function getAssertion()

in public/index.js [396:491]

• 23 lines of code
• 13 McCabe index (conditional complexity)

    function getAssertion(challenge) {
        var largeBlobPresent = false;

        if (typeof(PublicKeyCredential) === "undefined")
            return Promise.reject("Error: WebAuthn APIs are not present on this device");

        var getAssertionOptions = {
            rpId: undefined,
            timeout: 90000,
            challenge: challenge,
            allowCredentials: [],
            userVerification: undefined,
            extensions: {}
        };

        switch ($('#get_rpId').val()) {
            case "normal":
                getAssertionOptions.rpId = window.location.hostname;
                break;
            case "suffix":
                getAssertionOptions.rpId = "suffix." + window.location.hostname;
                break;
            case "securityerror":
                getAssertionOptions.rpId = "foo.com";
                break;
            case "undefined":
            default:
                break;
        }

        if ($('#get_allowCredentials').is(":checked")) {
            var allowCredentials = credentials.map(cred => {
                return {
                    type: "public-key",
                    id: Uint8Array.from(atob(cred.id), c => c.charCodeAt(0))
                };
            });

            getAssertionOptions.allowCredentials = allowCredentials;
        }

        if ($('#get_userVerification').val() !== "undefined") {
            getAssertionOptions.userVerification = $('#get_userVerification').val();
        }

        if ($('#get_credBlob').val() !== "undefined") {
            var getCredBlob = ($('#get_credBlob').val() == "true");
            getAssertionOptions.extensions.getCredBlob = getCredBlob;
        }

        if ($('#get_largeBlob').val() !== "undefined") {
            getAssertionOptions.extensions.largeBlob = {};
            getAssertionOptions.extensions.largeBlob.read = $('#get_largeBlob').val();
            largeBlobPresent = true;
        }

        if ($('#get_largeBlobText').val()) {
            if (!largeBlobPresent) {
                getAssertionOptions.extensions.largeBlob = {};
            }
            getAssertionOptions.extensions.largeBlob.write = stringToArrayBuffer($('#get_largeBlobText').val());
        }

        return navigator.credentials.get({
            publicKey: getAssertionOptions
        }).then(assertion => {
            /** @type {EncodedAssertionResponse} */
            var credential = {
                id: base64encode(assertion.rawId),
                clientDataJSON: arrayBufferToString(assertion.response.clientDataJSON),
                userHandle: base64encode(assertion.response.userHandle),
                signature: base64encode(assertion.response.signature),
                authenticatorData: base64encode(assertion.response.authenticatorData),
                metadata: {
                    rpId: getAssertionOptions.rpId
                }
            };

            console.log("=== Assertion response ===");
            logVariable("id (base64)", credential.id);
            logVariable("userHandle (base64)", credential.userHandle);
            logVariable("authenticatorData (base64)", credential.authenticatorData);
            logVariable("clientDataJSON", credential.clientDataJSON);
            logVariable("signature (base64)", credential.signature);

            return rest_put("/assertion", credential);
        }).then(response => {
            return response.json();
        }).then(response => {
            if (response.error) {
                return Promise.reject(response.error);
            } else {
                return Promise.resolve(response.result);
            }
        });
    }