@simplewebauthn/browser 8.2.0 → 8.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
/* [@simplewebauthn/browser@8.
|
|
2
|
-
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).SimpleWebAuthnBrowser={})}(this,(function(e){"use strict";var t=function(e,r){return t=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r])},t(e,r)};var r=function(){return r=Object.assign||function(e){for(var t,r=1,n=arguments.length;r<n;r++)for(var o in t=arguments[r])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)};function n(e,t,r,n){return new(r||(r=Promise))((function(o,i){function a(e){try{u(n.next(e))}catch(e){i(e)}}function s(e){try{u(n.throw(e))}catch(e){i(e)}}function u(e){var t;e.done?o(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(a,s)}u((n=n.apply(e,t||[])).next())}))}function o(e,t){var r,n,o,i,a={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return i={next:s(0),throw:s(1),return:s(2)},"function"==typeof Symbol&&(i[Symbol.iterator]=function(){return this}),i;function s(s){return function(u){return function(s){if(r)throw new TypeError("Generator is already executing.");for(;i&&(i=0,s[0]&&(a=0)),a;)try{if(r=1,n&&(o=2&s[0]?n.return:s[0]?n.throw||((o=n.return)&&o.call(n),0):n.next)&&!(o=o.call(n,s[1])).done)return o;switch(n=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return a.label++,{value:s[1],done:!1};case 5:a.label++,n=s[1],s=[0];continue;case 7:s=a.ops.pop(),a.trys.pop();continue;default:if(!(o=a.trys,(o=o.length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){a=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){a.label=s[1];break}if(6===s[0]&&a.label<o[1]){a.label=o[1],o=s;break}if(o&&a.label<o[2]){a.label=o[2],a.ops.push(s);break}o[2]&&a.ops.pop(),a.trys.pop();continue}s=t.call(e,a)}catch(e){s=[6,e],n=0}finally{r=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,u])}}}function i(e){var t,r,n=new Uint8Array(e),o="";try{for(var i=function(e){var t="function"==typeof Symbol&&Symbol.iterator,r=t&&e[t],n=0;if(r)return r.call(e);if(e&&"number"==typeof e.length)return{next:function(){return e&&n>=e.length&&(e=void 0),{value:e&&e[n++],done:!e}}};throw new TypeError(t?"Object is not iterable.":"Symbol.iterator is not defined.")}(n),a=i.next();!a.done;a=i.next()){var s=a.value;o+=String.fromCharCode(s)}}catch(e){t={error:e}}finally{try{a&&!a.done&&(r=i.return)&&r.call(i)}finally{if(t)throw t.error}}return btoa(o).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function a(e){for(var t=e.replace(/-/g,"+").replace(/_/g,"/"),r=(4-t.length%4)%4,n=t.padEnd(t.length+r,"="),o=atob(n),i=new ArrayBuffer(o.length),a=new Uint8Array(i),s=0;s<o.length;s++)a[s]=o.charCodeAt(s);return i}function s(){return void 0!==(null===window||void 0===window?void 0:window.PublicKeyCredential)&&"function"==typeof window.PublicKeyCredential}function u(e){var t=e.id;return r(r({},e),{id:a(t),transports:e.transports})}function c(e){return"localhost"===e||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e)}"function"==typeof SuppressedError&&SuppressedError;var l=function(e){function r(t){var r=t.message,n=t.code,o=t.cause,i=t.name,a=e.call(this,r,{cause:o})||this;return a.name=null!=i?i:o.name,a.code=n,a}return function(e,r){if("function"!=typeof r&&null!==r)throw new TypeError("Class extends value "+String(r)+" is not a constructor or null");function n(){this.constructor=e}t(e,r),e.prototype=null===r?Object.create(r):(n.prototype=r.prototype,new n)}(r,e),r}(Error);var d=new(function(){function e(){}return e.prototype.createNewAbortSignal=function(){if(this.controller){var e=new Error("Cancelling existing WebAuthn API call for new one");e.name="AbortError",this.controller.abort(e)}var t=new AbortController;return this.controller=t,t.signal},e}()),f=["cross-platform","platform"];function p(e){if(e&&!