ngx-webauthn 0.0.2

package/index.d.ts

@@ -0,0 +1,702 @@
+import { Observable } from 'rxjs';
+import * as i0 from '@angular/core';
+import { InjectionToken, Provider } from '@angular/core';
+
+/**
+ * Preset for modern, passwordless, cross-device credentials.
+ *
+ * Best for: Passkey-based authentication where users can sync credentials
+ * across devices and use them for passwordless login.
+ *
+ * Features:
+ * - Requires resident keys (discoverable credentials)
+ * - Prefers user verification but doesn't require it
+ * - Works with both platform and cross-platform authenticators
+ * - Supports credential syncing across devices
+ */
+declare const PASSKEY_PRESET: {
+    readonly authenticatorSelection: {
+        readonly residentKey: "required";
+        readonly userVerification: "preferred";
+    };
+    readonly pubKeyCredParams: readonly [{
+        readonly type: "public-key";
+        readonly alg: -7;
+    }, {
+        readonly type: "public-key";
+        readonly alg: -257;
+    }];
+};
+/**
+ * Preset for using a security key as a second factor after a password.
+ *
+ * Best for: Traditional 2FA scenarios where users already have a password
+ * and want to add hardware security key as a second factor.
+ *
+ * Features:
+ * - Discourages resident keys (server-side credential storage)
+ * - Prefers user verification
+ * - Favors cross-platform authenticators (USB/NFC security keys)
+ * - Credentials typically not synced between devices
+ */
+declare const SECOND_FACTOR_PRESET: {
+    readonly authenticatorSelection: {
+        readonly residentKey: "discouraged";
+        readonly userVerification: "preferred";
+        readonly authenticatorAttachment: "cross-platform";
+    };
+    readonly pubKeyCredParams: readonly [{
+        readonly type: "public-key";
+        readonly alg: -7;
+    }, {
+        readonly type: "public-key";
+        readonly alg: -257;
+    }];
+};
+/**
+ * Preset for high-security, non-synced, single-device credentials.
+ *
+ * Best for: High-security scenarios where credentials must stay on a single
+ * device and user verification is mandatory.
+ *
+ * Features:
+ * - Requires platform authenticators (built-in biometrics/PIN)
+ * - Requires resident keys for discoverability
+ * - Requires user verification (biometric/PIN)
+ * - Credentials bound to specific device (no syncing)
+ */
+declare const DEVICE_BOUND_PRESET: {
+    readonly authenticatorSelection: {
+        readonly authenticatorAttachment: "platform";
+        readonly residentKey: "required";
+        readonly userVerification: "required";
+    };
+    readonly pubKeyCredParams: readonly [{
+        readonly type: "public-key";
+        readonly alg: -7;
+    }, {
+        readonly type: "public-key";
+        readonly alg: -257;
+    }];
+};
+/**
+ * Map of preset names to their configurations
+ * Used internally for preset resolution
+ */
+declare const PRESET_MAP: {
+    readonly passkey: {
+        readonly authenticatorSelection: {
+            readonly residentKey: "required";
+            readonly userVerification: "preferred";
+        };
+        readonly pubKeyCredParams: readonly [{
+            readonly type: "public-key";
+            readonly alg: -7;
+        }, {
+            readonly type: "public-key";
+            readonly alg: -257;
+        }];
+    };
+    readonly secondFactor: {
+        readonly authenticatorSelection: {
+            readonly residentKey: "discouraged";
+            readonly userVerification: "preferred";
+            readonly authenticatorAttachment: "cross-platform";
+        };
+        readonly pubKeyCredParams: readonly [{
+            readonly type: "public-key";
+            readonly alg: -7;
+        }, {
+            readonly type: "public-key";
+            readonly alg: -257;
+        }];
+    };
+    readonly deviceBound: {
+        readonly authenticatorSelection: {
+            readonly authenticatorAttachment: "platform";
+            readonly residentKey: "required";
+            readonly userVerification: "required";
+        };
+        readonly pubKeyCredParams: readonly [{
+            readonly type: "public-key";
+            readonly alg: -7;
+        }, {
+            readonly type: "public-key";
+            readonly alg: -257;
+        }];
+    };
+};
+/**
+ * Available preset names as a union type
+ */
+type PresetName = keyof typeof PRESET_MAP;
+
+/**
+ * High-level configuration interfaces for WebAuthn operations
+ *
+ * These interfaces provide a convenient, preset-driven API while still allowing
+ * full customization through override properties. They derive from standard WebAuthn
+ * types where possible to reduce duplication and ensure compatibility.
