New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
@simplewebauthn/typescript-types
Advanced tools
@simplewebauthn/typescript-types - npm Package Compare versions
Comparing version 0.4.0 to 0.5.0
@@ -1,3 +0,7 @@ | ||
| /// <reference types="node" /> | ||
| /** | ||
| * @packageDocumentation | ||
| * @module @simplewebauthn/typescript-types | ||
| * @preferred | ||
| */ | ||
| /** | ||
| * A variant of PublicKeyCredentialCreationOptions suitable for JSON transmission to the browser to | ||
@@ -8,3 +12,3 @@ * (eventually) get passed into navigator.credentials.create(...) in the browser. | ||
| user: PublicKeyCredentialUserEntityJSON; | ||
| challenge: string; | ||
| challenge: Base64URLString; | ||
| excludeCredentials: PublicKeyCredentialDescriptorJSON[]; | ||
@@ -17,10 +21,10 @@ } | ||
| export interface PublicKeyCredentialRequestOptionsJSON extends Omit<PublicKeyCredentialRequestOptions, 'challenge' | 'allowCredentials'> { | ||
| challenge: string; | ||
| challenge: Base64URLString; | ||
| allowCredentials: PublicKeyCredentialDescriptorJSON[]; | ||
| } | ||
| export interface PublicKeyCredentialDescriptorJSON extends Omit<PublicKeyCredentialDescriptor, 'id'> { | ||
| id: string; | ||
| id: Base64URLString; | ||
| } | ||
| export interface PublicKeyCredentialUserEntityJSON extends Omit<PublicKeyCredentialUserEntity, 'id'> { | ||
| id: string; | ||
| id: Base64URLString; | ||
| } | ||
@@ -34,2 +38,10 @@ /** | ||
| /** | ||
| * A slightly-modified AttestationCredential to simplify working with ArrayBuffers that | ||
| * are base64url-encoded in the browser so that they can be sent as JSON to the server. | ||
| */ | ||
| export interface AttestationCredentialJSON extends Omit<AttestationCredential, 'response' | 'rawId' | 'getClientExtensionResults'> { | ||
| rawId: Base64URLString; | ||
| response: AuthenticatorAttestationResponseJSON; | ||
| } | ||
| /** | ||
| * The value returned from navigator.credentials.get() | ||
@@ -41,135 +53,31 @@ */ | ||
| /** | ||
| * A slightly-modified AuthenticatorAttestationResponse to simplify working with ArrayBuffers that | ||
| * are base64-encoded in the browser so that they can be sent as JSON to the server. | ||
| * A slightly-modified AssertionCredential to simplify working with ArrayBuffers that | ||
| * are base64url-encoded in the browser so that they can be sent as JSON to the server. | ||
| */ | ||
| export interface AuthenticatorAttestationResponseJSON extends Omit<AuthenticatorAttestationResponse, 'clientDataJSON' | 'attestationObject'> { | ||
| base64ClientDataJSON: string; | ||
| base64AttestationObject: string; | ||
| export interface AssertionCredentialJSON extends Omit<AssertionCredential, 'response' | 'rawId' | 'getClientExtensionResults'> { | ||
| rawId: Base64URLString; | ||
| response: AuthenticatorAssertionResponseJSON; | ||
| } | ||
| /** | ||
| * A slightly-modified AuthenticatorAttestationResponse to simplify working with ArrayBuffers that | ||
| * are base64-encoded in the browser so that they can be sent as JSON to the server. | ||
| */ | ||
| export interface AuthenticatorAssertionResponseJSON extends Omit<AuthenticatorAssertionResponse, 'clientDataJSON' | 'authenticatorData' | 'signature' | 'userHandle'> { | ||
| base64CredentialID: string; | ||