(f.indexOf(e)<0))return e}function h(){var e=window.PublicKeyCredential;return void 0===e.isConditionalMediationAvailable?new Promise((function(e){return e(!1)})):e.isConditionalMediationAvailable()}e.base64URLStringToBuffer=a,e.browserSupportsWebAuthn=s,e.browserSupportsWebAuthnAutofill=h,e.bufferToBase64URLString=i,e.platformAuthenticatorIsAvailable=function(){return s()?PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable():new Promise((function(e){return e(!1)}))},e.startAuthentication=function(e,t){var f,w;return void 0===t&&(t=!1),n(this,void 0,void 0,(function(){var n,b,R,y,E,g,m,v,A;return o(this,(function(o){switch(o.label){case 0:if(!s())throw new Error("WebAuthn is not supported in this browser");return 0!==(null===(f=e.allowCredentials)||void 0===f?void 0:f.length)&&(n=null===(w=e.allowCredentials)||void 0===w?void 0:w.map(u)),b=r(r({},e),{challenge:a(e.challenge),allowCredentials:n}),R={},t?[4,h()]:[3,2];case 1:if(!o.sent())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete*='webauthn']").length<1)throw Error('No <input> with `"webauthn"` in its `autocomplete` attribute was detected');R.mediation="conditional",b.allowCredentials=[],o.label=2;case 2:R.publicKey=b,R.signal=d.createNewAbortSignal(),o.label=3;case 3:return o.trys.push([3,5,,6]),[4,navigator.credentials.get(R)];case 4:return y=o.sent(),[3,6];case 5:throw function(e){var t=e.error,r=e.options,n=r.publicKey;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(r.signal instanceof AbortSignal)return new l({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else{if("NotAllowedError"===t.name)return new l({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("SecurityError"===t.name){var o=window.location.hostname;if(!c(o))return new l({message:"".concat(window.location.hostname," is an invalid domain"),code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rpId!==o)return new l({message:'The RP ID "'.concat(n.rpId,'" is invalid for this domain'),code:"ERROR_INVALID_RP_ID",cause:t})}else if("UnknownError"===t.name)return new l({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:o.sent(),options:R});case 6:if(!y)throw new Error("Authentication was not completed");return E=y.id,g=y.rawId,m=y.response,v=y.type,A=void 0,m.userHandle&&(_=m.userHandle,A=new TextDecoder("utf-8").decode(_)),[2,{id:E,rawId:i(g),response:{authenticatorData:i(m.authenticatorData),clientDataJSON:i(m.clientDataJSON),signature:i(m.signature),userHandle:A},type:v,clientExtensionResults:y.getClientExtensionResults(),authenticatorAttachment:p(y.authenticatorAttachment)}]}var _}))}))},e.startRegistration=function(e){var t;return n(this,void 0,void 0,(function(){var n,f,h,w,b,R,y,E,g,m,v,A;return o(this,(function(o){switch(o.label){case 0:if(!s())throw new Error("WebAuthn is not supported in this browser");n=r(r({},e),{challenge:a(e.challenge),user:r(r({},e.user),{id:(_=e.user.id,(new TextEncoder).encode(_))}),excludeCredentials:null===(t=e.excludeCredentials)||void 0===t?void 0:t.map(u)}),(f={publicKey:n}).signal=d.createNewAbortSignal(),o.label=1;case 1:return o.trys.push([1,3,,4]),[4,navigator.credentials.create(f)];case 2:return h=o.sent(),[3,4];case 3:throw function(e){var t,r,n=e.error,o=e.options,i=o.publicKey;if(!i)throw Error("options was missing required publicKey property");if("AbortError"===n.name){if(o.signal instanceof AbortSignal)return new l({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:n})}else if("ConstraintError"===n.name){if(!0===(null===(t=i.authenticatorSelection)||void 0===t?void 0:t.requireResidentKey))return new l({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:n});if("required"===(null===(r=i.authenticatorSelection)||void 0===r?void 0:r.userVerification))return new l({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:n})}else{if("InvalidStateError"===n.name)return new l({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:n});if("NotAllowedError"===n.name)return new l({message:n.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:n});if("NotSupportedError"===n.name)return 0===i.pubKeyCredParams.filter((function(e){return"public-key"===e.type})).length?new l({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:n}):new l({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:n});if("SecurityError"===n.name){var a=window.location.hostname;if(!c(a))return new l({message:"".concat(window.location.hostname," is an invalid domain"),code:"ERROR_INVALID_DOMAIN",cause:n});if(i.rp.id!