ox 0.12.4 → 0.13.1

package/webauthn/Types/package.json

@@ -0,0 +1,6 @@
+{
+  "type": "module",
+  "types": "../../_types/webauthn/Types.d.ts",
+  "main": "../../_cjs/webauthn/Types.js",
+  "module": "../../_esm/webauthn/Types.js"
+}

package/webauthn/Types.ts

@@ -0,0 +1,158 @@
+import type * as Hex from '../core/Hex.js'
+
+export type AttestationConveyancePreference =
+  | 'direct'
+  | 'enterprise'
+  | 'indirect'
+  | 'none'
+
+export type AuthenticatorAttachment = 'cross-platform' | 'platform'
+
+export type AuthenticatorTransport =
+  | 'ble'
+  | 'hybrid'
+  | 'internal'
+  | 'nfc'
+  | 'usb'
+
+export type COSEAlgorithmIdentifier = number
+
+export type CredentialMediationRequirement =
+  | 'conditional'
+  | 'optional'
+  | 'required'
+  | 'silent'
+
+export type PublicKeyCredentialType = 'public-key'
+
+export type ResidentKeyRequirement = 'discouraged' | 'preferred' | 'required'
+
+export type UserVerificationRequirement =
+  | 'discouraged'
+  | 'preferred'
+  | 'required'
+
+export type LargeBlobSupport = {
+  support: 'required' | 'preferred'
+}
+
+export type BufferSource = ArrayBufferView | ArrayBuffer
+
+export type PrfExtension = Record<'eval', Record<'first', Uint8Array>>
+
+export interface AuthenticationExtensionsClientInputs<
+  serialized extends boolean = false,
+> {
+  appid?: string
+  credProps?: boolean
+  hmacCreateSecret?: boolean
+  minPinLength?: boolean
+  prf?: serialized extends true ? { eval: { first: string } } : PrfExtension
+  largeBlob?: LargeBlobSupport
+}
+
+export interface AuthenticatorSelectionCriteria {
+  authenticatorAttachment?: AuthenticatorAttachment
+  requireResidentKey?: boolean
+  residentKey?: ResidentKeyRequirement
+  userVerification?: UserVerificationRequirement
+}
+
+/**
+ * Available only in secure contexts.
+ *
+ * [MDN Reference](https://developer.mozilla.org/docs/Web/API/AuthenticatorAttestationResponse)
+ */
+export interface AuthenticatorAttestationResponse<
+  serialized extends boolean = false,
+> extends AuthenticatorResponse<serialized> {
+  readonly attestationObject: serialized extends true ? string : ArrayBuffer
+  getAuthenticatorData(): ArrayBuffer
+  getPublicKey(): ArrayBuffer | null
+  getPublicKeyAlgorithm(): COSEAlgorithmIdentifier
+  getTransports(): string[]
+}
+
+export interface AuthenticatorResponse<serialized extends boolean = false> {
+  readonly clientDataJSON: serialized extends true ? string : ArrayBuffer
+}
+
+export interface Credential {
+  readonly id: string
+  readonly type: string
+}
+
+export interface CredentialCreationOptions<serialized extends boolean = false> {
+  publicKey?: PublicKeyCredentialCreationOptions<serialized>
+  signal?: AbortSignal
+}
+
+export interface CredentialRequestOptions<serialized extends boolean = false> {
+  mediation?: CredentialMediationRequirement
+  publicKey?: PublicKeyCredentialRequestOptions<serialized>
+  signal?: AbortSignal
+}
+
+export type PublicKeyCredential<serialized extends boolean = false> =
+  Credential & {
+    readonly authenticatorAttachment: string | null
+    readonly rawId: serialized extends true ? string : ArrayBuffer
+    readonly response: AuthenticatorResponse<serialized>
+  } & (serialized extends true
+      ? {}
+      : {
+          getClientExtensionResults(): AuthenticationExtensionsClientOutputs
+        })
+
+export interface PublicKeyCredentialCreationOptions<
+  serialized extends boolean = false,
+> {
+  attestation?: AttestationConveyancePreference
+  authenticatorSelection?: AuthenticatorSelectionCriteria
+  challenge: serialized extends true ? Hex.Hex : BufferSource
+  excludeCredentials?: PublicKeyCredentialDescriptor<serialized>[]
+  extensions?: AuthenticationExtensionsClientInputs<serialized>
+  pubKeyCredParams: PublicKeyCredentialParameters[]
+  rp: PublicKeyCredentialRpEntity
+  timeout?: number
+  user: PublicKeyCredentialUserEntity<serialized>
+}
+
+export interface PublicKeyCredentialDescriptor<
+  serialized extends boolean = false,
+> {
+  id: serialized extends true ? string : BufferSource
+  transports?: AuthenticatorTransport[]
+  type: PublicKeyCredentialType
+}
+
+export interface PublicKeyCredentialEntity {
+  name: string
+}
+
+export interface PublicKeyCredentialParameters {
+  alg: COSEAlgorithmIdentifier
+  type: PublicKeyCredentialType
+}
+
+export interface PublicKeyCredentialRequestOptions<
+  serialized extends boolean = false,
+> {
+  allowCredentials?: PublicKeyCredentialDescriptor<serialized>[]
+  challenge: serialized extends true ? Hex.Hex : BufferSource
+  extensions?: AuthenticationExtensionsClientInputs<serialized>
+  rpId?: string
+  timeout?: number
+  userVerification?: UserVerificationRequirement
+}
+
+export interface PublicKeyCredentialRpEntity extends PublicKeyCredentialEntity {
+  id: string
+}
+
+export interface PublicKeyCredentialUserEntity<
+  serialized extends boolean = false,
+> extends PublicKeyCredentialEntity {
+  displayName: string
+  id: serialized extends true ? string : BufferSource
+}

