Global

Methods

parseAttestationObject(attestationObject) → {Object}

Source:
See:

Parses the CBOR attestation statement

Parameters:
Name Type Description
attestationObject ArrayBuffer

The CBOR byte array representing the attestation statement
Returns:

The Object containing all the attestation information

Type
Object

parseClientResponse(clientDataJSON) → {Object}

Source:

Parses the clientData JSON byte stream into an Object

Parameters:
Name Type Description
clientDataJSON ArrayBuffer

The ArrayBuffer containing the properly formatted JSON of the clientData object
Returns:

The parsed clientData object

Type
Object

Type Definitions

PublicKeyCredentialCreationOptions

Source:
Properties:
Name Type Attributes Description
rp Object

Relying party information (a.k.a. - server / service information)

Properties
Name Type Attributes Description
name String <optional>

Relying party name (e.g. - "ACME"). This is only set if rpName was specified during the new call.
id String <optional>

Relying party ID, a domain name (e.g. - "example.com"). This is only set if rpId was specified during the new call.
user Object

User information. This will be an empty object
challenge ArrayBuffer

An ArrayBuffer filled with random bytes. This will be verified in attestationResult
pubKeyCredParams Array <optional>

A list of PublicKeyCredentialParameters objects, based on the cryptoParams that was passed to the constructor.
timeout Number <optional>

The amount of time that the call should take before returning an error
attestation String <optional>

Whether the client should request attestation from the authenticator or not
authenticatorSelectionCriteria Object <optional>

A object describing which authenticators are preferred for registration

Properties
Name Type Attributes Description
attachment String <optional>

What type of attachement is acceptable for new authenticators. Allowed values are "platform", meaning that the authenticator is embedded in the operating system, or "cross-platform", meaning that the authenticator is removeable (e.g. USB, NFC, or BLE).
requireResidentKey Boolean <optional>

Indicates whether authenticators must store the keys internally, or if they can store them externally (using a KDF or key wrapping)
userVerification String <optional>

Indicates whether user verification is required for authenticators. User verification means that an authenticator will validate a use through their biometrics (e.g. fingerprint) or knowledge (e.g. PIN). Allowed values for userVerification are "required", meaning that registration will fail if no authenticator provides user verification; "preferred", meaning that if multiple authenticators are available, the one(s) that provide user verification should be used; or "discouraged", which means that authenticators that don't provide user verification are preferred.
rawChallenge ArrayBuffer <optional>

If extraData was passed to attestationOptions, this will be the original challenge used, and challenge will be a hash: SHA256(rawChallenge + extraData)
extensions Object <optional>

The values of any enabled extensions.

This object is returned by attestationOptions and is basially the same as the PublicKeyCredentialCreationOptions object that is required to be passed to navigator.credentials.create(). With the exception of the challenge property, all other properties are optional and only set if they were specified in the configuration paramater that was passed to the constructor.

Type:
  • Object

PublicKeyCredentialRequestOptions

Source:
Properties:
Name Type Attributes Description
challenge ArrayBuffer

An ArrayBuffer filled with random bytes. This will be verified in attestationResult
timeout Number <optional>

The amount of time that the call should take before returning an error
rpId String <optional>

Relying party ID, a domain name (e.g. - "example.com"). This is only set if rpId was specified during the new call.
attestation String <optional>

Whether the client should request attestation from the authenticator or not
userVerification String <optional>

Indicates whether user verification is required for authenticators. User verification means that an authenticator will validate a use through their biometrics (e.g. fingerprint) or knowledge (e.g. PIN). Allowed values for userVerification are "required", meaning that authentication will fail if no authenticator provides user verification; "preferred", meaning that if multiple authenticators are available, the one(s) that provide user verification should be used; or "discouraged", which means that authenticators that don't provide user verification are preferred.
rawChallenge ArrayBuffer <optional>

If extraData was passed to attestationOptions, this will be the original challenge used, and challenge will be a hash: SHA256(rawChallenge + extraData)
extensions Object <optional>

The values of any enabled extensions.

This object is returned by assertionOptions and is basially the same as the PublicKeyCredentialRequestOptions object that is required to be passed to navigator.credentials.get(). With the exception of the challenge property, all other properties are optional and only set if they were specified in the configuration paramater that was passed to the constructor.

Type:
  • Object

UserVerificationDesc

Source:
Properties:
Name Type Description
type String

The type of user verification that the authenticator performs. Valid options are "code" (i.e. PIN), "biometric", or "pattern".
userVerification String

The specific type of user verification performed, such as "fingerprint", "presence", "passcode", etc.

A description of a user verification method that an authenticator will peform. The properties are as described below, plus the contents of caDesc, baDesc or paDesc (depending on whether "code", "biometrics", or "pattern" are being described) as described in the FIDO Metadata specification

Type:
  • Object