==a)return new l({message:'The RP ID "'.concat(i.rp.id,'" is invalid for this domain'),code:"ERROR_INVALID_RP_ID",cause:n})}else if("TypeError"===n.name){if(i.user.id.byteLength<1||i.user.id.byteLength>64)return new l({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:n})}else if("UnknownError"===n.name)return new l({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:n})}return n}({error:o.sent(),options:f});case 4:if(!h)throw new Error("Registration was not completed");if(w=h.id,b=h.rawId,R=h.response,y=h.type,E=void 0,"function"==typeof R.getTransports&&(E=R.getTransports()),g=void 0,"function"==typeof R.getPublicKeyAlgorithm)try{g=R.getPublicKeyAlgorithm()}catch(e){}if(m=void 0,"function"==typeof R.getPublicKey)try{null!==(v=R.getPublicKey())&&(m=i(v))}catch(e){}if("function"==typeof R.getAuthenticatorData)try{A=i(R.getAuthenticatorData())}catch(e){}return[2,{id:w,rawId:i(b),response:{attestationObject:i(R.attestationObject),clientDataJSON:i(R.clientDataJSON),transports:E,publicKeyAlgorithm:g,publicKey:m,authenticatorData:A},type:y,clientExtensionResults:h.getClientExtensionResults(),authenticatorAttachment:p(h.authenticatorAttachment)}]}var _}))}))},Object.defineProperty(e,"__esModule",{value:!0})}));
|
|
1
|
+
/* [@simplewebauthn/browser@8.3.0] */
|
|
2
|
+
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).SimpleWebAuthnBrowser={})}(this,(function(e){"use strict";var t=function(e,r){return t=Object.setPrototypeOf||{__proto__:[]}instanceof Array&&function(e,t){e.__proto__=t}||function(e,t){for(var r in t)Object.prototype.hasOwnProperty.call(t,r)&&(e[r]=t[r])},t(e,r)};var r=function(){return r=Object.assign||function(e){for(var t,r=1,n=arguments.length;r<n;r++)for(var o in t=arguments[r])Object.prototype.hasOwnProperty.call(t,o)&&(e[o]=t[o]);return e},r.apply(this,arguments)};function n(e,t,r,n){return new(r||(r=Promise))((function(o,i){function a(e){try{c(n.next(e))}catch(e){i(e)}}function s(e){try{c(n.throw(e))}catch(e){i(e)}}function c(e){var t;e.done?o(e.value):(t=e.value,t instanceof r?t:new r((function(e){e(t)}))).then(a,s)}c((n=n.apply(e,t||[])).next())}))}function o(e,t){var r,n,o,i,a={label:0,sent:function(){if(1&o[0])throw o[1];return o[1]},trys:[],ops:[]};return i={next:s(0),throw:s(1),return:s(2)},"function"==typeof Symbol&&(i[Symbol.iterator]=function(){return this}),i;function s(s){return function(c){return function(s){if(r)throw new TypeError("Generator is already executing.");for(;i&&(i=0,s[0]&&(a=0)),a;)try{if(r=1,n&&(o=2&s[0]?n.return:s[0]?n.throw||((o=n.return)&&o.call(n),0):n.next)&&!(o=o.call(n,s[1])).done)return o;switch(n=0,o&&(s=[2&s[0],o.value]),s[0]){case 0:case 1:o=s;break;case 4:return a.label++,{value:s[1],done:!1};case 5:a.label++,n=s[1],s=[0];continue;case 7:s=a.ops.pop(),a.trys.pop();continue;default:if(!(o=a.trys,(o=o.length>0&&o[o.length-1])||6!==s[0]&&2!==s[0])){a=0;continue}if(3===s[0]&&(!o||s[1]>o[0]&&s[1]<o[3])){a.label=s[1];break}if(6===s[0]&&a.label<o[1]){a.label=o[1],o=s;break}if(o&&a.label<o[2]){a.label=o[2],a.ops.push(s);break}o[2]&&a.ops.pop(),a.trys.pop();continue}s=t.call(e,a)}catch(e){s=[6,e],n=0}finally{r=o=0}if(5&s[0])throw s[1];return{value:s[0]?s[1]:void 0,done:!0}}([s,c])}}}function i(e){var t,r,n=new Uint8Array(e),o="";try{for(var i=function(e){var t="function"==typeof Symbol&&Symbol.iterator,r=t&&e[t],n=0;if(r)return r.call(e);if(e&&"number"==typeof e.length)return{next:function(){return e&&n>=e.length&&(e=void 0),{value:e&&e[n++],done:!e}}};throw new TypeError(t?"Object is not iterable.":"Symbol.iterator is not defined.")}(n),a=i.next();!a.done;a=i.next()){var s=a.value;o+=String.fromCharCode(s)}}catch(e){t={error:e}}finally{try{a&&!a.done&&(r=i.return)&&r.call(i)}finally{if(t)throw t.error}}return btoa(o).