electron-webauthn 1.0.5 → 1.1.1

package/README.md

@@ -21,6 +21,7 @@ This package provides JavaScript bindings to Apple's AuthenticationServices fram
 - Credential creation (registration) with attestation
 - Credential authentication (assertions) with existing credentials
 - Seamless integration with Electron's native window system
+- Passkey listing via `listPasskeys` (macOS 13.3+)
 - PRF (Pseudo-Random Function) extension support
 - Large Blob extension support for reading/writing credential-specific data
 - User verification preference configuration (preferred, required, discouraged)
@@ -83,7 +84,7 @@ This library implements the W3C WebAuthn standard using Apple's native Authentic
 
 ## Error Handling
 
-Both `createCredential` and `getCredential` functions return a result object with a `success` field. Always check this field:
+`createCredential`, `getCredential`, and `listPasskeys` all return a result object with a `success` field. Always check this field:
 
 ```typescript
 const result = await createCredential(publicKeyOptions, additionalOptions);
@@ -118,6 +119,19 @@ if (!result.success) {
 console.log("Credential ID:", result.data.credentialId);
 ```
 
+`listPasskeys` returns an `Error` object (not a string code) when unsuccessful:
+
+```typescript
+const result = await listPasskeys("example.com");
+
+if (!result.success) {
+  console.error("Failed to list passkeys:", result.error.message);
+  return;
+}
+
+console.log(`Found ${result.credentials.length} passkeys`);
+```
+
 ### Common Error Scenarios
 
 #### For Both Registration and Authentication
@@ -141,6 +155,7 @@ console.log("Credential ID:", result.data.credentialId);
 
 - ✅ WebAuthn credential creation (registration/attestation)
 - ✅ WebAuthn assertions (authentication with existing credentials)
+- ✅ Passkey listing with `listPasskeys` (macOS 13.3+, requires `com.apple.developer.web-browser.public-key-credential` entitlement)
 - ✅ Cross-platform authenticators (external security keys like YubiKey)
 - ✅ Platform authenticators (Touch ID, Face ID)
 - ✅ Discoverable credentials (resident keys)

package/dist/additional-objc/ASCPublicKeyCredentialDescriptor.d.ts

@@ -0,0 +1,12 @@
+import type { _NSArray, _NSData, _NSObject, _NSSecureCoding } from "objcjs-types/Foundation";
+export declare class _ASCPublicKeyCredentialDescriptor extends _NSObject {
+    static alloc(): _ASCPublicKeyCredentialDescriptor;
+    static new(): _ASCPublicKeyCredentialDescriptor;
+    init(): _ASCPublicKeyCredentialDescriptor;
+    initWithCredentialID$transports$(credentialID: _NSData, allowedTransports: _NSArray | null): _ASCPublicKeyCredentialDescriptor;
+    credentialID(): _NSData;
+    transports(): _NSArray | null;
+}
+export interface _ASCPublicKeyCredentialDescriptor extends _NSSecureCoding {
+}
+export declare const ASCPublicKeyCredentialDescriptor: typeof _ASCPublicKeyCredentialDescriptor;

package/dist/additional-objc/ASCPublicKeyCredentialDescriptor.js

@@ -0,0 +1,2 @@
+import { AuthenticationServices } from "objcjs-types/AuthenticationServices";
+export const ASCPublicKeyCredentialDescriptor = AuthenticationServices.ASCPublicKeyCredentialDescriptor;

package/dist/create/authorization-controller.d.ts

@@ -1,9 +1,10 @@
 import { NobjcObject } from "objc-js";
 import type { ExcludeCredential } from "./internal-handler.js";
+import type { ASAuthorizationController } from "objcjs-types/AuthenticationServices";
 export interface PublicKeyCredentialParams {
     type: "public-key";
     algorithm: number;
 }
 export declare function setControllerState(self: NobjcObject, clientDataHash: Buffer, pubKeyCredParams: PublicKeyCredentialParams[], residentKeyRequired: boolean, excludeCredentialIds: ExcludeCredential[]): void;
 export declare function removeControllerState(self: NobjcObject): void;
-export declare const WebauthnCreateController: NobjcObject;
+export declare const WebauthnCreateController: typeof ASAuthorizationController;

