.js

 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-const convertCertBufferToPEM_1 = __importDefault(require("../helpers/convertCertBufferToPEM"));
+exports.SettingsService = void 0;
+const convertCertBufferToPEM_1 = require("../helpers/convertCertBufferToPEM");
 const android_safetynet_1 = require("./defaultRootCerts/android-safetynet");
@@ -11,3 +9,3 @@ const android_key_1 = require("./defaultRootCerts/android-key");
 const mds_1 = require("./defaultRootCerts/mds");
-class SettingsService {
+class BaseSettingsService {
     constructor() {
@@ -28,3 +26,3 @@ this.pemCertificates = new Map();
             if (cert instanceof Buffer) {
-                newCertificates.push((0, convertCertBufferToPEM_1.default)(cert));
+                newCertificates.push((0, convertCertBufferToPEM_1.convertCertBufferToPEM)(cert));
             }
@@ -46,21 +44,20 @@ else {
 }
-const settingsService = new SettingsService();
+exports.SettingsService = new BaseSettingsService();
 // Initialize default certificates
-settingsService.setRootCertificates({
+exports.SettingsService.setRootCertificates({
     identifier: 'android-key',
     certificates: [android_key_1.Google_Hardware_Attestation_Root_1, android_key_1.Google_Hardware_Attestation_Root_2],
 });
-settingsService.setRootCertificates({
+exports.SettingsService.setRootCertificates({
     identifier: 'android-safetynet',
     certificates: [android_safetynet_1.GlobalSign_Root_CA],
 });
-settingsService.setRootCertificates({
+exports.SettingsService.setRootCertificates({
     identifier: 'apple',
     certificates: [apple_1.Apple_WebAuthn_Root_CA],
 });
-settingsService.setRootCertificates({
+exports.SettingsService.setRootCertificates({
     identifier: 'mds',
     certificates: [mds_1.GlobalSign_Root_CA_R3],
 });
-exports.default = settingsService;
 //# sourceMappingURL=settingsService.js.map

package.json

 {
   "name": "@simplewebauthn/server",
-  "version": "5.3.0",
+  "version": "5.4.0",
   "description": "SimpleWebAuthn for Servers",
@@ -52,3 +52,3 @@ "main": "dist/index.js",
     "@peculiar/asn1-x509": "^2.1.7",
-    "@simplewebauthn/typescript-types": "^5.3.0",
+    "@simplewebauthn/typescript-types": "^5.4.0",
     "base64url": "^3.0.1",
@@ -63,3 +63,3 @@ "cbor": "^5.1.0",
   },
-  "gitHead": "ad8b71fb26330f123155ec8467dd8f2ffedc0986",
+  "gitHead": "c41351664e47b0606d49da435298ef588bfe137f",
   "devDependencies": {
@@ -66,0 +66,0 @@ "@types/cbor": "^5.0.1",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

252779

increased by1.38%

Number of package files

132

increased by2.33%

Lines of code

3904

increased by0.33%

Dependency changes

• Updated@simplewebauthn/typescript-types@^5.4.0