Map authenticator transports on server side (#453)

* Remove transports field as it is not mapped on server side * Map transports --------- Co-authored-by: Anders Åberg <[email protected]>
passwordless-lib · Dec 22, 2023 · 5e5f289 · 5e5f289
1 parent 66ae98f
commit 5e5f289
Show file tree

Hide file tree

Showing 13 changed files with 20 additions and 6 deletions.
diff --git a/Demo/wwwroot/js/custom.register.js b/Demo/wwwroot/js/custom.register.js
@@ -126,7 +126,7 @@ async function registerNewCredential(newCredential) {
         response: {
             AttestationObject: coerceToBase64Url(attestationObject),
             clientDataJSON: coerceToBase64Url(clientDataJSON),
-            transports: newCredential.response.getTransports(),
+            transports: newCredential.response.getTransports()
         },
     };
 

diff --git a/Demo/wwwroot/js/mfa.register.js b/Demo/wwwroot/js/mfa.register.js
@@ -130,7 +130,8 @@ async function registerNewCredential(newCredential) {
         extensions: newCredential.getClientExtensionResults(),
         response: {
             AttestationObject: coerceToBase64Url(attestationObject),
-            clientDataJSON: coerceToBase64Url(clientDataJSON)
+            clientDataJSON: coerceToBase64Url(clientDataJSON),
+            transports: newCredential.response.getTransports()
         }
     };
 

diff --git a/Demo/wwwroot/js/passwordless.register.js b/Demo/wwwroot/js/passwordless.register.js
@@ -127,7 +127,8 @@ async function registerNewCredential(newCredential) {
         extensions: newCredential.getClientExtensionResults(),
         response: {
             AttestationObject: coerceToBase64Url(attestationObject),
-            clientDataJSON: coerceToBase64Url(clientDataJSON)
+            clientDataJSON: coerceToBase64Url(clientDataJSON),
+            transports: newCredential.response.getTransports()
         }
     };
 

diff --git a/Demo/wwwroot/js/usernameless.register.js b/Demo/wwwroot/js/usernameless.register.js
@@ -128,7 +128,8 @@ async function registerNewCredential(newCredential) {
         extensions: newCredential.getClientExtensionResults(),
         response: {
             attestationObject: coerceToBase64Url(attestationObject),
-            clientDataJSON: coerceToBase64Url(clientDataJSON)
+            clientDataJSON: coerceToBase64Url(clientDataJSON),
+            transports: newCredential.response.getTransports()
         }
     };
 

diff --git a/Src/Fido2.BlazorWebAssembly/wwwroot/js/WebAuthn.ts b/Src/Fido2.BlazorWebAssembly/wwwroot/js/WebAuthn.ts
@@ -33,7 +33,7 @@ export async function createCreds(options: PublicKeyCredentialCreationOptions) {
         response: {
             attestationObject: toBase64Url(response.attestationObject),
             clientDataJSON: toBase64Url(response.clientDataJSON),
-            transports: response.getTransports ? response.getTransports() : [],
+            transports: response.getTransports ? response.getTransports() : []
         }
     };
     return retval;

diff --git a/Src/Fido2.Models/AuthenticatorAttestationRawResponse.cs b/Src/Fido2.Models/AuthenticatorAttestationRawResponse.cs
@@ -32,5 +32,8 @@ public sealed class AttestationResponse
         [JsonConverter(typeof(Base64UrlConverter))]
         [JsonPropertyName("clientDataJSON")]
         public byte[] ClientDataJson { get; set; }
+
+        [JsonPropertyName("transports")]
+        public AuthenticatorTransport[] Transports { get; set; }
     }
 }
diff --git a/Src/Fido2/AuthenticatorAttestationResponse.cs b/Src/Fido2/AuthenticatorAttestationResponse.cs
@@ -190,7 +190,7 @@ public async Task<RegisteredPublicKeyCredential> VerifyAsync(
             Id = authData.AttestedCredentialData.CredentialId,
             PublicKey = authData.AttestedCredentialData.CredentialPublicKey.GetBytes(),
             SignCount = authData.SignCount,
-            // Transports = result of response.getTransports();
+            Transports = Raw.Response.Transports,
             IsBackupEligible = authData.IsBackupEligible,
             IsBackedUp = authData.IsBackedUp,
             AttestationObject = Raw.Response.AttestationObject,