package/dist/create/authorization-controller.js

@@ -1,9 +1,8 @@
 import { NobjcClass, NobjcObject, getPointer } from "objc-js";
-import { NSDataFromBuffer } from "../objc/foundation/nsdata.js";
-import { NSArrayFromObjects } from "../objc/foundation/nsarray.js";
-import { NSStringFromString } from "../objc/foundation/nsstring.js";
-import { createASCPublicKeyCredentialDescriptor } from "../objc/authentication-services/as-authorization-c-public-key-credential-descriptor.js";
-import { NSNumberFromInteger } from "../objc/foundation/nsinteger.js";
+import { NSDataFromBuffer } from "objcjs-types/nsdata";
+import { NSArrayFromObjects, NSStringFromString } from "objcjs-types/helpers";
+import { NSNumber } from "objcjs-types/Foundation";
+import { ASCPublicKeyCredentialDescriptor } from "../additional-objc/ASCPublicKeyCredentialDescriptor.js";
 const createControllerState = new Map();
 function getObjectPointerString(self) {
     return getPointer(self).toString("base64");
@@ -44,7 +43,8 @@ export const WebauthnCreateController = NobjcClass.define({
                     const supportedAlgos = [];
                     for (const param of pubKeyCredParams) {
                         if (param.type === "public-key") {
-                            supportedAlgos.push(NSNumberFromInteger(param.algorithm));
+                            const nsNum = NSNumber.numberWithInteger$(param.algorithm);
+                            supportedAlgos.push(nsNum);
                         }
                     }
                     if (supportedAlgos.length > 0) {
@@ -63,7 +63,7 @@ export const WebauthnCreateController = NobjcClass.define({
                         }
                         const credentialID = NSDataFromBuffer(cred.id);
                         const transportsArray = NSArrayFromObjects(transports);
-                        const initializedDescriptor = createASCPublicKeyCredentialDescriptor(credentialID, transportsArray);
+                        const initializedDescriptor = ASCPublicKeyCredentialDescriptor.alloc().initWithCredentialID$transports$(credentialID, transportsArray);
                         excludeList.push(initializedDescriptor);
                     }
                     if (excludeList.length > 0) {

