- userVerification: User verification is the technical process by which an authenticator locally authorizes the invocation of the authenticatorMakeCredential and authenticatorGetAssertion operations. User verification MAY be instigated through various authorization gesture modalities; for example, through a touch plus pin code, password entry, or biometric recognition (e.g., presenting a fingerprint). It can be "required", "preferred" or "discouraged". + userVerification: User verification is the technical process by which the user locally authorizes themselves. User verification typically involve a touch plus pin code, password entry, or biometric (face, fingerprint, ...). User verification check is stronger than a mere user presence, in which the user just confirms the operation, e.g. by pressing a simple button.
attestationObject
- This is a base64 encoded binary representation of an attestation statement. The attestation statement is produced by the authenticator to prove to the relying party (e.g., a website) that a new public key credential has been created in the authenticator. It typically contains details about the authenticator, a freshly generated public key for the user, some metadata, and a signature from the authenticator. It is CBOR encoded. + This is a base64 encoded binary representation of an attestation statement. The attestation statement is produced by the authenticator to prove to the relying party (e.g., a website) that a new public key credential has been created in the authenticator. It is CBOR encoded.
@@ -345,7 +345,7 @@authenticatorData
- This contains information about the authentication event. It typically includes the hash of the clientDataJSON, a sign count (to protect against clone attacks), and other data relevant to the authentication process. + This contains information about the authentication event.
@@ -560,9 +560,14 @@ $("#navigator-attestation-body").html(JSON.stringify(response, null, 2)); $("#navigator-attestation-clientDataJSON").html(JSON.stringify(JSON.parse(tryDecodeBase64(response.response.clientDataJSON)), null, 2)); let attestationObject = CBOR.decode(WebAuthn.base64ToBuffer(response.response.attestationObject)); - let authData = parseAuthenticatorData(attestationObject.authData); + let authDataRaw = attestationObject['authData']; + + if (authDataRaw) { + let authData = parseAuthenticatorData(authDataRaw); + $("#navigator-authData").html(JSON.stringify(authData, null, 2)); + attestationObject['authData'] = WebAuthn.bufferToBase64(authDataRaw) + } $("#navigator-attestationObject").html(JSON.stringify(attestationObject, null, 2)); - $("#navigator-authData").html(JSON.stringify(authData, null, 2)); return continueButton("#navigator-attestation", response); }