new Fido2Lib(opts)
Creates a FIDO2 server class
Parameters:
Name | Type | Description | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
opts |
Object | Options for the server Properties
|
Methods
(static) addAttestationFormat(fmt, parseFn, validateFn)
Adds a new attestation format that will automatically be recognized and parsed for any future Fido2CreateRequest messages
Parameters:
Name | Type | Description |
---|---|---|
fmt |
String | The name of the attestation format, as it appears in the ARIN registry and / or as it will appear in the Fido2CreateRequest message that is received |
parseFn |
function | The function that will be called to parse the
attestation format. It will receive the |
validateFn |
function | The function that will be called to validate the
attestation format. It will receive no arguments, as all the necessary
information for validating the attestation statement will be contained in the
calling context ( |
(static) addExtension(extName, optionGeneratorFn, resultParserFn, resultValidatorFn)
Adds a new global extension that will be available to all instantiations of Fido2Lib. Note that the extension must still be enabled by calling enableExtension for each instantiation of a Fido2Lib.
Parameters:
Name | Type | Description |
---|---|---|
extName |
String | The name of the extension to add. (e.g. - "appid") |
optionGeneratorFn |
function | Extensions are included in |
resultParserFn |
function | [description] |
resultValidatorFn |
function | [description] |
(async, static) addMdsCollection(mdsCollection)
- Source:
- See:
Adds a new MdsCollection to the global MDS collection list that will be used for findMdsEntry
Parameters:
Name | Type | Description |
---|---|---|
mdsCollection |
MdsCollection | The MDS collection that will be used |
(static) clearMdsCollections()
Removes all entries from the global MDS collections list. Mostly used for testing.
(static) createMdsCollection(collectionName) → {MdsCollection}
- Source:
- See:
Creates a new MdsCollection
Parameters:
Name | Type | Description |
---|---|---|
collectionName |
String | The name of the collection to create. Used to identify the source of a MdsEntry when Fido2Lib#findMdsEntry finds multiple matching entries from different sources (e.g. FIDO MDS 1 & FIDO MDS 2) |
Returns:
The MdsCollection that was created
- Type
- MdsCollection
(static) deleteAllAttestationFormats()
Deletes all currently registered attestation formats.
(static) deleteAllExtensions()
Removes all extensions from the global extension registry. Mostly used for testing.
(static) findMdsEntry(id) → {Array.<MdsEntry>}
- Source:
- See:
Returns MdsEntry objects that match the requested id. The
lookup is done by calling MdsCollection#findEntry on the current global
MDS collection. If no global MDS collection has been specified using
setMdsCollection, an Error
will be thrown.
Parameters:
Name | Type | Description |
---|---|---|
id |
String | ArrayBuffer | The authenticator id to look up metadata for |
Returns:
Returns an Array of MdsEntry for the specified id. If no entry was found, the Array will be empty.
- Type
- Array.<MdsEntry>
(async) assertionOptions(optsopt, extraDataopt) → {Promise.<PublicKeyCredentialRequestOptions>}
Creates an assertion challenge and any other parameters for the navigator.credentials.get()
call.
The challenge
property is an ArrayBuffer
and will need to be encoded to be transmitted to the client.
Parameters:
Name | Type | Attributes | Description | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
opts |
Object |
<optional> |
An object containing various options for the option creation Properties
|
||||||||
extraData |
String |
<optional> |
Extra data to be signed by the authenticator during attestation. The challenge will be a hash:
SHA256(rawChallenge + extraData) and the |
Returns:
The options to be passed to navigator.credentials.get()
- Type
- Promise.<PublicKeyCredentialRequestOptions>
(async) assertionResult(res, expected) → {Promise.<Fido2AssertionResult>}
Parses and validates an assertion response from the client
Parameters:
Name | Type | Description | ||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
res |
Object | The assertion result that was generated by the client. See AuthenticatorAssertionResponse in the WebAuthn spec. Properties
|
||||||||||||||||||||||||||||
expected |
Object | The expected parameters for the assertion response. If these parameters don't match the recieved values, validation will fail and an error will be thrown. Properties
|
Throws:
-
If parsing or validation fails
- Type
- Error
Returns:
Returns a Promise that resolves to a Fido2AssertionResult
- Type
- Promise.<Fido2AssertionResult>
(async) attestationOptions(optsopt, extraDataopt) → {Promise.<PublicKeyCredentialCreationOptions>}
Gets a challenge and any other parameters for the navigator.credentials.create()
call
The challenge
property is an ArrayBuffer
and will need to be encoded to be transmitted to the client.
Parameters:
Name | Type | Attributes | Description | ||||||||
---|---|---|---|---|---|---|---|---|---|---|---|
opts |
Object |
<optional> |
An object containing various options for the option creation Properties
|
||||||||
extraData |
String |
<optional> |
Extra data to be signed by the authenticator during attestation. The challenge will be a hash:
SHA256(rawChallenge + extraData) and the |
Returns:
The options for creating calling navigator.credentials.create()
- Type
- Promise.<PublicKeyCredentialCreationOptions>
(async) attestationResult(res, expected) → {Promise.<Fido2AttestationResult>}
Parses and validates an attestation response from the client
Parameters:
Name | Type | Description | ||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
res |
Object | The assertion result that was generated by the client. See AuthenticatorAttestationResponse in the WebAuthn spec. Properties
|
||||||||||||||||||||
expected |
Object | The expected parameters for the assertion response. If these parameters don't match the recieved values, validation will fail and an error will be thrown. Properties
|
Throws:
-
If parsing or validation fails
- Type
- Error
Returns:
Returns a Promise that resolves to a Fido2AttestationResult
- Type
- Promise.<Fido2AttestationResult>
disableExtension(extName)
Disables the specified extension.
Parameters:
Name | Type | Description |
---|---|---|
extName |
String | The name of the extension to enable. Must be a valid extension that has been registered through Fido2Lib#addExtension |
enableExtension(extName)
Enables the specified extension.
Parameters:
Name | Type | Description |
---|---|---|
extName |
String | The name of the extension to enable. Must be a valid extension that has been registered through Fido2Lib#addExtension |
setExtensionOptions(extName, options)
Specifies the options to be used for the extension
Parameters:
Name | Type | Description |
---|---|---|
extName |
String | The name of the extension to set the options for (e.g. - "appid". Must be a valid extension that has been registered through Fido2Lib#addExtension |
options |
Any | The parameter that will be passed to the option generator function (e.g. - "https://webauthn.org") |