+ */
+
+/**
+ * Relying party configuration using standard WebAuthn type
+ * No duplication needed - uses PublicKeyCredentialRpEntity directly
+ */
+type EnhancedRelyingParty = PublicKeyCredentialRpEntity;
+/**
+ * Flexible user identifier that can be a string or Uint8Array
+ * Provides better DX while maintaining compatibility with WebAuthn standards
+ */
+type FlexibleUserId = string | Uint8Array;
+/**
+ * Flexible challenge that can be a string or Uint8Array
+ * Provides better DX while maintaining compatibility with WebAuthn standards
+ */
+type FlexibleChallenge = string | Uint8Array;
+/**
+ * Flexible credential descriptors that can be either full descriptors or just ID strings
+ * Provides better DX for common use cases while maintaining full flexibility
+ */
+type FlexibleCredentialDescriptors = PublicKeyCredentialDescriptor[] | string[];
+/**
+ * Configuration for WebAuthn credential registration
+ *
+ * This interface extends standard WebAuthn types with preset support and enhanced UX.
+ * It derives from PublicKeyCredentialCreationOptions where possible to avoid duplication.
+ */
+interface RegisterConfig extends Partial<Pick<PublicKeyCredentialCreationOptions, 'timeout' | 'attestation' | 'authenticatorSelection' | 'pubKeyCredParams' | 'extensions'>> {
+    /**
+     * Username for the credential
+     * This is used to generate the user.name and user.id if not explicitly provided
+     */
+    username: string;
+    /**
+     * Optional preset to use as base configuration
+     * - 'passkey': Modern passwordless, cross-device credentials
+     * - 'secondFactor': Security key as second factor after password
+     * - 'deviceBound': High-security, device-bound credentials
+     */
+    preset?: PresetName;
+    /**
+     * Display name for the user (optional override)
+     * If not provided, defaults to the username
+     */
+    displayName?: string;
+    /**
+     * Relying Party configuration (optional override)
+     * If not provided, will need to be set by the application or service
+     * Uses standard PublicKeyCredentialRpEntity structure
+     */
+    rp?: EnhancedRelyingParty;
+    /**
+     * Challenge for the registration (optional override)
+     * If not provided, a secure random challenge will be generated
+     * Can be either base64url string or Uint8Array for better DX
+     */
+    challenge?: FlexibleChallenge;
+    /**
+     * Credentials to exclude from registration (optional override)
+     * Can be an array of credential IDs (base64url strings) or full descriptors
+     * Enhanced to accept simple string arrays for better DX
+     */
+    excludeCredentials?: FlexibleCredentialDescriptors;
+    /**
+     * User ID override (optional)
+     * If not provided, a user ID will be generated from the username
+     * Can be either base64url string or Uint8Array for better DX
+     */
+    userId?: FlexibleUserId;
+}
+/**
+ * Configuration for WebAuthn authentication
+ *
+ * This interface extends standard WebAuthn types with preset support and enhanced UX.
+ * It derives from PublicKeyCredentialRequestOptions where possible to avoid duplication.