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function a(e){for(var t=e.replace(/-/g,"+").replace(/_/g,"/"),r=(4-t.length%4)%4,n=t.padEnd(t.length+r,"="),o=atob(n),i=new ArrayBuffer(o.length),a=new Uint8Array(i),s=0;s<o.length;s++)a[s]=o.charCodeAt(s);return i}function s(){return void 0!==(null===window||void 0===window?void 0:window.PublicKeyCredential)&&"function"==typeof window.PublicKeyCredential}function c(e){var t=e.id;return r(r({},e),{id:a(t),transports:e.transports})}function u(e){return"localhost"===e||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e)}"function"==typeof SuppressedError&&SuppressedError;var l=function(e){function r(t){var r=t.message,n=t.code,o=t.cause,i=t.name,a=e.call(this,r,{cause:o})||this;return a.name=null!=i?i:o.name,a.code=n,a}return function(e,r){if("function"!=typeof r&&null!==r)throw new TypeError("Class extends value "+String(r)+" is not a constructor or null");function n(){this.constructor=e}t(e,r),e.prototype=null===r?Object.create(r):(n.prototype=r.prototype,new n)}(r,e),r}(Error);var d=new(function(){function e(){}return e.prototype.createNewAbortSignal=function(){if(this.controller){var e=new Error("Cancelling existing WebAuthn API call for new one");e.name="AbortError",this.controller.abort(e)}var t=new AbortController;return this.controller=t,t.signal},e.prototype.cancelCeremony=function(){if(this.controller){var e=new Error("Manually cancelling existing WebAuthn API call");e.name="AbortError",this.controller.abort(e),this.controller=void 0}},e}()),f=["cross-platform","platform"];function p(e){if(e&&!(f.indexOf(e)<0))return e}function h(e,t){console.warn("The browser extension that intercepted this WebAuthn API call incorrectly implemented ".concat(e,". You should report this error to them.\n"),t)}function w(){var e=window.PublicKeyCredential;return void 0===e.isConditionalMediationAvailable?new Promise((function(e){return e(!1)})):e.isConditionalMediationAvailable()}e.WebAuthnAbortService=d,e.base64URLStringToBuffer=a,e.browserSupportsWebAuthn=s,e.browserSupportsWebAuthnAutofill=w,e.bufferToBase64URLString=i,e.platformAuthenticatorIsAvailable=function(){return s()?PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable():new Promise((function(e){return e(!1)}))},e.startAuthentication=function(e,t){var f,h;return void 0===t&&(t=!1),n(this,void 0,void 0,(function(){var n,b,y,R,g,E,m,A,v;return o(this,(function(o){switch(o.label){case 0:if(!s())throw new Error("WebAuthn is not supported in this browser");return 0!==(null===(f=e.allowCredentials)||void 0===f?void 0:f.length)&&(n=null===(h=e.allowCredentials)||void 0===h?void 0:h.map(c)),b=r(r({},e),{challenge:a(e.challenge),allowCredentials:n}),y={},t?[4,w()]:[3,2];case 1:if(!o.sent())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete*='webauthn']").length<1)throw Error('No <input> with `"webauthn"` in its `autocomplete` attribute was detected');y.mediation="conditional",b.allowCredentials=[],o.label=2;case 2:y.publicKey=b,y.signal=d.createNewAbortSignal(),o.label=3;case 3:return o.trys.push([3,5,,6]),[4,navigator.credentials.get(y)];case 4:return R=o.sent(),[3,6];case 5:throw function(e){var t=e.error,r=e.options,n=r.publicKey;if(!n)throw Error("options was missing required publicKey property");if("AbortError"===t.name){if(r.signal instanceof AbortSignal)return new l({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:t})}else{if("NotAllowedError"===t.name)return new l({message:t.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:t});if("SecurityError"===t.name){var o=window.location.hostname;if(!u(o))return new l({message:"".concat(window.location.hostname," is an invalid domain"),code:"ERROR_INVALID_DOMAIN",cause:t});if(n.rpId!