package/dist/create/internal-handler.js

@@ -4,21 +4,12 @@ import { PromiseWithResolvers } from "../helpers/index.js";
 import { encodeEC2PublicKeyToSPKI } from "../helpers/public-key.js";
 import { createPresentationContextProviderFromNativeWindowHandle } from "../helpers/presentation.js";
 import { createPRFInput } from "../helpers/prf.js";
-import { createAuthorizationControllerDelegate } from "../objc/authentication-services/as-authorization-controller-delegate.js";
-import { createPlatformPublicKeyCredentialProvider } from "../objc/authentication-services/as-authorization-platform-public-key-credential-provider.js";
-import { createASAuthorizationPublicKeyCredentialLargeBlobRegistrationInput } from "../objc/authentication-services/as-authorization-public-key-credential-large-blob-registration-input.js";
-import { ASAuthorizationPublicKeyCredentialPRFRegistrationInput, createASAuthorizationPublicKeyCredentialPRFRegistrationInput, } from "../objc/authentication-services/as-authorization-public-key-credential-prf-registration-input.js";
-import { ASAuthorizationPublicKeyCredentialAttestationKind } from "../objc/authentication-services/enums/as-authorization-public-key-credential-attestation-kind.js";
-import { ASAuthorizationPublicKeyCredentialLargeBlobSupportRequirement } from "../objc/authentication-services/enums/as-authorization-public-key-credential-large-blob-support-requirement.js";
-import { ASAuthorizationPublicKeyCredentialUserVerificationPreference } from "../objc/authentication-services/enums/as-authorization-public-key-credential-user-verification-preference.js";
-import { NSArrayFromObjects } from "../objc/foundation/nsarray.js";
-import { bufferFromNSDataDirect, NSDataFromBuffer, } from "../objc/foundation/nsdata.js";
-import { NSStringFromString } from "../objc/foundation/nsstring.js";
 import { removeControllerState, setControllerState, WebauthnCreateController, } from "./authorization-controller.js";
 import { parseAttestationObject } from "@oslojs/webauthn";
-import { ASAuthorizationPublicKeyCredentialAttachment } from "../objc/authentication-services/enums/as-authorization-public-key-credential-attachment.js";
-import { createSecurityKeyPublicKeyCredentialProvider } from "../objc/authentication-services/as-authorization-security-key-public-key-credential-provider.js";
-import { createASAuthorizationPublicKeyCredentialParameters, } from "../objc/authentication-services/as-authorization-public-key-credential-parameters.js";
+import { NSArrayFromObjects, NSStringFromString } from "objcjs-types/helpers";
+import { bufferFromNSDataDirect, NSDataFromBuffer } from "objcjs-types/nsdata";
+import { ASAuthorizationPlatformPublicKeyCredentialProvider, ASAuthorizationPlatformPublicKeyCredentialRegistration, ASAuthorizationPublicKeyCredentialAttachment, ASAuthorizationPublicKeyCredentialAttestationKind, ASAuthorizationPublicKeyCredentialLargeBlobRegistrationInput, ASAuthorizationPublicKeyCredentialLargeBlobSupportRequirement, ASAuthorizationPublicKeyCredentialParameters, ASAuthorizationPublicKeyCredentialPRFRegistrationInput, ASAuthorizationPublicKeyCredentialUserVerificationPreference, ASAuthorizationSecurityKeyPublicKeyCredentialProvider, ASAuthorizationSecurityKeyPublicKeyCredentialRegistration, } from "objcjs-types/AuthenticationServices";
+import { createDelegate } from "objcjs-types";
 const VALID_EXTENSIONS = ["largeBlob", "prf"];
 function setupPublicKeyCredentialRegistrationRequest(type, keyRequest, attestation, enabledExtensions, userVerification, pubKeyCredParams, additionalOptions) {
     if (type === "platform" && enabledExtensions.includes("largeBlob")) {
@@ -36,7 +27,7 @@ function setupPublicKeyCredentialRegistrationRequest(type, keyRequest, attestati
             console.warn("[electron-webauthn] largeBlobSupport is enabled but largeBlobSupport is not provided, skipping large blob support");
         }
         if (supportMode) {
-            const largeBlobInput = createASAuthorizationPublicKeyCredentialLargeBlobRegistrationInput(supportMode);
+            const largeBlobInput = ASAuthorizationPublicKeyCredentialLargeBlobRegistrationInput.alloc().initWithSupportRequirement$(supportMode);
             keyRequest.setLargeBlob$(largeBlobInput);
         }
     }
@@ -73,8 +64,9 @@ function setupPublicKeyCredentialRegistrationRequest(type, keyRequest, attestati
     if (type === "security-key") {
         const credentialParameters = [];
         for (const param of pubKeyCredParams) {
-            if (param.type === "public-key") {
-                credentialParameters.push(createASAuthorizationPublicKeyCredentialParameters(param.algorithm));
+            if (param.type === "public-key" && param.algorithm === -7) {
+                const paramObj = ASAuthorizationPublicKeyCredentialParameters.alloc().initWithAlgorithm$(param.algorithm);
+                credentialParameters.push(paramObj);
             }
         }
         const nsCredentialParameters = NSArrayFromObjects(credentialParameters);
@@ -83,7 +75,7 @@ function setupPublicKeyCredentialRegistrationRequest(type, keyRequest, attestati
     if (type === "platform" && enabledExtensions.includes("prf")) {
         if (additionalOptions.prf) {
             const inputValues = createPRFInput(additionalOptions.prf);
-            const prfInput = createASAuthorizationPublicKeyCredentialPRFRegistrationInput(inputValues);
+            const prfInput = ASAuthorizationPublicKeyCredentialPRFRegistrationInput.alloc().initWithInputValues$(inputValues);
             keyRequest.setPrf$(prfInput);
         }
         else {
@@ -100,14 +92,14 @@ function createCredentialInternal(rpid, challenge, username, userID, nativeWindo
     const requestArrayInput = [];
     if (preferredAuthenticatorAttachment === "all" ||
         preferredAuthenticatorAttachment === "platform") {
-        const platformProvider = createPlatformPublicKeyCredentialProvider(NS_rpID);
+        const platformProvider = ASAuthorizationPlatformPublicKeyCredentialProvider.alloc().initWithRelyingPartyIdentifier$(NS_rpID);
         const platformKeyRequest = platformProvider.createCredentialRegistrationRequestWithChallenge$name$userID$(NS_challenge, NS_username, NS_userID);
         setupPublicKeyCredentialRegistrationRequest("platform", platformKeyRequest, attestation, enabledExtensions, userVerification, supportedAlgorithmIdentifiers, additionalOptions);
         requestArrayInput.push(platformKeyRequest);
     }
     if (preferredAuthenticatorAttachment === "all" ||
         preferredAuthenticatorAttachment === "cross-platform") {
-        const securityKeyProvider = createSecurityKeyPublicKeyCredentialProvider(NS_rpID);
+        const securityKeyProvider = ASAuthorizationSecurityKeyPublicKeyCredentialProvider.alloc().initWithRelyingPartyIdentifier$(NS_rpID);
         const securityKeyRequest = securityKeyProvider.createCredentialRegistrationRequestWithChallenge$displayName$name$userID$(NS_challenge, NSStringFromString(additionalOptions.userDisplayName || username), NS_username, NS_userID);
         setupPublicKeyCredentialRegistrationRequest("security-key", securityKeyRequest, attestation, enabledExtensions, userVerification, supportedAlgorithmIdentifiers, additionalOptions);
         requestArrayInput.push(securityKeyRequest);
@@ -127,10 +119,19 @@ function createCredentialInternal(rpid, challenge, username, userID, nativeWindo
             timeoutHandlerId = null;
         }
     };
-    const delegate = createAuthorizationControllerDelegate({
-        didCompleteWithAuthorization: (_, authorization) => {
+    const delegate = createDelegate("ASAuthorizationControllerDelegate", {
+        authorizationController$didCompleteWithAuthorization$: (_, authorization) => {
             const credential = authorization.credential();
             console.log("Authorization succeeded:", credential);
+            const isPlatform = credential instanceof
+                ASAuthorizationPlatformPublicKeyCredentialRegistration;
+            const isSecurityKey = credential instanceof
+                ASAuthorizationSecurityKeyPublicKeyCredentialRegistration;
+            if (!isPlatform && !isSecurityKey) {
+                reject(new Error("Resulting credential is not a platform or security key credential"));
+                finished(false);
+                return;
+            }
             const credentialIdBuffer = bufferFromNSDataDirect(credential.credentialID());
             const attestationObjectBuffer = bufferFromNSDataDirect(credential.rawAttestationObject());
             const attestation = parseAttestationObject(attestationObjectBuffer);
@@ -138,10 +139,11 @@ function createCredentialInternal(rpid, challenge, username, userID, nativeWindo
             const ec2Key = publicKey.ec2();
             const publicKeySPKI = encodeEC2PublicKeyToSPKI(ec2Key.x, ec2Key.y);
             const authenticatorData = Buffer.from(JSON.stringify(attestation.authenticatorData));
-            let authenticatorAttachment = "platform";
-            if (credential.attachment() ===
-                ASAuthorizationPublicKeyCredentialAttachment.ASAuthorizationPublicKeyCredentialAttachmentCrossPlatform) {
-                authenticatorAttachment = "cross-platform";
+            let authenticatorAttachment = "cross-platform";
+            if (isPlatform &&
+                credential.attachment() ===
+                    ASAuthorizationPublicKeyCredentialAttachment.Platform) {
+                authenticatorAttachment = "platform";
             }
             let isLargeBlobSupported = null;
             if (enabledExtensions.includes("largeBlob")) {
@@ -185,9 +187,8 @@ function createCredentialInternal(rpid, challenge, username, userID, nativeWindo
             resolve(data);
             finished(true);
         },
-        didCompleteWithError: (_, error) => {
-            const parsedError = error;
-            const errorMessage = parsedError.localizedDescription().UTF8String();
+        authorizationController$didCompleteWithError$: (_, error) => {
+            const errorMessage = error.localizedDescription().UTF8String();
             reject(new Error(errorMessage));
             finished(false);
         },

