Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add/improve support for native JSON APIs #41

Open
Firehed opened this issue Nov 15, 2023 · 0 comments
Open

Add/improve support for native JSON APIs #41

Firehed opened this issue Nov 15, 2023 · 0 comments
Labels
enhancement New feature or request
Milestone
1.1+

Comments

@Firehed
Copy link
Owner

Firehed commented Nov 15, 2023

The next draft of WebAuthn (level 3) adds some major ergonomic improvements to the client side of the flows:

  • static PublicKeyCredential.parseCreationOptionsFromJSON()
  • static PublicKeyCredential.parseRequestOptionsFromJSON()
  • PublicKeyCredential.toJSON()

These methods collectively remove a lot of fussiness from client code, particularly around ArrayBuffer handling. They also add a de-facto standard wire format for client-to-server communication.

While these are only (as of writing) supported natively in Firefox, there's a library available to aid the transition until it has wider support (while experimenting with it, it did appear to deviate from the spec in the sense that some required fields were not present, but this should be inconsequential)

The library should add native support for these formats, as it can greatly improve ergonomics. I'm inclined to retain support for the original versions as well, since browser support may take a while and not everyone will want or be able to use the library. It's also well-tested and updating tests vectors may introduce unnecessary risk. Having said that, supporting only a single format is nice.
@Firehed Firehed added the enhancement New feature or request label Nov 15, 2023
@Firehed Firehed added this to the 1.1+ milestone Nov 15, 2023
This was referenced Nov 15, 2023
Closed
Merged
Firehed added a commit that referenced this issue Nov 17, 2023
@Firehed
Add parser for native toJSON formats (#45)
efccbdf 
This adds response parsers for the recently-added
[toJSON()](https://www.w3.org/TR/webauthn-3/#dom-publickeycredential-tojson)
response formats.

Progress towards #41, which will be completed when there's message
generators that complement the
`PublicKeyCredential.parse{Creation|Request}OptionsFromJSON()` methods.
This was referenced Nov 17, 2023
Merged
Open
Firehed added a commit that referenced this issue Nov 18, 2023
@Firehed
Restructure base64URL handling (#46)
f89a112 
The conversion is only really done in the context of a BinaryString, so
having the logic split out into a different class didn't make a lot of
sense. As a result, it's being consolidated. In addition to
organization, this should make completion of #41 easier, specifically
for emitting formats that match
`PublicKeyCredential.parse{Creation|Request}OptionsFromJSON()` methods.
@Firehed Firehed mentioned this issue Feb 14, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
1.1+
Development

No branches or pull requests
1 participant
@Firehed