==o)return new l({message:'The RP ID "'.concat(n.rpId,'" is invalid for this domain'),code:"ERROR_INVALID_RP_ID",cause:t})}else if("UnknownError"===t.name)return new l({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:t})}return t}({error:o.sent(),options:y});case 6:if(!R)throw new Error("Authentication was not completed");return g=R.id,E=R.rawId,m=R.response,A=R.type,v=void 0,m.userHandle&&(_=m.userHandle,v=new TextDecoder("utf-8").decode(_)),[2,{id:g,rawId:i(E),response:{authenticatorData:i(m.authenticatorData),clientDataJSON:i(m.clientDataJSON),signature:i(m.signature),userHandle:v},type:A,clientExtensionResults:R.getClientExtensionResults(),authenticatorAttachment:p(R.authenticatorAttachment)}]}var _}))}))},e.startRegistration=function(e){var t;return n(this,void 0,void 0,(function(){var n,f,w,b,y,R,g,E,m,A,v,_;return o(this,(function(o){switch(o.label){case 0:if(!s())throw new Error("WebAuthn is not supported in this browser");n=r(r({},e),{challenge:a(e.challenge),user:r(r({},e.user),{id:(O=e.user.id,(new TextEncoder).encode(O))}),excludeCredentials:null===(t=e.excludeCredentials)||void 0===t?void 0:t.map(c)}),(f={publicKey:n}).signal=d.createNewAbortSignal(),o.label=1;case 1:return o.trys.push([1,3,,4]),[4,navigator.credentials.create(f)];case 2:return w=o.sent(),[3,4];case 3:throw function(e){var t,r,n=e.error,o=e.options,i=o.publicKey;if(!i)throw Error("options was missing required publicKey property");if("AbortError"===n.name){if(o.signal instanceof AbortSignal)return new l({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:n})}else if("ConstraintError"===n.name){if(!0===(null===(t=i.authenticatorSelection)||void 0===t?void 0:t.requireResidentKey))return new l({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:n});if("required"===(null===(r=i.authenticatorSelection)||void 0===r?void 0:r.userVerification))return new l({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:n})}else{if("InvalidStateError"===n.name)return new l({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:n});if("NotAllowedError"===n.name)return new l({message:n.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:n});if("NotSupportedError"===n.name)return 0===i.pubKeyCredParams.filter((function(e){return"public-key"===e.type})).length?new l({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:n}):new l({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:n});if("SecurityError"===n.name){var a=window.location.hostname;if(!u(a))return new l({message:"".concat(window.location.hostname," is an invalid domain"),code:"ERROR_INVALID_DOMAIN",cause:n});if(i.rp.id!==a)return new l({message:'The RP ID "'.concat(i.rp.id,'" is invalid for this domain'),code:"ERROR_INVALID_RP_ID",cause:n})}else if("TypeError"===n.name){if(i.user.id.byteLength<1||i.user.id.byteLength>64)return new l({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:n})}else if("UnknownError"===n.name)return new l({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:n})}return n}({error:o.sent(),options:f});case 4:if(!w)throw new Error("Registration was not completed");if(b=w.id,y=w.rawId,R=w.response,g=w.type,E=void 0,"function"==typeof R.getTransports&&(E=R.getTransports()),m=void 0,"function"==typeof R.getPublicKeyAlgorithm)try{m=R.getPublicKeyAlgorithm()}catch(e){h("getPublicKeyAlgorithm()",e)}if(A=void 0,"function"==typeof R.getPublicKey)try{null!==(v=R.getPublicKey())&&(A=i(v))}catch(e){h("getPublicKey()",e)}if("function"==typeof R.getAuthenticatorData)try{_=i(R.getAuthenticatorData())}catch(e){h("getAuthenticatorData()",e)}return[2,{id:b,rawId:i(y),response:{attestationObject:i(R.attestationObject),clientDataJSON:i(R.clientDataJSON),transports:E,publicKeyAlgorithm:m,publicKey:A,authenticatorData:_},type:g,clientExtensionResults:w.getClientExtensionResults(),authenticatorAttachment:p(w.authenticatorAttachment)}]}var O}))}))},Object.defineProperty(e,"__esModule",{value:!0})}));
|
package/dist/bundle/index.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
/* [@simplewebauthn/browser@8.
|
|
1
|
+
/* [@simplewebauthn/browser@8.3.0] */
|
|
2
2
|
function utf8StringToBuffer(value) {
|
|
3
3
|
return new TextEncoder().encode(value);
|
|
4
4
|
}
|
|
@@ -148,7 +148,7 @@ function identifyRegistrationError({ error, options, }) {
|
|
|
148
148
|
return error;
|
|
149
149
|
}
|
|
150
150
|
|
|
151
|
-
class
|
|
151
|
+
class BaseWebAuthnAbortService {
|
|
152
152
|
createNewAbortSignal() {
|
|
153
153
|
