in public/index.js [193:389]
function createCredential(challenge) {
if (!PublicKeyCredential)
return Promise.reject("Error: WebAuthn APIs are not present on this device");
var createCredentialOptions = {
rp: {
name: "WebAuthn Test Server",
icon: "https://example.com/rpIcon.png"
},
user: {
icon: "https://example.com/userIcon.png"
},
challenge: challenge,
pubKeyCredParams: [],
timeout: 90000,
excludeCredentials: [],
authenticatorSelection: {},
attestation: undefined,
extensions: {}
};
switch ($('#create_rpInfo').val()) {
case "normal":
createCredentialOptions.rp.id = window.location.hostname;
break;
case "suffix":
createCredentialOptions.rp.id = "suffix." + window.location.hostname;
break;
case "securityerror":
createCredentialOptions.rp.id = "foo.com";
break;
case "emptyrpid":
createCredentialOptions.rp.id = "";
break;
case "emptyrpname":
createCredentialOptions.rp.name = undefined;
break;
case "emptyrpicon":
createCredentialOptions.rp.icon = undefined;
case "undefined":
default:
break;
}
switch ($('#create_userInfo').val()) {
case "empty":
createCredentialOptions.user.displayName = "";
createCredentialOptions.user.name = "";
break;
case "alice":
createCredentialOptions.user.displayName = "Alice Doe";
createCredentialOptions.user.name = "alice@example.com";
break;
case "stella":
createCredentialOptions.user.displayName = "Stella Ipsum";
createCredentialOptions.user.name = "stella@example.com";
break;
case "john":
createCredentialOptions.user.displayName = "John Smith";
createCredentialOptions.user.name = "john@example.com";
break;
case "mike":
createCredentialOptions.user.displayName = "Mike Marlowe";
createCredentialOptions.user.name = "mike@example.com";
break;
case "bob":
default:
createCredentialOptions.user.displayName = "Bob Smith";
createCredentialOptions.user.name = "bob@example.com";
break;
}
//don't do this in production code. user.id should not contain PII
createCredentialOptions.user.id = stringToArrayBuffer(createCredentialOptions.user.name);
if ($('#create_ES256').is(":checked")) {
createCredentialOptions.pubKeyCredParams.push({
type: "public-key",
alg: -7
});
}
if ($('#create_ES384').is(":checked")) {
createCredentialOptions.pubKeyCredParams.push({
type: "public-key",
alg: -35
});
}
if ($('#create_ES512').is(":checked")) {
createCredentialOptions.pubKeyCredParams.push({
type: "public-key",
alg: -36
});
}
if ($('#create_RS256').is(":checked")) {
createCredentialOptions.pubKeyCredParams.push({
type: "public-key",
alg: -257
});
}
if ($('#create_EdDSA').is(":checked")) {
createCredentialOptions.pubKeyCredParams.push({
type: "public-key",
alg: -8
});
}
if ($('#create_excludeCredentials').is(":checked")) {
var excludeCredentials = credentials.map(cred => {
return {
type: "public-key",
id: Uint8Array.from(atob(cred.id), c => c.charCodeAt(0))
};
});
createCredentialOptions.excludeCredentials = excludeCredentials;
}
if ($('#create_authenticatorAttachment').val() !== "undefined") {
createCredentialOptions.authenticatorSelection.authenticatorAttachment = $('#create_authenticatorAttachment').val();
}
if ($('#create_userVerification').val() !== "undefined") {
createCredentialOptions.authenticatorSelection.userVerification = $('#create_userVerification').val();
}
if ($('#create_attestation').val() !== "undefined") {
createCredentialOptions.attestation = $('#create_attestation').val();
}
if ($('#create_requireResidentKey').val() !== "undefined") {
var requireResidentKey = ($('#create_requireResidentKey').val() == "true");
createCredentialOptions.authenticatorSelection.requireResidentKey = requireResidentKey;
}
if ($('#create_residentKey').val() !== "undefined") {
createCredentialOptions.authenticatorSelection.residentKey = $('#create_residentKey').val();
}
if ($('#create_cred_protect').val() !== "undefined") {
var credProtect = $('#create_cred_protect').val();
createCredentialOptions.extensions.credentialProtectionPolicy = credProtect;
}
if ($('#create_cred_protect_enforce').val() !== "undefined") {
var enforceCredProtect = ($('#create_cred_protect_enforce').val() == "true");
createCredentialOptions.extensions.enforceCredentialProtectionPolicy = enforceCredProtect;
}
if ($('#create_hmac_create').val() !== "undefined") {
var hmacCreateSecret = ($('#create_hmac_create').val() == "true");
createCredentialOptions.extensions.hmacCreateSecret = hmacCreateSecret;
}
if ($('#create_minPinLength').val() !== "undefined") {
var minPinLength = ($('#create_minPinLength').val() == "true");
createCredentialOptions.extensions.minPinLength = minPinLength;
}
if ($('#create_credBlob').val()) {
createCredentialOptions.extensions.credBlob = stringToArrayBuffer($('#create_credBlob').val());
}
if ($('#create_largeBlob').val() !== "undefined") {
createCredentialOptions.extensions.largeBlob = {};
createCredentialOptions.extensions.largeBlob.support = $('#create_largeBlob').val();
}
return navigator.credentials.create({
publicKey: createCredentialOptions
}).then(attestation => {
/** @type {EncodedAttestationResponse} */
var credential = {
id: base64encode(attestation.rawId),
clientDataJSON: arrayBufferToString(attestation.response.clientDataJSON),
attestationObject: base64encode(attestation.response.attestationObject),
metadata: {
rpId: createCredentialOptions.rp.id,
userName: createCredentialOptions.user.name,
residentKey: createCredentialOptions.authenticatorSelection.requireResidentKey
},
};
console.log("=== Attestation response ===");
logVariable("id (base64)", credential.id);
logVariable("clientDataJSON", credential.clientDataJSON);
logVariable("attestationObject (base64)", credential.attestationObject);
return rest_put("/credentials", credential);
}).then(response => {
return response.json();
}).then(response => {
if (response.error) {
return Promise.reject(response.error);
} else {
return Promise.resolve(response.result);
}
});
}