| base64AuthenticatorData: string; | ||
| base64ClientDataJSON: string; | ||
| base64Signature: string; | ||
| base64UserHandle?: string; | ||
| interface AuthenticatorAttestationResponseJSON extends Omit<AuthenticatorAttestationResponse, 'clientDataJSON' | 'attestationObject'> { | ||
| clientDataJSON: Base64URLString; | ||
| attestationObject: Base64URLString; | ||
| } | ||
| export declare enum ATTESTATION_FORMATS { | ||
| FIDO_U2F = "fido-u2f", | ||
| PACKED = "packed", | ||
| ANDROID_SAFETYNET = "android-safetynet", | ||
| NONE = "none" | ||
| interface AuthenticatorAssertionResponseJSON extends Omit<AuthenticatorAssertionResponse, 'authenticatorData' | 'clientDataJSON' | 'signature' | 'userHandle'> { | ||
| authenticatorData: Base64URLString; | ||
| clientDataJSON: Base64URLString; | ||
| signature: Base64URLString; | ||
| userHandle?: Base64URLString; | ||
| } | ||
| export declare type AttestationObject = { | ||
| fmt: ATTESTATION_FORMATS; | ||
| attStmt: { | ||
| sig?: Buffer; | ||
| x5c?: Buffer[]; | ||
| response?: Buffer; | ||
| }; | ||
| authData: Buffer; | ||
| }; | ||
| export declare type ParsedAuthenticatorData = { | ||
| rpIdHash: Buffer; | ||
| flagsBuf: Buffer; | ||
| flags: { | ||
| up: boolean; | ||
| uv: boolean; | ||
| at: boolean; | ||
| ed: boolean; | ||
| flagsInt: number; | ||
| }; | ||
| counter: number; | ||
| counterBuf: Buffer; | ||
| aaguid?: Buffer; | ||
| credentialID?: Buffer; | ||
| COSEPublicKey?: Buffer; | ||
| }; | ||
| export declare type ClientDataJSON = { | ||
| type: string; | ||
| challenge: string; | ||
| origin: string; | ||
| }; | ||
| /** | ||
| * Result of attestation verification | ||
| * | ||
| * @param verified If the assertion response could be verified | ||
| * @param userVerified Whether the user was uniquely identified during attestation | ||
| * @param authenticatorInfo.fmt Type of attestation | ||
| * @param authenticatorInfo.counter The number of times the authenticator reported it has been used. | ||
| * Should be kept in a DB for later reference to help prevent replay attacks | ||
| * @param authenticatorInfo.base64PublicKey Base64-encoded ArrayBuffer containing the | ||
| * authenticator's public key. **Should be kept in a DB for later reference!** | ||
| * @param authenticatorInfo.base64CredentialID Base64-encoded ArrayBuffer containing the | ||
| * authenticator's credential ID for the public key above. **Should be kept in a DB for later | ||
| * reference!** | ||
| */ | ||
| export declare type VerifiedAttestation = { | ||
| verified: boolean; | ||
| userVerified: boolean; | ||
| authenticatorInfo?: { | ||
| fmt: ATTESTATION_FORMATS; | ||
| counter: number; | ||
| base64PublicKey: string; | ||
| base64CredentialID: string; | ||
| }; | ||
| }; | ||
| /** | ||
| * Result of assertion verification | ||
| * | ||
| * @param verified If the assertion response could be verified | ||
| * @param authenticatorInfo.base64CredentialID The ID of the authenticator used during assertion. | ||
| * Should be used to identify which DB authenticator entry needs its `counter` updated to the value | ||
| * below | ||
| * @param authenticatorInfo.counter The number of times the authenticator identified above reported | ||