if (this.controller) {
|
|
154
154
|
const abortError = new Error('Cancelling existing WebAuthn API call for new one');
|
|
@@ -159,8 +159,16 @@ class WebAuthnAbortService {
|
|
|
159
159
|
this.controller = newController;
|
|
160
160
|
return newController.signal;
|
|
161
161
|
}
|
|
162
|
+
cancelCeremony() {
|
|
163
|
+
if (this.controller) {
|
|
164
|
+
const abortError = new Error('Manually cancelling existing WebAuthn API call');
|
|
165
|
+
abortError.name = 'AbortError';
|
|
166
|
+
this.controller.abort(abortError);
|
|
167
|
+
this.controller = undefined;
|
|
168
|
+
}
|
|
169
|
+
}
|
|
162
170
|
}
|
|
163
|
-
const
|
|
171
|
+
const WebAuthnAbortService = new BaseWebAuthnAbortService();
|
|
164
172
|
|
|
165
173
|
const attachments = ['cross-platform', 'platform'];
|
|
166
174
|
function toAuthenticatorAttachment(attachment) {
|
|
@@ -187,7 +195,7 @@ async function startRegistration(creationOptionsJSON) {
|
|
|
187
195
|
excludeCredentials: creationOptionsJSON.excludeCredentials?.map(toPublicKeyCredentialDescriptor),
|
|
188
196
|
};
|
|
189
197
|
const options = { publicKey };
|
|
190
|
-
options.signal =
|
|
198
|
+
options.signal = WebAuthnAbortService.createNewAbortSignal();
|
|
191
199
|
let credential;
|
|
192
200
|
try {
|
|
193
201
|
credential = (await navigator.credentials.create(options));
|
|
@@ -209,6 +217,7 @@ async function startRegistration(creationOptionsJSON) {
|
|
|
209
217
|
responsePublicKeyAlgorithm = response.getPublicKeyAlgorithm();
|
|
210
218
|
}
|
|
211
219
|
catch (error) {
|
|
220
|
+
warnOnBrokenImplementation('getPublicKeyAlgorithm()', error);
|
|
212
221
|
}
|
|
213
222
|
}
|
|
214
223
|
let responsePublicKey = undefined;
|
|
@@ -220,6 +229,7 @@ async function startRegistration(creationOptionsJSON) {
|
|
|
220
229
|
}
|
|
221
230
|
}
|
|
222
231
|
catch (error) {
|
|
232
|
+
warnOnBrokenImplementation('getPublicKey()', error);
|
|
223
233
|
}
|
|
224
234
|
}
|
|
225
235
|
let responseAuthenticatorData;
|
|
@@ -228,6 +238,7 @@ async function startRegistration(creationOptionsJSON) {
|
|
|
228
238
|
responseAuthenticatorData = bufferToBase64URLString(response.getAuthenticatorData());
|
|
229
239
|
}
|
|
230
240
|
catch (error) {
|
|
241
|
+
warnOnBrokenImplementation('getAuthenticatorData()', error);
|
|
231
242
|
}
|
|
232
243
|
}
|
|
233
244
|
return {
|
|
@@ -246,6 +257,9 @@ async function startRegistration(creationOptionsJSON) {
|
|
|
246
257
|
authenticatorAttachment: toAuthenticatorAttachment(credential.authenticatorAttachment),
|
|
247
258
|
};
|
|
248
259
|
}
|
|
260
|
+
function warnOnBrokenImplementation(methodName, cause) {
|
|
261
|
+
console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${methodName}. You should report this error to them.\n`, cause);
|
|
262
|
+
}
|
|
249
263
|
|
|
250
264
|
function bufferToUTF8String(value) {
|
|
251
265
|
return new TextDecoder('utf-8').decode(value);
|
|
@@ -334,7 +348,7 @@ async function startAuthentication(requestOptionsJSON, useBrowserAutofill = fals
|
|
|
334
348
|
publicKey.allowCredentials = [];
|
|
335
349
|
}
|
|
336
350
|
options.publicKey = publicKey;
|
|
337
|
-
options.signal =
|
|
351
|
+
options.signal = WebAuthnAbortService.createNewAbortSignal();
|
|
338
352
|
let credential;
|
|
339
353
|
try {
|
|
340
354
|
credential = (await navigator.credentials.get(options));
|
|
@@ -372,4 +386,4 @@ function platformAuthenticatorIsAvailable() {
|
|
|
372
386
|
return PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable();
|
|
373
387
|
}
|
|
374
388
|
|
|
375
|
-
export { base64URLStringToBuffer, browserSupportsWebAuthn, browserSupportsWebAuthnAutofill, bufferToBase64URLString, platformAuthenticatorIsAvailable, startAuthentication, startRegistration };
|
|
389
|
+
export { WebAuthnAbortService, base64URLStringToBuffer, browserSupportsWebAuthn, browserSupportsWebAuthnAutofill, bufferToBase64URLString, platformAuthenticatorIsAvailable, startAuthentication, startRegistration };
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
/* [@simplewebauthn/browser@8.