package/dist/get/authorization-controller.d.ts

@@ -1,4 +1,5 @@
 import { NobjcObject } from "objc-js";
+import type { ASAuthorizationController } from "objcjs-types/AuthenticationServices";
 export declare function setClientDataHash(self: NobjcObject, clientDataHash: Buffer): void;
 export declare function removeClientDataHash(self: NobjcObject): void;
-export declare const WebauthnGetController: NobjcObject;
+export declare const WebauthnGetController: typeof ASAuthorizationController;

package/dist/get/authorization-controller.js

@@ -1,5 +1,5 @@
 import { NobjcClass, NobjcObject, getPointer } from "objc-js";
-import { NSDataFromBuffer } from "../objc/foundation/nsdata.js";
+import { NSDataFromBuffer } from "objcjs-types/nsdata";
 const getControllerState = new Map();
 function getObjectPointerString(self) {
     return getPointer(self).toString("base64");

package/dist/get/internal-handler.js

@@ -1,23 +1,14 @@
-import {} from "objc-js";
-import { createAuthorizationControllerDelegate } from "../objc/authentication-services/as-authorization-controller-delegate.js";
-import { ASAuthorizationController } from "../objc/authentication-services/as-authorization-controller.js";
-import { createPlatformPublicKeyCredentialProvider } from "../objc/authentication-services/as-authorization-platform-public-key-credential-provider.js";
-import { createPlatformPublicKeyCredentialDescriptor } from "../objc/authentication-services/as-authorization-platform-public-key-credential-descriptor.js";
-import { NSArrayFromObjects } from "../objc/foundation/nsarray.js";
-import { bufferFromNSDataDirect, NSDataFromBuffer, } from "../objc/foundation/nsdata.js";
-import { NSStringFromString } from "../objc/foundation/nsstring.js";
 import { base64UrlToBuffer, PromiseWithResolvers } from "../helpers/index.js";
-import { ASAuthorizationPublicKeyCredentialAttachment } from "../objc/authentication-services/enums/as-authorization-public-key-credential-attachment.js";
 import { removeClientDataHash, setClientDataHash, WebauthnGetController, } from "../get/authorization-controller.js";
-import { createSecurityKeyPublicKeyCredentialProvider } from "../objc/authentication-services/as-authorization-security-key-public-key-credential-provider.js";
-import { createASAuthorizationPublicKeyCredentialLargeBlobAssertionInput } from "../objc/authentication-services/as-authorization-public-key-credential-large-blob-assertion-input.js";
-import { ASAuthorizationPublicKeyCredentialLargeBlobAssertionOperation } from "../objc/authentication-services/enums/as-authorization-public-key-credential-large-blob-assertion-operation.js";
-import { createASAuthorizationPublicKeyCredentialPRFAssertionInput } from "../objc/authentication-services/as-authorization-public-key-credential-prf-assertion-input.js";
-import {} from "../objc/authentication-services/as-authorization-public-key-credential-prf-assertion-input-valuesas-authorization-public-key-credential-prf-assertion-input-values.js";
 import { createPRFInput } from "../helpers/prf.js";
-import { NSDictionaryFromKeysAndValues, } from "../objc/foundation/nsdictionary.js";
 import { generateClientDataInfo, generateWebauthnClientData, } from "../helpers/client-data.js";
 import { createPresentationContextProviderFromNativeWindowHandle } from "../helpers/presentation.js";
+import { NSStringFromString } from "objcjs-types/helpers";
+import { ASAuthorizationPlatformPublicKeyCredentialProvider, ASAuthorizationPublicKeyCredentialLargeBlobAssertionInput, ASAuthorizationPublicKeyCredentialLargeBlobAssertionOperation, ASAuthorizationPlatformPublicKeyCredentialDescriptor, ASAuthorizationSecurityKeyPublicKeyCredentialProvider, ASAuthorizationPublicKeyCredentialPRFAssertionInput, ASAuthorizationPublicKeyCredentialAttachment, ASAuthorizationPlatformPublicKeyCredentialAssertion, ASAuthorizationSecurityKeyPublicKeyCredentialAssertion, } from "objcjs-types/AuthenticationServices";
+import { NSDataFromBuffer, bufferFromNSDataDirect } from "objcjs-types/nsdata";
+import { createDelegate } from "objcjs-types/delegates";
+import { NSArray, NSDictionary, } from "objcjs-types/Foundation";
+import { NSArrayFromObjects, NSDictionaryFromKeysAndValues, } from "objcjs-types/helpers";
 const VALID_EXTENSIONS = ["largeBlobRead", "largeBlobWrite", "prf"];
 function setupPublicKeyCredentialRequest(type, keyRequest, userVerificationPreference, enabledExtensions, allowedCredentialIds, additionalOptions) {
     if (userVerificationPreference === "preferred") {
@@ -34,13 +25,13 @@ function setupPublicKeyCredentialRequest(type, keyRequest, userVerificationPrefe
         const largeBlobWrite = enabledExtensions.includes("largeBlobWrite");
         if (largeBlobRead) {
             const operation = ASAuthorizationPublicKeyCredentialLargeBlobAssertionOperation.Read;
-            const largeBlobInput = createASAuthorizationPublicKeyCredentialLargeBlobAssertionInput(operation);
+            const largeBlobInput = ASAuthorizationPublicKeyCredentialLargeBlobAssertionInput.alloc().initWithOperation$(operation);
             keyRequest.setLargeBlob$(largeBlobInput);
         }
         else if (largeBlobWrite) {
             if (additionalOptions.largeBlobDataToWrite) {