| * it has been used. **Should be kept in a DB for later reference to help prevent replay attacks!** | ||
| */ | ||
| export declare type VerifiedAssertion = { | ||
| verified: boolean; | ||
| authenticatorInfo: { | ||
| counter: number; | ||
| base64CredentialID: string; | ||
| }; | ||
| }; | ||
| export declare type CertificateInfo = { | ||
| subject: { | ||
| [key: string]: string; | ||
| }; | ||
| version: number; | ||
| basicConstraintsCA: boolean; | ||
| }; | ||
| export declare enum COSEKEYS { | ||
| kty = 1, | ||
| alg = 3, | ||
| crv = -1, | ||
| x = -2, | ||
| y = -3, | ||
| n = -1, | ||
| e = -2 | ||
| } | ||
| export declare type COSEPublicKey = Map<COSEAlgorithmIdentifier, number | Buffer>; | ||
| export declare type SafetyNetJWTHeader = { | ||
| alg: 'string'; | ||
| x5c: string[]; | ||
| }; | ||
| export declare type SafetyNetJWTPayload = { | ||
| nonce: string; | ||
| timestampMs: number; | ||
| apkPackageName: string; | ||
| apkDigestSha256: string; | ||
| ctsProfileMatch: boolean; | ||
| apkCertificateDigestSha256: string[]; | ||
| basicIntegrity: boolean; | ||
| }; | ||
| export declare type SafetyNetJWTSignature = string; | ||
| /** | ||
| * A WebAuthn-compatible device and the information needed to verify assertions by it | ||
| */ | ||
| export declare type AuthenticatorDevice = { | ||
| base64PublicKey: string; | ||
| base64CredentialID: string; | ||
| publicKey: Base64URLString; | ||
| credentialID: Base64URLString; | ||
| counter: number; | ||
| }; | ||
| /** | ||
| * An attempt to communicate that this isn't just any string, but a base64url-encoded string | ||
| */ | ||
| export declare type Base64URLString = string; | ||
| export {}; |
| "use strict"; | ||
| Object.defineProperty(exports, "__esModule", { value: true }); | ||
| exports.COSEKEYS = exports.ATTESTATION_FORMATS = void 0; | ||
| var ATTESTATION_FORMATS; | ||
| (function (ATTESTATION_FORMATS) { | ||
| ATTESTATION_FORMATS["FIDO_U2F"] = "fido-u2f"; | ||
| ATTESTATION_FORMATS["PACKED"] = "packed"; | ||
| ATTESTATION_FORMATS["ANDROID_SAFETYNET"] = "android-safetynet"; | ||
| ATTESTATION_FORMATS["NONE"] = "none"; | ||
| })(ATTESTATION_FORMATS = exports.ATTESTATION_FORMATS || (exports.ATTESTATION_FORMATS = {})); | ||
| var COSEKEYS; | ||
| (function (COSEKEYS) { | ||
| COSEKEYS[COSEKEYS["kty"] = 1] = "kty"; | ||
| COSEKEYS[COSEKEYS["alg"] = 3] = "alg"; | ||
| COSEKEYS[COSEKEYS["crv"] = -1] = "crv"; | ||
| COSEKEYS[COSEKEYS["x"] = -2] = "x"; | ||
| COSEKEYS[COSEKEYS["y"] = -3] = "y"; | ||
| COSEKEYS[COSEKEYS["n"] = -1] = "n"; | ||
| COSEKEYS[COSEKEYS["e"] = -2] = "e"; | ||
| })(COSEKEYS = exports.COSEKEYS || (exports.COSEKEYS = {})); | ||
| //# sourceMappingURL=index.js.map |
| { | ||
| "name": "@simplewebauthn/typescript-types", | ||
| "version": "0.4.0", | ||
| "version": "0.5.0", | ||
| "description": "TypeScript types used by the @simplewebauthn series of libraries", | ||
@@ -22,3 +22,3 @@ "main": "dist/index.js", | ||
| ], | ||
| "gitHead": "edca8a8ba7014118db5d4687e6069dbbc7be3e56" | ||
| "gitHead": "8feadcb47dbb7c06de278e9abfd9c28ae8e2b905" | ||
| } |
Sorry, the diff of this file is not supported yet
No alert changes
Worsened metrics
- Total package byte prevSize
- decreased by-45.16%
4587
- Lines of code
- decreased by-57.59%
81
No dependency changes