+ */
+interface AuthenticateConfig extends Partial<Pick<PublicKeyCredentialRequestOptions, 'timeout' | 'userVerification' | 'extensions'>> {
+    /**
+     * Optional username hint for discoverable credentials
+     * Not required for authentication, but can be used for user experience
+     */
+    username?: string;
+    /**
+     * Optional preset to use as base configuration
+     * Affects user verification and other authentication parameters
+     */
+    preset?: PresetName;
+    /**
+     * Challenge for the authentication (optional override)
+     * If not provided, a secure random challenge will be generated
+     * Can be either base64url string or Uint8Array for better DX
+     */
+    challenge?: FlexibleChallenge;
+    /**
+     * Specific credentials to allow for authentication (optional override)
+     * Can be an array of credential IDs (base64url strings) or full descriptors
+     * If not provided, allows any credential (discoverable credential flow)
+     * Enhanced to accept simple string arrays for better DX
+     */
+    allowCredentials?: FlexibleCredentialDescriptors;
+}
+/**
+ * Union type for all possible register inputs
+ * Supports both high-level config and direct WebAuthn options
+ */
+type RegisterInput = RegisterConfig | PublicKeyCredentialCreationOptions | PublicKeyCredentialCreationOptionsJSON;
+/**
+ * Union type for all possible authenticate inputs
+ * Supports both high-level config and direct WebAuthn options
+ */
+type AuthenticateInput = AuthenticateConfig | PublicKeyCredentialRequestOptions | PublicKeyCredentialRequestOptionsJSON;
+
+/**
+ * Result of WebAuthn registration
+ * Simplified version with all ArrayBuffers converted to Base64URL strings
+ */
+interface WebAuthnRegistrationResult {
+    credentialId: string;
+    publicKey: string;
+    attestationObject: string;
+    clientDataJSON: string;
+    transports?: AuthenticatorTransport[];
+}
+/**
+ * Result of WebAuthn authentication
+ * Simplified version with all ArrayBuffers converted to Base64URL strings
+ */
+interface WebAuthnAuthenticationResult {
+    credentialId: string;
+    authenticatorData: string;
+    clientDataJSON: string;
+    signature: string;
+    userHandle?: string;
+}
+/**
+ * Browser support information
+ */
+interface WebAuthnSupport {
+    isSupported: boolean;
+    isPlatformAuthenticatorAvailable: boolean;
+    supportedTransports: AuthenticatorTransport[];
+}
+/**
+ * Enhanced registration response with clean, developer-friendly format
+ * Used by the new high-level register() method
+ */
+interface RegistrationResponse {
+    /**
+     * Whether the registration was successful
+     */
+    success: boolean;
+    /**
+     * The credential ID as a base64url string
+     */
+    credentialId: string;
+    /**
+     * The public key as a base64url string (if available)
+     * May be undefined if the algorithm is not supported by the user agent
+     */
+    publicKey?: string;
+    /**
+     * Available transport methods for this credential
+     */
+    transports?: AuthenticatorTransport[];
+    /**
+     * Raw WebAuthn response for advanced users who need access to all data
+     * This preserves backward compatibility and provides access to attestation objects, etc.
+     */
+    rawResponse?: WebAuthnRegistrationResult;
+}
+/**
+ * Enhanced authentication response with clean, developer-friendly format
+ * Used by the new high-level authenticate() method
+ */
+interface AuthenticationResponse {
+    /**
+     * Whether the authentication was successful
+     */
+    success: boolean;
+    /**
+     * The credential ID that was used for authentication
+     */
+    credentialId: string;
+    /**
+     * The user handle associated with this credential (if available)
+     * This is useful for identifying the user in discoverable credential scenarios
+     */
+    userHandle?: string;
+    /**
+     * Raw WebAuthn response for advanced users who need access to all data
+     * This preserves backward compatibility and provides access to signatures, etc.
+     */
+    rawResponse?: WebAuthnAuthenticationResult;
+}
+
+/**
+ * Enhanced Angular service for WebAuthn operations
+ * Provides a clean abstraction over the WebAuthn API with RxJS observables
+ * and enhanced error handling
+ */
+declare class WebAuthnService {
+    private readonly config;
+    /**
+     * Checks if WebAuthn is supported in the current browser
+     */