                 const operation = ASAuthorizationPublicKeyCredentialLargeBlobAssertionOperation.Write;
-                const largeBlobInput = createASAuthorizationPublicKeyCredentialLargeBlobAssertionInput(operation);
+                const largeBlobInput = ASAuthorizationPublicKeyCredentialLargeBlobAssertionInput.alloc().initWithOperation$(operation);
                 largeBlobInput.setDataToWrite$(NSDataFromBuffer(additionalOptions.largeBlobDataToWrite));
                 keyRequest.setLargeBlob$(largeBlobInput);
             }
@@ -68,7 +59,7 @@ function setupPublicKeyCredentialRequest(type, keyRequest, userVerificationPrefe
                 }
                 perCredentialInputValues = NSDictionaryFromKeysAndValues(keys, values);
             }
-            const prfInput = createASAuthorizationPublicKeyCredentialPRFAssertionInput(inputValues, perCredentialInputValues);
+            const prfInput = ASAuthorizationPublicKeyCredentialPRFAssertionInput.alloc().initWithInputValues$perCredentialInputValues$(inputValues, perCredentialInputValues);
             keyRequest.setPrf$(prfInput);
         }
         else {
@@ -80,10 +71,10 @@ function getCredentialInternal(rpid, challenge, nativeWindowHandle, origin, time
     const { promise, resolve, reject } = PromiseWithResolvers();
     const NS_rpID = NSStringFromString(rpid);
     const NS_challenge = NSDataFromBuffer(challenge);
-    const platformProvider = createPlatformPublicKeyCredentialProvider(NS_rpID);
+    const platformProvider = ASAuthorizationPlatformPublicKeyCredentialProvider.alloc().initWithRelyingPartyIdentifier$(NS_rpID);
     const platformKeyRequest = platformProvider.createCredentialAssertionRequestWithChallenge$(NS_challenge);
     setupPublicKeyCredentialRequest("platform", platformKeyRequest, userVerificationPreference, enabledExtensions, allowedCredentialIds, additionalOptions);
-    const securityKeyProvider = createSecurityKeyPublicKeyCredentialProvider(NS_rpID);
+    const securityKeyProvider = ASAuthorizationSecurityKeyPublicKeyCredentialProvider.alloc().initWithRelyingPartyIdentifier$(NS_rpID);
     const securityKeyRequest = securityKeyProvider.createCredentialAssertionRequestWithChallenge$(NS_challenge);
     setupPublicKeyCredentialRequest("security-key", securityKeyRequest, userVerificationPreference, enabledExtensions, allowedCredentialIds, additionalOptions);
     const requestsArray = NSArrayFromObjects([
@@ -105,18 +96,28 @@ function getCredentialInternal(rpid, challenge, nativeWindowHandle, origin, time
         }
     };
     if (allowedCredentialIds.length > 0) {
-        const allowedCredentials = NSArrayFromObjects(allowedCredentialIds.map((id) => createPlatformPublicKeyCredentialDescriptor(NSDataFromBuffer(id))));
+        const allowedCredentials = NSArrayFromObjects(allowedCredentialIds.map((id) => ASAuthorizationPlatformPublicKeyCredentialDescriptor.alloc().initWithCredentialID$(NSDataFromBuffer(id))));
         platformKeyRequest.setAllowedCredentials$(allowedCredentials);
     }
-    const delegate = createAuthorizationControllerDelegate({
-        didCompleteWithAuthorization: (_, authorization) => {
+    const delegate = createDelegate("ASAuthorizationControllerDelegate", {
+        authorizationController$didCompleteWithAuthorization$: (_, authorization) => {
             const credential = authorization.credential();
+            const isPlatform = credential instanceof
+                ASAuthorizationPlatformPublicKeyCredentialAssertion;
+            const isSecurityKey = credential instanceof
+                ASAuthorizationSecurityKeyPublicKeyCredentialAssertion;
+            if (!isPlatform && !isSecurityKey) {
+                reject(new Error("Resulting credential is not a platform or security key credential"));
+                finished(false);
+                return;
+            }
             const id_data = credential.credentialID();
             const id = bufferFromNSDataDirect(id_data);
-            let authenticatorAttachment = "platform";
-            if (credential.attachment() ===
-                ASAuthorizationPublicKeyCredentialAttachment.ASAuthorizationPublicKeyCredentialAttachmentCrossPlatform) {
-                authenticatorAttachment = "cross-platform";
+            let authenticatorAttachment = "cross-platform";
+            if (isPlatform &&
+                credential.attachment() ===
+                    ASAuthorizationPublicKeyCredentialAttachment.Platform) {
+                authenticatorAttachment = "platform";
             }
             const prf = credential.prf();
             const prfFirst = prf?.first ? prf.first() : null;
@@ -148,9 +149,8 @@ function getCredentialInternal(rpid, challenge, nativeWindowHandle, origin, time
             });
             finished(true);
         },
-        didCompleteWithError: (_, error) => {
-            const parsedError = error;
-            const errorMessage = parsedError.localizedDescription().UTF8String();
+        authorizationController$didCompleteWithError$: (_, error) => {
+            const errorMessage = error.localizedDescription().UTF8String();
             reject(new Error(errorMessage));
             finished(false);
         },