diff --git a/Test/Attestation/AndroidKey.cs b/Test/Attestation/AndroidKey.cs
@@ -76,6 +76,7 @@ public async Task TestAndroidKey()
         Assert.Equal("Test User", res.Result.User.DisplayName);
         Assert.Equal("testuser"u8.ToArray(), res.Result.User.Id);
         Assert.Equal("testuser", res.Result.User.Name);
+        Assert.Equal(new[] { AuthenticatorTransport.Internal }, res.Result.Transports);
     }
 
     [Fact]

diff --git a/Test/Attestation/AndroidSafetyNet.cs b/Test/Attestation/AndroidSafetyNet.cs
@@ -113,6 +113,7 @@ public async Task TestAndroidSafetyNet()
         Assert.Equal("Test User", res.Result.User.DisplayName);
         Assert.Equal("testuser"u8.ToArray(), res.Result.User.Id);
         Assert.Equal("testuser", res.Result.User.Name);
+        Assert.Equal(new[] { AuthenticatorTransport.Internal }, res.Result.Transports);
     }
 
     [Fact]

diff --git a/Test/Attestation/FidoU2f.cs b/Test/Attestation/FidoU2f.cs
@@ -68,6 +68,7 @@ public async Task TestU2f()
         Assert.Equal("Test User", res.Result.User.DisplayName);
         Assert.Equal("testuser"u8.ToArray(), res.Result.User.Id);
         Assert.Equal("testuser", res.Result.User.Name);
+        Assert.Equal(new[] { AuthenticatorTransport.Internal }, res.Result.Transports);
     }
 
     [Fact]

diff --git a/Test/Attestation/Packed.cs b/Test/Attestation/Packed.cs
@@ -48,6 +48,7 @@ public async Task TestSelf()
             Assert.Equal("testuser"u8.ToArray(), res.Result.User.Id);
             Assert.Equal("testuser", res.Result.User.Name);
             _attestationObject = new CborMap { { "fmt", "packed" } };
+            Assert.Equal(new[] { AuthenticatorTransport.Internal }, res.Result.Transports);
         }
     }
 

diff --git a/Test/Attestation/Tpm.cs b/Test/Attestation/Tpm.cs
@@ -305,6 +305,7 @@ public async Task TestTPM()
             Assert.Equal("testuser"u8.ToArray(), res.Result.User.Id);
             Assert.Equal("testuser", res.Result.User.Name);
             _attestationObject = new CborMap { { "fmt", "tpm" } };
+            Assert.Equal(new[] { AuthenticatorTransport.Internal }, res.Result.Transports);
         }
     }
 
@@ -422,6 +423,7 @@ public async Task TestTPMAikCertSANTCGConformant()
         Assert.Equal("Test User", res.Result.User.DisplayName);
         Assert.Equal("testuser"u8.ToArray(), res.Result.User.Id);
         Assert.Equal("testuser", res.Result.User.Name);
+        Assert.Equal(new[] { AuthenticatorTransport.Internal }, res.Result.Transports);
     }
 
     [Fact]
@@ -5060,6 +5062,7 @@ public async Task TestTPMAikCertMisingAAGUID()
         Assert.Equal("Test User", res.Result.User.DisplayName);
         Assert.Equal("testuser"u8.ToArray(), res.Result.User.Id);
         Assert.Equal("testuser", res.Result.User.Name);
+        Assert.Equal(new[] { AuthenticatorTransport.Internal }, res.Result.Transports);
     }
 
     [Fact]

diff --git a/Test/Fido2Tests.cs b/Test/Fido2Tests.cs
@@ -163,6 +163,7 @@ public async Task<MakeNewCredentialResult> MakeAttestationResponseAsync()
                 {
                     AttestationObject = _attestationObject.Encode(),
                     ClientDataJson = _clientDataJson,
+                    Transports = new[] { AuthenticatorTransport.Internal }
                 },
                 Extensions = new AuthenticationExtensionsClientOutputs()
                 {