|
|
2
|
-
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).SimpleWebAuthnBrowser={})}(this,(function(e){"use strict";function t(e){const t=new Uint8Array(e);let
|
|
1
|
+
/* [@simplewebauthn/browser@8.3.0] */
|
|
2
|
+
!function(e,t){"object"==typeof exports&&"undefined"!=typeof module?t(exports):"function"==typeof define&&define.amd?define(["exports"],t):t((e="undefined"!=typeof globalThis?globalThis:e||self).SimpleWebAuthnBrowser={})}(this,(function(e){"use strict";function t(e){const t=new Uint8Array(e);let r="";for(const e of t)r+=String.fromCharCode(e);return btoa(r).replace(/\+/g,"-").replace(/\//g,"_").replace(/=/g,"")}function r(e){const t=e.replace(/-/g,"+").replace(/_/g,"/"),r=(4-t.length%4)%4,n=t.padEnd(t.length+r,"="),o=atob(n),i=new ArrayBuffer(o.length),a=new Uint8Array(i);for(let e=0;e<o.length;e++)a[e]=o.charCodeAt(e);return i}function n(){return void 0!==window?.PublicKeyCredential&&"function"==typeof window.PublicKeyCredential}function o(e){const{id:t}=e;return{...e,id:r(t),transports:e.transports}}function i(e){return"localhost"===e||/^([a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,}$/i.test(e)}class a extends Error{constructor({message:e,code:t,cause:r,name:n}){super(e,{cause:r}),this.name=n??r.name,this.code=t}}const s=new class{createNewAbortSignal(){if(this.controller){const e=new Error("Cancelling existing WebAuthn API call for new one");e.name="AbortError",this.controller.abort(e)}const e=new AbortController;return this.controller=e,e.signal}cancelCeremony(){if(this.controller){const e=new Error("Manually cancelling existing WebAuthn API call");e.name="AbortError",this.controller.abort(e),this.controller=void 0}}},c=["cross-platform","platform"];function l(e){if(e&&!(c.indexOf(e)<0))return e}function u(e,t){console.warn(`The browser extension that intercepted this WebAuthn API call incorrectly implemented ${e}. You should report this error to them.\n`,t)}function d(){const e=window.PublicKeyCredential;return void 0===e.isConditionalMediationAvailable?new Promise((e=>e(!1))):e.isConditionalMediationAvailable()}e.WebAuthnAbortService=s,e.base64URLStringToBuffer=r,e.browserSupportsWebAuthn=n,e.browserSupportsWebAuthnAutofill=d,e.bufferToBase64URLString=t,e.platformAuthenticatorIsAvailable=function(){return n()?PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable():new Promise((e=>e(!1)))},e.startAuthentication=async function(e,c=!1){if(!n())throw new Error("WebAuthn is not supported in this browser");let u;0!==e.allowCredentials?.length&&(u=e.allowCredentials?.map(o));const h={...e,challenge:r(e.challenge),allowCredentials:u},f={};if(c){if(!await d())throw Error("Browser does not support WebAuthn autofill");if(document.querySelectorAll("input[autocomplete*='webauthn']").length<1)throw Error('No <input> with `"webauthn"` in its `autocomplete` attribute was detected');f.mediation="conditional",h.allowCredentials=[]}let p;f.publicKey=h,f.signal=s.createNewAbortSignal();try{p=await navigator.credentials.get(f)}catch(e){throw function({error:e,options:t}){const{publicKey:r}=t;if(!r)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new a({message:"Authentication ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else{if("NotAllowedError"===e.name)return new a({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!i(t))return new a({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(r.rpId!==t)return new a({message:`The RP ID "${r.rpId}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("UnknownError"===e.name)return new a({message:"The authenticator was unable to process the specified options, or could not create a new assertion signature",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:f})}if(!p)throw new Error("Authentication was not completed");const{id:w,rawId:R,response:E,type:g}=p;let A;var m;return E.userHandle&&(m=E.userHandle,A=new TextDecoder("utf-8").decode(m)),{id:w,rawId:t(R),response:{authenticatorData:t(E.authenticatorData),clientDataJSON:t(E.clientDataJSON),signature:t(E.signature),userHandle:A},type:g,clientExtensionResults:p.getClientExtensionResults(),authenticatorAttachment:l(p.authenticatorAttachment)}},e.startRegistration=async function(e){if(!n())throw new Error("WebAuthn is not supported in this browser");var c;const d={publicKey:{...e,challenge:r(e.challenge),user:{...e.user,id:(c=e.user.id,(new