package/dist/helpers/presentation.js

@@ -1,12 +1,11 @@
 import { fromPointer } from "objc-js";
-import { createPresentationContextProvider } from "../objc/authentication-services/as-authorization-controller-presentation-context-providing.js";
+import { createDelegate } from "objcjs-types";
 export function createPresentationContextProviderFromNativeWindowHandle(nativeWindowHandle) {
-    const presentationContextProvider = createPresentationContextProvider({
-        presentationAnchorForAuthorizationController: () => {
+    return createDelegate("ASAuthorizationControllerPresentationContextProviding", {
+        presentationAnchorForAuthorizationController$: () => {
             const nsView = fromPointer(nativeWindowHandle);
             const nsWindow = nsView.window();
             return nsWindow;
         },
     });
-    return presentationContextProvider;
 }

package/dist/helpers/prf.d.ts

@@ -2,4 +2,4 @@ export interface PRFInput {
     first: Buffer;
     second?: Buffer;
 }
-export declare function createPRFInput(prf: PRFInput): import("../objc/authentication-services/as-authorization-public-key-credential-prf-assertion-input-valuesas-authorization-public-key-credential-prf-assertion-input-values.js")._ASAuthorizationPublicKeyCredentialPRFAssertionInputValues;
+export declare function createPRFInput(prf: PRFInput): import("objcjs-types/AuthenticationServices")._ASAuthorizationPublicKeyCredentialPRFAssertionInputValues;

package/dist/helpers/prf.js

@@ -1,5 +1,5 @@
-import { createASAuthorizationPublicKeyCredentialPRFAssertionInputValues } from "../objc/authentication-services/as-authorization-public-key-credential-prf-assertion-input-valuesas-authorization-public-key-credential-prf-assertion-input-values.js";
-import { NSDataFromBuffer } from "../objc/foundation/nsdata.js";
+import { ASAuthorizationPublicKeyCredentialPRFAssertionInputValues } from "objcjs-types/AuthenticationServices";
+import { NSDataFromBuffer } from "objcjs-types/nsdata";
 export function createPRFInput(prf) {
-    return createASAuthorizationPublicKeyCredentialPRFAssertionInputValues(NSDataFromBuffer(prf.first), prf.second ? NSDataFromBuffer(prf.second) : null);
+    return ASAuthorizationPublicKeyCredentialPRFAssertionInputValues.alloc().initWithSaltInput1$saltInput2$(NSDataFromBuffer(prf.first), prf.second ? NSDataFromBuffer(prf.second) : null);
 }

package/dist/index.d.ts

@@ -1,2 +1,3 @@
 export * from "./get/handler.js";
 export * from "./create/handler.js";
+export * from "./list/handler.js";

package/dist/index.js

@@ -1,2 +1,3 @@
 export * from "./get/handler.js";
 export * from "./create/handler.js";
+export * from "./list/handler.js";

