Support authenticatorAttachment for create/get return values.

This is now supported by Chrome and Safari (15.4).

Author: lgarron

src/webauthn-json/basic/api.ts

@@ -35,6 +35,7 @@ export async function create(
   const credential = (await navigator.credentials.create(
     createRequestFromJSON(requestJSON),
   )) as PublicKeyCredential;
+  console.log(credential);
   return createResponseToJSON(credential);
 }
 

src/webauthn-json/basic/json.ts

@@ -1,5 +1,13 @@
 import { Base64urlString } from "../base64url";
 
+interface PublicKeyCredentialJSON {
+  id: string;
+  type: PublicKeyCredentialType;
+  rawId: Base64urlString;
+  // TODO: This field is technically not optional in the spec, but Firefox hasn't implemented it.
+  authenticatorAttachment?: AuthenticatorAttachment;
+}
+
 // Intermediate type needed for attaching client outputs to WebAuthn API call
 // results before converting to JSON.
 
@@ -9,12 +17,14 @@ interface CredPropsAuthenticationExtensionsClientOutputsJSON {
 
 interface AuthenticationExtensionsClientOutputsJSON
   extends AuthenticationExtensionsClientOutputs {
+  // TODO: This field is technically not optional in the spec, but Firefox hasn't implemented it.
   appidExclude?: boolean;
   credProps?: CredPropsAuthenticationExtensionsClientOutputsJSON;
 }
 
 export interface PublicKeyCredentialWithClientExtensionResults
   extends PublicKeyCredential {
+  authenticatorAttachment?: string;
   clientExtensionResults?: AuthenticationExtensionsClientOutputsJSON;
 }
 
@@ -77,12 +87,12 @@ export interface AuthenticatorAttestationResponseJSON {
   clientDataJSON: Base64urlString;
   attestationObject: Base64urlString;
   transports: string[];
+  // This field is technically not optional in the spec, but Firefox hasn't implemented it.
+  authenticatorAttachment?: AuthenticatorAttachment;
 }
 
-export interface PublicKeyCredentialWithAttestationJSON {
-  id: string;
-  type: PublicKeyCredentialType;
-  rawId: Base64urlString;
+export interface PublicKeyCredentialWithAttestationJSON
+  extends PublicKeyCredentialJSON {
   response: AuthenticatorAttestationResponseJSON;
   clientExtensionResults: SimpleClientExtensionResultsJSON;
 }
@@ -113,10 +123,8 @@ interface AuthenticatorAssertionResponseJSON {
   userHandle: Base64urlString | null;
 }
 
-export interface PublicKeyCredentialWithAssertionJSON {
-  type: PublicKeyCredentialType;
-  id: string;
-  rawId: Base64urlString;
+export interface PublicKeyCredentialWithAssertionJSON
+  extends PublicKeyCredentialJSON {
   response: AuthenticatorAssertionResponseJSON;
   clientExtensionResults: SimpleClientExtensionResultsJSON;
 }

src/webauthn-json/basic/schema.ts

@@ -56,6 +56,7 @@ export const publicKeyCredentialWithAttestation: Schema = {
   type: required(copy),
   id: required(copy),
   rawId: required(convert),
+  authenticatorAttachment: optional(copy),
   response: required({
     clientDataJSON: required(convert),
     attestationObject: required(convert),
@@ -91,6 +92,7 @@ export const publicKeyCredentialWithAssertion: Schema = {
   type: required(copy),
   id: required(copy),
   rawId: required(convert),
+  authenticatorAttachment: optional(copy),
   response: required({
     clientDataJSON: required(convert),
     authenticatorData: required(convert),

src/webauthn-json/webauthn-schema.spec.ts

@@ -62,6 +62,7 @@ describe("webauthn schema", () => {
       type: "public-key",
       id: "URL_SAFE_BASE_64_CREDENTIAL_ID-URL_SAFE_BASE_64_CREDENTIAL_ID-URL_SAFE_BASE_64_CREDENT",
       rawId: new Uint8Array([1, 2, 3, 4]),
+      authenticatorAttachment: "cross-platform",
       response: {
         clientDataJSON: new Uint8Array([9, 10, 11, 12]),
         attestationObject: new Uint8Array([13, 14, 15, 16]),
@@ -84,6 +85,7 @@ describe("webauthn schema", () => {
       type: "public-key",
       id: "URL_SAFE_BASE_64_CREDENTIAL_ID-URL_SAFE_BASE_64_CREDENTIAL_ID-URL_SAFE_BASE_64_CREDENT",
       rawId: "AQIDBA",
+      authenticatorAttachment: "cross-platform",
       response: {
         attestationObject: "DQ4PEA",
         clientDataJSON: "CQoLDA",
@@ -103,6 +105,7 @@ describe("webauthn schema", () => {
       type: "public-key",
       id: "URL_SAFE_BASE_64_CREDENTIAL_ID-URL_SAFE_BASE_64_CREDENTIAL_ID-URL_SAFE_BASE_64_CREDENT",
       rawId: new Uint8Array([1, 2, 3, 4]),
+      authenticatorAttachment: "cross-platform",
       response: {
         clientDataJSON: new Uint8Array([9, 10, 11, 12]),
         attestationObject: new Uint8Array([13, 14, 15, 16]),
@@ -124,6 +127,7 @@ describe("webauthn schema", () => {
       type: "public-key",
       id: "URL_SAFE_BASE_64_CREDENTIAL_ID-URL_SAFE_BASE_64_CREDENTIAL_ID-URL_SAFE_BASE_64_CREDENT",
       rawId: "AQIDBA",
+      authenticatorAttachment: "cross-platform",
       response: {
         attestationObject: "DQ4PEA",
         clientDataJSON: "CQoLDA",
@@ -176,6 +180,7 @@ describe("webauthn schema", () => {
       type: "public-key",
       id: "URL_SAFE_BASE_64_CREDENTIAL_ID-URL_SAFE_BASE_64_CREDENTIAL_ID-URL_SAFE_BASE_64_CREDENT",
       rawId: new Uint8Array([1, 2, 3, 4]),
+      authenticatorAttachment: "cross-platform",
       response: {
         authenticatorData: new Uint8Array([5, 6, 7, 8]),
         clientDataJSON: new Uint8Array([9, 10, 11, 12]),
@@ -195,6 +200,7 @@ describe("webauthn schema", () => {
       type: "public-key",
       id: "URL_SAFE_BASE_64_CREDENTIAL_ID-URL_SAFE_BASE_64_CREDENTIAL_ID-URL_SAFE_BASE_64_CREDENT",
       rawId: "AQIDBA",
+      authenticatorAttachment: "cross-platform",
       response: {
         authenticatorData: "BQYHCA",
         clientDataJSON: "CQoLDA",