TextEncoder).encode(c))},excludeCredentials:e.excludeCredentials?.map(o)}};let h;d.signal=s.createNewAbortSignal();try{h=await navigator.credentials.create(d)}catch(e){throw function({error:e,options:t}){const{publicKey:r}=t;if(!r)throw Error("options was missing required publicKey property");if("AbortError"===e.name){if(t.signal instanceof AbortSignal)return new a({message:"Registration ceremony was sent an abort signal",code:"ERROR_CEREMONY_ABORTED",cause:e})}else if("ConstraintError"===e.name){if(!0===r.authenticatorSelection?.requireResidentKey)return new a({message:"Discoverable credentials were required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_DISCOVERABLE_CREDENTIAL_SUPPORT",cause:e});if("required"===r.authenticatorSelection?.userVerification)return new a({message:"User verification was required but no available authenticator supported it",code:"ERROR_AUTHENTICATOR_MISSING_USER_VERIFICATION_SUPPORT",cause:e})}else{if("InvalidStateError"===e.name)return new a({message:"The authenticator was previously registered",code:"ERROR_AUTHENTICATOR_PREVIOUSLY_REGISTERED",cause:e});if("NotAllowedError"===e.name)return new a({message:e.message,code:"ERROR_PASSTHROUGH_SEE_CAUSE_PROPERTY",cause:e});if("NotSupportedError"===e.name)return 0===r.pubKeyCredParams.filter((e=>"public-key"===e.type)).length?new a({message:'No entry in pubKeyCredParams was of type "public-key"',code:"ERROR_MALFORMED_PUBKEYCREDPARAMS",cause:e}):new a({message:"No available authenticator supported any of the specified pubKeyCredParams algorithms",code:"ERROR_AUTHENTICATOR_NO_SUPPORTED_PUBKEYCREDPARAMS_ALG",cause:e});if("SecurityError"===e.name){const t=window.location.hostname;if(!i(t))return new a({message:`${window.location.hostname} is an invalid domain`,code:"ERROR_INVALID_DOMAIN",cause:e});if(r.rp.id!==t)return new a({message:`The RP ID "${r.rp.id}" is invalid for this domain`,code:"ERROR_INVALID_RP_ID",cause:e})}else if("TypeError"===e.name){if(r.user.id.byteLength<1||r.user.id.byteLength>64)return new a({message:"User ID was not between 1 and 64 characters",code:"ERROR_INVALID_USER_ID_LENGTH",cause:e})}else if("UnknownError"===e.name)return new a({message:"The authenticator was unable to process the specified options, or could not create a new credential",code:"ERROR_AUTHENTICATOR_GENERAL_ERROR",cause:e})}return e}({error:e,options:d})}if(!h)throw new Error("Registration was not completed");const{id:f,rawId:p,response:w,type:R}=h;let E,g,A,m;if("function"==typeof w.getTransports&&(E=w.getTransports()),"function"==typeof w.getPublicKeyAlgorithm)try{g=w.getPublicKeyAlgorithm()}catch(e){u("getPublicKeyAlgorithm()",e)}if("function"==typeof w.getPublicKey)try{const e=w.getPublicKey();null!==e&&(A=t(e))}catch(e){u("getPublicKey()",e)}if("function"==typeof w.getAuthenticatorData)try{m=t(w.getAuthenticatorData())}catch(e){u("getAuthenticatorData()",e)}return{id:f,rawId:t(p),response:{attestationObject:t(w.attestationObject),clientDataJSON:t(w.clientDataJSON),transports:E,publicKeyAlgorithm:g,publicKey:A,authenticatorData:m},type:R,clientExtensionResults:h.getClientExtensionResults(),authenticatorAttachment:l(h.authenticatorAttachment)}},Object.defineProperty(e,"__esModule",{value:!0})}));
|
|
@@ -1,6 +1,7 @@
|
|
|
1
|
-
declare class
|
|
1
|
+
declare class BaseWebAuthnAbortService {
|
|
2
2
|
private controller;
|
|
3
3
|
createNewAbortSignal(): AbortSignal;
|
|
4
|
+
cancelCeremony(): void;
|
|
4
5
|
}
|
|
5
|
-
export declare const
|
|
6
|
+
export declare const WebAuthnAbortService: BaseWebAuthnAbortService;
|
|
6
7
|
export {};
|
package/dist/types/index.d.ts
CHANGED
|
@@ -5,5 +5,6 @@ import { platformAuthenticatorIsAvailable } from './helpers/platformAuthenticato
|
|
|
5
5
|
import { browserSupportsWebAuthnAutofill } from './helpers/browserSupportsWebAuthnAutofill';
|
|
6
6
|
import { base64URLStringToBuffer } from './helpers/base64URLStringToBuffer';
|
|
7
7
|
import { bufferToBase64URLString } from './helpers/bufferToBase64URLString';
|
|
8
|
-
|
|
8
|
+
import { WebAuthnAbortService } from './helpers/webAuthnAbortService';
|
|
9
|
+
export { base64URLStringToBuffer, browserSupportsWebAuthn, browserSupportsWebAuthnAutofill, bufferToBase64URLString, platformAuthenticatorIsAvailable, startAuthentication, startRegistration, WebAuthnAbortService, };
|
|
9
10
|
export type { WebAuthnErrorCode } from './helpers/webAuthnError';
|