package/dist/list/handler.d.ts

@@ -0,0 +1,2 @@
+import type { ListPasskeysResult, ListPasskeysError } from "./types.js";
+export declare function listPasskeys(relyingPartyId: string): Promise<ListPasskeysResult | ListPasskeysError>;

package/dist/list/handler.js

@@ -0,0 +1,71 @@
+import { bufferToBase64Url, PromiseWithResolvers } from "../helpers/index.js";
+import { bufferFromNSDataDirect } from "objcjs-types/nsdata";
+import { NSStringFromString } from "objcjs-types/helpers";
+import { ASAuthorizationWebBrowserPublicKeyCredentialManager, ASAuthorizationWebBrowserPublicKeyCredentialManagerAuthorizationState, } from "objcjs-types/AuthenticationServices";
+import { isAtLeast, version, formatVersion, getOSVersion, } from "objcjs-types/osversion";
+import { enumFromValue, makePromise1Result } from "objcjs-types/helpers";
+const LOGGING_ENABLED = false;
+function log(...args) {
+    if (!LOGGING_ENABLED)
+        return;
+    console.log(...args);
+}
+export async function listPasskeys(relyingPartyId) {
+    try {
+        const minVersion = version(13, 3);
+        if (!isAtLeast(minVersion)) {
+            const currentVersion = getOSVersion();
+            throw new Error(`Passkey listing requires macOS 13.3 or later (current: ${formatVersion(currentVersion)})`);
+        }
+        const manager = ASAuthorizationWebBrowserPublicKeyCredentialManager.alloc().init();
+        const authState = manager.authorizationStateForPlatformCredentials();
+        log(`[listPasskeys] Authorization state: ${authState}`);
+        if (authState ===
+            ASAuthorizationWebBrowserPublicKeyCredentialManagerAuthorizationState.NotDetermined) {
+            log("[listPasskeys] Authorization not determined, requesting...");
+            const newStateValue = await makePromise1Result(manager.requestAuthorizationForPublicKeyCredentials$.bind(manager));
+            const newState = enumFromValue(ASAuthorizationWebBrowserPublicKeyCredentialManagerAuthorizationState, newStateValue);
+            log(`[listPasskeys] Authorization request completed, new state: ${newState}`);
+        }
+        else if (authState ===
+            ASAuthorizationWebBrowserPublicKeyCredentialManagerAuthorizationState.Denied) {
+            throw new Error("Authorization DENIED - user must grant permission in System Settings > Privacy & Security");
+        }
+        else {
+            log("[listPasskeys] Authorization already granted");
+        }
+        const rpIdString = NSStringFromString(relyingPartyId);
+        log(`[listPasskeys] Calling platformCredentialsForRelyingParty: ${relyingPartyId}`);
+        const credentialsArray = await makePromise1Result(manager.platformCredentialsForRelyingParty$completionHandler$.bind(manager), rpIdString);
+        const count = credentialsArray.count();
+        log(`[listPasskeys] platformCredentials returned ${count} entries`);
+        const credentials = [];
+        for (let i = 0; i < count; i++) {
+            const cred = credentialsArray.objectAtIndex$(i);
+            const credentialIdData = cred.credentialID();
+            const userName = cred.name().UTF8String();
+            const userHandleData = cred.userHandle();
+            const credentialId = bufferToBase64Url(bufferFromNSDataDirect(credentialIdData));
+            const userHandle = bufferToBase64Url(bufferFromNSDataDirect(userHandleData));
+            log(`[listPasskeys] Found credential: name=${userName}, id=${credentialId.substring(0, 20)}...`);
+            credentials.push({
+                id: credentialId,
+                rpId: relyingPartyId,
+                userName,
+                userHandle,
+            });
+        }
+        log(`[listPasskeys] Returning ${credentials.length} results`);
+        return {
+            success: true,
+            credentials,
+        };
+    }
+    catch (error) {
+        console.error("[listPasskeys] ", error);
+        return {
+            success: false,
+            error: error instanceof Error ? error : new Error(String(error)),
+        };
+    }
+}

package/dist/list/types.d.ts

@@ -0,0 +1,14 @@
+export interface PasskeyCredential {
+    id: string;
+    rpId: string;
+    userName: string;
+    userHandle: string;
+}
+export interface ListPasskeysResult {
+    success: true;
+    credentials: PasskeyCredential[];
+}
+export interface ListPasskeysError {
+    success: false;
+    error: Error;
+}

package/dist/list/types.js

@@ -0,0 +1 @@
+export {};

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "electron-webauthn",
-  "version": "1.0.5",
+  "version": "1.1.1",
   "repository": "https://github.com/iamEvanYT/electron-webauthn.git",
   "homepage": "https://github.com/iamEvanYT/electron-webauthn#readme",
   "description": "Add support for WebAuthn for Electron.",
@@ -30,7 +30,8 @@
   },
   "dependencies": {
     "@oslojs/webauthn": "^1.0.0",
-    "objc-js": "^1.0.4"
+    "objc-js": "^1.3.1",
+    "objcjs-types": "^0.5.1"
   },
   "trustedDependencies": [
     "objc-js"

package/dist/objc/authentication-services/as-authorization-c-public-key-credential-descriptor.d.ts