+    isSupported(): boolean;
+    /**
+     * Gets comprehensive WebAuthn support information
+     */
+    getSupport(): Observable<WebAuthnSupport>;
+    /**
+     * Registers a new WebAuthn credential with flexible configuration support
+     *
+     * @param input Either a high-level RegisterConfig with presets, or direct WebAuthn creation options
+     * @returns Observable of RegistrationResponse with clean, developer-friendly format
+     *
+     * @example
+     * ```typescript
+     * // Simple preset usage
+     * this.webAuthnService.register({ username: 'john.doe', preset: 'passkey' });
+     *
+     * // Preset with overrides
+     * this.webAuthnService.register({
+     *   username: 'john.doe',
+     *   preset: 'passkey',
+     *   authenticatorSelection: { userVerification: 'required' }
+     * });
+     *
+     * // Direct WebAuthn options (native)
+     * const nativeOptions: PublicKeyCredentialCreationOptions = {
+     *   challenge: new Uint8Array([...]),
+     *   rp: { name: "My App" },
+     *   user: { id: new Uint8Array([...]), name: "user@example.com", displayName: "User" },
+     *   pubKeyCredParams: [{ type: "public-key", alg: -7 }]
+     * };
+     * this.webAuthnService.register(nativeOptions);
+     *
+     * // Direct WebAuthn options (JSON)
+     * const jsonOptions: PublicKeyCredentialCreationOptionsJSON = {
+     *   challenge: "Y2hhbGxlbmdl",
+     *   rp: { name: "My App" },
+     *   user: { id: "dXNlcklk", name: "user@example.com", displayName: "User" },
+     *   pubKeyCredParams: [{ type: "public-key", alg: -7 }]
+     * };
+     * this.webAuthnService.register(jsonOptions);
+     * ```
+     */
+    register(input: RegisterInput): Observable<RegistrationResponse>;
+    /**
+     * Authenticates using an existing WebAuthn credential with flexible configuration support
+     *
+     * @param input Either a high-level AuthenticateConfig with presets, or direct WebAuthn request options
+     * @returns Observable of AuthenticationResponse with clean, developer-friendly format
+     *
+     * @example
+     * ```typescript
+     * // Simple preset usage
+     * this.webAuthnService.authenticate({ preset: 'passkey' });
+     *
+     * // Config with credential filtering
+     * this.webAuthnService.authenticate({
+     *   username: 'john.doe',
+     *   preset: 'secondFactor',
+     *   allowCredentials: ['credential-id-1', 'credential-id-2']
+     * });
+     *
+     * // Direct WebAuthn options (JSON)
+     * const jsonOptions: PublicKeyCredentialRequestOptionsJSON = {
+     *   challenge: "Y2hhbGxlbmdl",
+     *   allowCredentials: [{
+     *     type: "public-key",
+     *     id: "Y3JlZElk"
+     *   }]
+     * };
+     * this.webAuthnService.authenticate(jsonOptions);
+     *
+     * // Direct WebAuthn options (native)
+     * const nativeOptions: PublicKeyCredentialRequestOptions = {
+     *   challenge: new Uint8Array([...]),
+     *   allowCredentials: [{
+     *     type: "public-key",
+     *     id: new Uint8Array([...])
+     *   }]
+     * };
+     * this.webAuthnService.authenticate(nativeOptions);
+     * ```
+     */
+    authenticate(input: AuthenticateInput): Observable<AuthenticationResponse>;
+    /**
+     * Parses registration options, handling both JSON and native formats
+     */
+    private parseRegistrationOptions;
+    /**
+     * Parses authentication options, handling both JSON and native formats
+     */
+    private parseAuthenticationOptions;
+    /**
+     * Processes the raw credential result into a clean RegistrationResponse
+     */
+    private processRegistrationResult;
+    /**
+     * Processes the raw credential result into a clean AuthenticationResponse
+     */
+    private processAuthenticationResult;
+    /**
+     * Enhanced error handling that maps DOMExceptions to specific error types
+     */
+    private handleWebAuthnError;
+    static ɵfac: i0.ɵɵFactoryDeclaration<WebAuthnService, never>;
+    static ɵprov: i0.ɵɵInjectableDeclaration<WebAuthnService>;
+}
+
+/**
+ * WebAuthn Configuration
+ * Provides configuration interfaces and injection token for WebAuthn service
+ */
+
+/**
+ * Required relying party configuration
+ */
+interface RelyingPartyConfig {
+    /**
+     * Human-readable identifier for the Relying Party
+     * @example "ACME Corporation"
+     */
+    name: string;
+    /**