package/webauthn/index.ts

@@ -0,0 +1,38 @@
+/** @entrypointCategory WebAuthn */
+// biome-ignore lint/complexity/noUselessEmptyExport: tsdoc
+export type {}
+
+/**
+ * Utility functions and types for WebAuthn authentication ceremonies (signing and verification).
+ *
+ * @category WebAuthn
+ */
+export * as Authentication from './Authentication.js'
+
+/**
+ * Utility functions for constructing and parsing authenticator data and client data JSON.
+ *
+ * @category WebAuthn
+ */
+export * as Authenticator from './Authenticator.js'
+
+/**
+ * Utility functions and types for WebAuthn P256 credentials.
+ *
+ * @category WebAuthn
+ */
+export * as Credential from './Credential.js'
+
+/**
+ * Utility functions and types for WebAuthn registration ceremonies (credential creation and verification).
+ *
+ * @category WebAuthn
+ */
+export * as Registration from './Registration.js'
+
+/**
+ * WebAuthn type definitions.
+ *
+ * @category WebAuthn
+ */
+export * as Types from './Types.js'

package/webauthn/internal/utils.ts

@@ -0,0 +1,63 @@
+import * as Base64 from '../../core/Base64.js'
+import type * as Types from '../Types.js'
+
+/** @internal */
+export const base64UrlOptions = { url: true, pad: false } as const
+
+/** @internal */
+export const responseKeys = [
+  'attestationObject',
+  'authenticatorData',
+  'clientDataJSON',
+  'signature',
+  'userHandle',
+] as const
+
+/** @internal */
+export function bytesToArrayBuffer(bytes: Uint8Array): ArrayBuffer {
+  return bytes.buffer.slice(
+    bytes.byteOffset,
+    bytes.byteOffset + bytes.byteLength,
+  ) as ArrayBuffer
+}
+
+/** @internal */
+export function bufferSourceToBytes(source: Types.BufferSource): Uint8Array {
+  if (source instanceof Uint8Array) return source
+  if (source instanceof ArrayBuffer) return new Uint8Array(source)
+  return new Uint8Array(source.buffer, source.byteOffset, source.byteLength)
+}
+
+/** @internal */
+export function serializeExtensions(
+  extensions: Types.AuthenticationExtensionsClientInputs,
+): Types.AuthenticationExtensionsClientInputs<true> {
+  const { prf, ...rest } = extensions
+  return {
+    ...rest,
+    ...(prf && {
+      prf: {
+        eval: {
+          first: Base64.fromBytes(prf.eval.first, base64UrlOptions),
+        },
+      },
+    }),
+  }
+}
+
+/** @internal */
+export function deserializeExtensions(
+  extensions: Types.AuthenticationExtensionsClientInputs<true>,
+): Types.AuthenticationExtensionsClientInputs {
+  const { prf, ...rest } = extensions
+  return {
+    ...rest,
+    ...(prf && {
+      prf: {
+        eval: {
+          first: Base64.toBytes(prf.eval.first),
+        },
+      },
+    }),
+  }
+}

package/webauthn/package.json

@@ -0,0 +1,6 @@
+{
+  "type": "module",
+  "types": "../_types/webauthn/index.d.ts",
+  "main": "../_cjs/webauthn/index.js",
+  "module": "../_esm/webauthn/index.js"
+}