Update example to v6.0.0

MasterKale · Aug 17, 2022 · 24d1442 · 24d1442
1 parent 95cb210
commit 24d1442
Show file tree

Hide file tree

Showing 5 changed files with 56 additions and 69 deletions.
diff --git a/example/fido-conformance.ts b/example/fido-conformance.ts
@@ -97,6 +97,8 @@ const inMemoryUserDeviceDB: { [username: string]: LoggedInFIDOUser } = {
 // A cheap way of remembering who's "logged in" between the request for options and the response
 let loggedInUsername: string | undefined = undefined;
 
+const supportedAlgorithmIDs = [-7, -8, -35, -36, -37, -38, -39, -257, -258, -259, -65535];
+
 /**
  * [FIDO2] Server Tests > MakeCredential Request
  */
@@ -134,7 +136,7 @@ fidoConformanceRouter.post('/attestation/options', (req, res) => {
       type: 'public-key',
       transports: ['usb', 'ble', 'nfc', 'internal'],
     })),
-    supportedAlgorithmIDs: [-7, -8, -36, -37, -38, -39, -257, -258, -259, -65535],
+    supportedAlgorithmIDs,
   });
 
   user.currentChallenge = opts.challenge;
@@ -162,6 +164,7 @@ fidoConformanceRouter.post('/attestation/result', async (req, res) => {
       credential: body,
       expectedChallenge: `${expectedChallenge}`,
       expectedOrigin,
+      supportedAlgorithmIDs,
     });
   } catch (error) {
     const _error: Error = error as Error;
@@ -227,7 +230,7 @@ fidoConformanceRouter.post('/assertion/options', (req, res) => {
   });
 });
 
-fidoConformanceRouter.post('/assertion/result', (req, res) => {
+fidoConformanceRouter.post('/assertion/result', async (req, res) => {
   const body: AuthenticationCredentialJSON = req.body;
   const { id } = body;
 
@@ -237,27 +240,29 @@ fidoConformanceRouter.post('/assertion/result', (req, res) => {
   const expectedChallenge = user.currentChallenge;
   const userVerification = user.currentAuthenticationUserVerification;
 
+  if (!id) {
+    const msg = `Invalid id: ${id}`;
+    console.error(`RP - authentication: ${msg}`);
+    return res.status(400).send({ errorMessage: msg });
+  }
+
   const credIDBuffer = base64url.toBuffer(id);
   const existingDevice = user.devices.find(device => device.credentialID.equals(credIDBuffer));
 
   if (!existingDevice) {
-    throw new Error(`Could not find device matching ${id}`);
-  }
-
-  let requireUserVerification = false;
-  if (userVerification === 'required') {
-    requireUserVerification = true;
+    const msg = `Could not find device matching ${id}`;
+    console.error(`RP - authentication: ${msg}`);
+    return res.status(400).send({ errorMessage: msg });
   }
 
   let verification;
   try {
-    verification = verifyAuthenticationResponse({
+    verification = await verifyAuthenticationResponse({
       credential: body,
       expectedChallenge: `${expectedChallenge}`,
       expectedOrigin,
       expectedRPID: rpID,
       authenticator: existingDevice,
-      requireUserVerification,
       advancedFIDOConfig: { userVerification },
     });
   } catch (error) {

diff --git a/example/index.ts b/example/index.ts
@@ -230,7 +230,7 @@ app.get('/generate-authentication-options', (req, res) => {
   res.send(options);
 });
 
-app.post('/verify-authentication', (req, res) => {
+app.post('/verify-authentication', async (req, res) => {
   const body: AuthenticationCredentialJSON = req.body;
 
   const user = inMemoryUserDeviceDB[loggedInUserId];
@@ -261,7 +261,7 @@ app.post('/verify-authentication', (req, res) => {
       authenticator: dbAuthenticator,
       requireUserVerification: true,
     };
-    verification = verifyAuthenticationResponse(opts);
+    verification = await verifyAuthenticationResponse(opts);
   } catch (error) {
     const _error = error as Error;
     console.error(_error);

diff --git a/example/package-lock.json b/example/package-lock.json
diff --git a/example/package.json b/example/package.json
@@ -11,7 +11,7 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "@simplewebauthn/server": "5.4.5",
+    "@simplewebauthn/server": "6.0.0",
     "base64url": "^3.0.1",
     "dotenv": "^10.0.0",
     "express": "^4.17.1",

diff --git a/example/public/index.html b/example/public/index.html
@@ -121,7 +121,7 @@ <h1>SimpleWebAuthn Example Site</h1>
     </div>
     <script>
       const {
-        browserSupportsWebauthn,
+        browserSupportsWebAuthn,
         startRegistration,
       } = SimpleWebAuthnBrowser;
 
@@ -141,7 +141,7 @@ <h1>SimpleWebAuthn Example Site</h1>
       }
 
       // Hide the Begin button if the browser is incapable of using WebAuthn
-      if (!browserSupportsWebauthn()) {
+      if (!browserSupportsWebAuthn()) {
         document.querySelector('.controls').style.display = 'none';
         document.querySelector('.systemError').innerText = "It seems this browser doesn't support WebAuthn...";
       } else {