+     * A valid domain string that identifies the Relying Party on whose behalf a given registration or authentication ceremony is being performed
+     * @example "login.example.com" or "example.com"
+     */
+    id?: string;
+}
+/**
+ * Configuration interface for WebAuthn service
+ * Now includes required relying party information and advanced options
+ */
+interface WebAuthnConfig {
+    /**
+     * Required relying party information for WebAuthn operations
+     * This is critical for security - must be configured properly for production use
+     */
+    relyingParty: RelyingPartyConfig;
+    /**
+     * Default timeout for WebAuthn operations in milliseconds
+     * @default 60000
+     */
+    defaultTimeout?: number;
+    /**
+     * Default public key credential algorithms in order of preference
+     * @default [ES256, RS256]
+     */
+    defaultAlgorithms?: PublicKeyCredentialParameters[];
+    /**
+     * Whether to enforce user verification by default
+     * @default false
+     */
+    enforceUserVerification?: boolean;
+    /**
+     * Default attestation conveyance preference
+     * @default "none"
+     */
+    defaultAttestation?: AttestationConveyancePreference;
+    /**
+     * Default authenticator selection criteria
+     */
+    defaultAuthenticatorSelection?: AuthenticatorSelectionCriteria;
+}
+/**
+ * Default configuration for WebAuthn service
+ * Note: relyingParty must be provided by the application
+ */
+declare const DEFAULT_WEBAUTHN_CONFIG: Omit<WebAuthnConfig, 'relyingParty'>;
+/**
+ * Injection token for WebAuthn configuration
+ */
+declare const WEBAUTHN_CONFIG: InjectionToken<WebAuthnConfig>;
+/**
+ * Creates a complete WebAuthn configuration with required relying party information
+ * @param relyingParty Required relying party configuration
+ * @param overrides Optional configuration overrides
+ */
+declare function createWebAuthnConfig(relyingParty: RelyingPartyConfig, overrides?: Partial<Omit<WebAuthnConfig, 'relyingParty'>>): WebAuthnConfig;
+
+/**
+ * WebAuthn Providers
+ * Modern Angular standalone provider function for WebAuthn service
+ */
+
+/**
+ * Provides WebAuthn service with required relying party configuration
+ *
+ * @param relyingParty Required relying party configuration
+ * @param config Optional configuration overrides
+ * @returns Array of providers for WebAuthn functionality
+ *
+ * @example
+ * ```typescript
+ * // main.ts
+ * bootstrapApplication(AppComponent, {
+ *   providers: [
+ *     provideWebAuthn(
+ *       { name: 'My App', id: 'myapp.com' },
+ *       { defaultTimeout: 30000 }
+ *     )
+ *   ]
+ * });
+ * ```
+ */
+declare function provideWebAuthn(relyingParty: RelyingPartyConfig, config?: Partial<Omit<WebAuthnConfig, 'relyingParty'>>): Provider[];
+/**
+ * @deprecated Use provideWebAuthn(relyingParty, config) instead.
+ * This version is kept for backward compatibility but requires relying party information.
+ */
+declare function provideWebAuthnLegacy(config: WebAuthnConfig): Provider[];
+
+/**
+ * Enhanced WebAuthn Error Classes
+ * Provides specific, actionable error types for better developer experience
+ */
+declare enum WebAuthnErrorType {
+    NOT_SUPPORTED = "NOT_SUPPORTED",
+    USER_CANCELLED = "USER_CANCELLED",
+    AUTHENTICATOR_ERROR = "AUTHENTICATOR_ERROR",
+    INVALID_OPTIONS = "INVALID_OPTIONS",
+    UNSUPPORTED_OPERATION = "UNSUPPORTED_OPERATION",
+    NETWORK_ERROR = "NETWORK_ERROR",
+    SECURITY_ERROR = "SECURITY_ERROR",
+    TIMEOUT_ERROR = "TIMEOUT_ERROR",
+    UNKNOWN = "UNKNOWN"
+}
+/**
+ * Base WebAuthn error class with additional context
+ */
+declare class WebAuthnError extends Error {
+    readonly type: WebAuthnErrorType;
+    readonly originalError?: Error | undefined;
+    constructor(type: WebAuthnErrorType, message: string, originalError?: Error | undefined);
+    static fromDOMException(error: DOMException): WebAuthnError;
+    private static mapDOMExceptionToType;
+}
+/**
+ * Error thrown when user cancels the WebAuthn operation
+ */
+declare class UserCancelledError extends WebAuthnError {
+    constructor(originalError?: Error);
+}
+/**
+ * Error thrown when there's an issue with the authenticator
+ */
+declare class AuthenticatorError extends WebAuthnError {
+    constructor(message: string, originalError?: Error);
+}
+/**
+ * Error thrown when the provided options are invalid
+ */
+declare class InvalidOptionsError extends WebAuthnError {
+    constructor(message: string, originalError?: Error);
+}
+/**
