From 7fe4a888669279f5ba031d0278f8a180c895d5e8 Mon Sep 17 00:00:00 2001 From: Wessel dR Date: Mon, 15 Jul 2019 22:50:20 +0200 Subject: [PATCH 1/2] Update main.js Changed property _authenticatorSelectionCriteria_ into _authenticatorSelection_. Also fixed the property name of The w3c writes "authenticatorSelection, of type AuthenticatorSelectionCriteria". (https://www.w3.org/TR/webauthn/#dom-publickeycredentialcreationoptions-authenticatorselection) _userVerification_ is now working, when set to "required" it enforces a PIN setup during attestation and asks for a pin during assertion. Changed "attachment" into authenticatorAttachment, is now also working for "platform" and "cross-platform" also tested and working now with both Solo & Yubi... well both devices are rejected when in platform mode and that is according to specs :-) --- lib/main.js | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/lib/main.js b/lib/main.js index a8a5f0ce..47f9cca1 100644 --- a/lib/main.js +++ b/lib/main.js @@ -207,10 +207,10 @@ class Fido2Lib { if (this.config.authenticatorAttachment !== undefined || this.config.authenticatorRequireResidentKey !== undefined || this.config.authenticatorUserVerification !== undefined) { - options.authenticatorSelectionCriteria = {}; - setOpt(options.authenticatorSelectionCriteria, "attachment", this.config.authenticatorAttachment); - setOpt(options.authenticatorSelectionCriteria, "requireResidentKey", this.config.authenticatorRequireResidentKey); - setOpt(options.authenticatorSelectionCriteria, "userVerification", this.config.authenticatorUserVerification); + options.authenticatorSelection = {}; + setOpt(options.authenticatorSelection, "authenticatorAttachment", this.config.authenticatorAttachment); + setOpt(options.authenticatorSelection, "requireResidentKey", this.config.authenticatorRequireResidentKey); + setOpt(options.authenticatorSelection, "userVerification", this.config.authenticatorUserVerification); } setOpt(options, "rawChallenge", rawChallenge); From 614e9b6035124e9c469dab07f43e4b5f05da3e34 Mon Sep 17 00:00:00 2001 From: Wessel de Roode Date: Tue, 16 Jul 2019 10:30:51 +0200 Subject: [PATCH 2/2] Fixed unit tests --- test/mainTest.js | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/test/mainTest.js b/test/mainTest.js index 6b9cef30..bf9716c0 100644 --- a/test/mainTest.js +++ b/test/mainTest.js @@ -428,13 +428,13 @@ describe("Fido2Lib", function() { ]); assert.isNumber(opts.timeout); assert.strictEqual(opts.timeout, 42); - assert.isObject(opts.authenticatorSelectionCriteria); - assert.isString(opts.authenticatorSelectionCriteria.attachment); - assert.strictEqual(opts.authenticatorSelectionCriteria.attachment, "platform"); - assert.isBoolean(opts.authenticatorSelectionCriteria.requireResidentKey); - assert.strictEqual(opts.authenticatorSelectionCriteria.requireResidentKey, false); - assert.isString(opts.authenticatorSelectionCriteria.userVerification); - assert.strictEqual(opts.authenticatorSelectionCriteria.userVerification, "required"); + assert.isObject(opts.authenticatorSelection); + assert.isString(opts.authenticatorSelection.authenticatorAttachment); + assert.strictEqual(opts.authenticatorSelection.authenticatorAttachment, "platform"); + assert.isBoolean(opts.authenticatorSelection.requireResidentKey); + assert.strictEqual(opts.authenticatorSelection.requireResidentKey, false); + assert.isString(opts.authenticatorSelection.userVerification); + assert.strictEqual(opts.authenticatorSelection.userVerification, "required"); assert.isString(opts.attestation); assert.strictEqual(opts.attestation, "none"); });