@@ -1,9 +0,0 @@
-import type { NobjcObject } from "objc-js";
-declare class _ASCPublicKeyCredentialDescriptor extends NobjcObject {
-    initWithCredentialID$transports$(credentialID: NobjcObject, transports: NobjcObject): _ASCPublicKeyCredentialDescriptor;
-    credentialID(): NobjcObject;
-    transports(): NobjcObject;
-}
-export declare const ASCPublicKeyCredentialDescriptor: typeof _ASCPublicKeyCredentialDescriptor;
-export type { _ASCPublicKeyCredentialDescriptor };
-export declare function createASCPublicKeyCredentialDescriptor(credentialID: NobjcObject, transports: NobjcObject): _ASCPublicKeyCredentialDescriptor;

package/dist/objc/authentication-services/as-authorization-c-public-key-credential-descriptor.js

@@ -1,6 +0,0 @@
-import { AuthenticationServices } from "./index.js";
-export const ASCPublicKeyCredentialDescriptor = AuthenticationServices.ASCPublicKeyCredentialDescriptor;
-export function createASCPublicKeyCredentialDescriptor(credentialID, transports) {
-    const instance = ASCPublicKeyCredentialDescriptor.alloc();
-    return instance.initWithCredentialID$transports$(credentialID, transports);
-}

package/dist/objc/authentication-services/as-authorization-controller-delegate.d.ts

@@ -1,7 +0,0 @@
-import { NobjcObject } from "objc-js";
-import type { _ASAuthorization } from "./as-authorization.js";
-export interface ASAuthorizationControllerDelegateCallbacks {
-    didCompleteWithAuthorization?: (controller: NobjcObject, authorization: _ASAuthorization) => void;
-    didCompleteWithError?: (controller: NobjcObject, error: NobjcObject) => void;
-}
-export declare function createAuthorizationControllerDelegate(callbacks: ASAuthorizationControllerDelegateCallbacks): NobjcObject;

package/dist/objc/authentication-services/as-authorization-controller-delegate.js

@@ -1,12 +0,0 @@
-import { NobjcObject, NobjcProtocol } from "objc-js";
-export function createAuthorizationControllerDelegate(callbacks) {
-    const methodImplementations = {};
-    if (callbacks.didCompleteWithAuthorization) {
-        methodImplementations["authorizationController$didCompleteWithAuthorization$"] = callbacks.didCompleteWithAuthorization;
-    }
-    if (callbacks.didCompleteWithError) {
-        methodImplementations["authorizationController$didCompleteWithError$"] =
-            callbacks.didCompleteWithError;
-    }
-    return NobjcProtocol.implement("ASAuthorizationControllerDelegate", methodImplementations);
-}

package/dist/objc/authentication-services/as-authorization-controller-presentation-context-providing.d.ts

@@ -1,5 +0,0 @@
-import { NobjcObject } from "objc-js";
-export interface ASAuthorizationControllerPresentationContextProvidingCallbacks {
-    presentationAnchorForAuthorizationController: (controller: NobjcObject) => NobjcObject;
-}
-export declare function createPresentationContextProvider(callbacks: ASAuthorizationControllerPresentationContextProvidingCallbacks): NobjcObject;

package/dist/objc/authentication-services/as-authorization-controller-presentation-context-providing.js

@@ -1,7 +0,0 @@
-import { NobjcObject, NobjcProtocol } from "objc-js";
-export function createPresentationContextProvider(callbacks) {
-    const methodImplementations = {};
-    methodImplementations["presentationAnchorForAuthorizationController$"] =
-        callbacks.presentationAnchorForAuthorizationController;
-    return NobjcProtocol.implement("ASAuthorizationControllerPresentationContextProviding", methodImplementations);
-}

package/dist/objc/authentication-services/as-authorization-controller.d.ts

@@ -1,15 +0,0 @@
-import type { NobjcObject } from "objc-js";
-declare class _ASAuthorizationController extends NobjcObject {
-    initWithAuthorizationRequests$(authorizationRequests: NobjcObject): _ASAuthorizationController;
-    performRequests(): void;
-    performRequestsWithOptions$(options: NobjcObject): void;
-    performAutoFillAssistedRequests(): void;
-    cancel(): void;
-    setDelegate$(delegate: NobjcObject): void;
-    delegate(): NobjcObject;
-    setPresentationContextProvider$(provider: NobjcObject): void;
-    presentationContextProvider(): NobjcObject;
-}
-export declare const ASAuthorizationController: typeof _ASAuthorizationController;
-export declare function createAuthorizationController(authorizationRequests: NobjcObject): _ASAuthorizationController;
-export {};

package/dist/objc/authentication-services/as-authorization-controller.js

@@ -1,6 +0,0 @@
-import { AuthenticationServices } from "./index.js";
-export const ASAuthorizationController = AuthenticationServices.ASAuthorizationController;
-export function createAuthorizationController(authorizationRequests) {
-    const instance = ASAuthorizationController.alloc();
-    return instance.initWithAuthorizationRequests$(authorizationRequests);
-}