+ * Error thrown when the requested operation is not supported
+ */
+declare class UnsupportedOperationError extends WebAuthnError {
+    constructor(message: string, originalError?: Error);
+}
+/**
+ * Error thrown when there's a network-related issue
+ */
+declare class NetworkError extends WebAuthnError {
+    constructor(message: string, originalError?: Error);
+}
+/**
+ * Error thrown when there's a security-related issue
+ */
+declare class SecurityError extends WebAuthnError {
+    constructor(message: string, originalError?: Error);
+}
+/**
+ * Error thrown when the operation times out
+ */
+declare class TimeoutError extends WebAuthnError {
+    constructor(message: string, originalError?: Error);
+}
+
+/**
+ * WebAuthn Utility Functions
+ * Centralized utilities for ArrayBuffer conversions and WebAuthn-specific operations
+ * This is the single source of truth for data transformation functions
+ */
+/**
+ * Converts a string to ArrayBuffer
+ */
+declare function stringToArrayBuffer(str: string): ArrayBuffer;
+/**
+ * Converts ArrayBuffer to string
+ */
+declare function arrayBufferToString(buffer: ArrayBuffer): string;
+/**
+ * Converts ArrayBuffer to base64 string
+ */
+declare function arrayBufferToBase64(buffer: ArrayBuffer): string;
+/**
+ * Converts base64 string to ArrayBuffer
+ */
+declare function base64ToArrayBuffer(base64: string): ArrayBuffer;
+/**
+ * Converts base64url string to ArrayBuffer
+ */
+declare function base64urlToArrayBuffer(base64url: string): ArrayBuffer;
+/**
+ * Converts ArrayBuffer to base64url string
+ * This is the canonical implementation used throughout the library
+ */
+declare function arrayBufferToBase64url(buffer: ArrayBuffer): string;
+/**
+ * Generates a random challenge as ArrayBuffer
+ */
+declare function generateChallenge(length?: number): ArrayBuffer;
+/**
+ * Generates a random user ID as ArrayBuffer
+ */
+declare function generateUserId(length?: number): ArrayBuffer;
+/**
+ * Converts credential ID string to ArrayBuffer for WebAuthn API
+ */
+declare function credentialIdToArrayBuffer(credentialId: string): ArrayBuffer;
+/**
+ * Converts ArrayBuffer credential ID to string
+ */
+declare function arrayBufferToCredentialId(buffer: ArrayBuffer): string;
+/**
+ * Checks if the current environment supports WebAuthn
+ */
+declare function isWebAuthnSupported(): boolean;
+/**
+ * Checks if platform authenticator is available
+ */
+declare function isPlatformAuthenticatorAvailable(): Promise<boolean>;
+/**
+ * Gets supported authenticator transports for this platform
+ * Enhanced detection with better browser compatibility
+ */
+declare function getSupportedTransports(): AuthenticatorTransport[];
+/**
+ * Validates that required WebAuthn options are present
+ */
+declare function validateRegistrationOptions(options: any): void;
+/**
+ * Creates default public key credential parameters
+ */
+declare function getDefaultPubKeyCredParams(): PublicKeyCredentialParameters[];
+/**
+ * Enhanced type guard to detect JSON-formatted WebAuthn options
+ * More robust than simple challenge type checking
+ */
+declare function isJSONOptions(options: any): boolean;
+/**
+ * Type guard to check if input is a PublicKeyCredential
+ */
+declare function isPublicKeyCredential(credential: Credential | null): credential is PublicKeyCredential;
+
+export { AuthenticatorError, DEFAULT_WEBAUTHN_CONFIG, DEVICE_BOUND_PRESET, InvalidOptionsError, NetworkError, PASSKEY_PRESET, PRESET_MAP, SECOND_FACTOR_PRESET, SecurityError, TimeoutError, UnsupportedOperationError, UserCancelledError, WEBAUTHN_CONFIG, WebAuthnError, WebAuthnErrorType, WebAuthnService, arrayBufferToBase64, arrayBufferToBase64url, arrayBufferToCredentialId, arrayBufferToString, base64ToArrayBuffer, base64urlToArrayBuffer, createWebAuthnConfig, credentialIdToArrayBuffer, generateChallenge, generateUserId, getDefaultPubKeyCredParams, getSupportedTransports, isJSONOptions, isPlatformAuthenticatorAvailable, isPublicKeyCredential, isWebAuthnSupported, provideWebAuthn, provideWebAuthnLegacy, stringToArrayBuffer, validateRegistrationOptions };
+export type { AuthenticateConfig, AuthenticateConfig as AuthenticateConfigModel, AuthenticateInput, AuthenticationResponse, PresetName, RegisterConfig, RegisterConfig as RegisterConfigModel, RegisterInput, RegistrationResponse, RelyingPartyConfig, WebAuthnAuthenticationResult, WebAuthnConfig, WebAuthnRegistrationResult, WebAuthnSupport };