You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: javaScript/WebDrivers
+39-1Lines changed: 39 additions & 1 deletion
Original file line number
Diff line number
Diff line change
@@ -91,7 +91,45 @@ Method = POST
91
91
URI = /session/{session id}/webauthn/authenticator/{authenticatorId}/credential
92
92
93
93
1. Key Values and Pairs:
94
-
credentialId =
94
+
credentialId = Base64url Encoding = string
95
+
96
+
isResidentCredential = If True,the client-side discoverable credential is created. If False, only server-side is created = boolean
97
+
#Note: If testing or Developing, test through the client-side. On another device, check the page to see if it went through. If it does go through, your Sanitizer has a mechanism somewhere malfunctioning.
98
+
99
+
rpld = Relying Party ID credential = string
100
+
101
+
privateKey = This package contains a single private key encoded with Base64url per [RFC5958]
102
+
103
+
userHandle 😳 This is associated to the credential encoding. Property may not be defined = string
104
+
105
+
signCount = This is the initial value for a "signature counter" associated with the "public key source"
106
+
107
+
largeBlob = This large per-credential blob is associated to with the "public key credentials" = Base64 = string
108
+
109
+
110
+
Remote End-Steps
111
+
1. If not a Object, return Error
112
+
2. Let credentialId be the result of the decoding Base64 Encoding parama on the credentialId property.
113
+
3. If Failure, return a WebDriver Error.
114
+
4. Ensure isResidentCredential is the parameters for the ResidentCredential Property.
115
+
5. If thos ResidentCredential is not definedz return WebDriver error
116
+
6. Ensure rpld is inside the rold property.
117
+
7. Let privateKey be the result of the Base64 Encoding on the parameters privateKey property.
118
+
8. If privateKey fails, return WebDriver Error.
119
+
9. Toss more Errors if nothing works
120
+
10. Let this Authenticator be the Virtual Authenticator matches by the authenticatorId.
121
+
11. More error handling
122
+
Note: Error handling in any language for developing, testing, is essential. However with the battle of languages, Python, Java, Php, Html we have to predict how to Block certain functions and processes from interacting sith your source codes. With tools that use delauth, they purposely cause errors to get inside once you reconnect.
123
+
12. Now let the largeBlob be "null".
124
+
13. Now let .this credential be a new Client-Side discoverable Public Key Credential Source if isResidentCredential is true or otherwise:
125
+
1. Type = public-key
126
+
2. id = credentialId
127
+
3. rpld = rpld
128
+
4. userHandle = userHandle
129
+
14. Now to associate a signature counter to this credential with a starting value = to the param "signCount" or 0 if null.
130
+
15. If this largeBlob is not null. Set the large per-credential blob that is associated with the credential to the largeBlob.
131
+
132
+
Note: Yes, at first this may get confusing. Dont panic. Take a deep Breath, and a short walk. Start with the basics, before attempting advanced. At times, i even catch myself frezzing up, not from attacks or anything else, because with JavaScript anything is Possible.
0 commit comments