webauthn-js: A webauthn server lib for node.js

Motivation

When I was looking for a server implementation of webauthn in JS, I stumpled over an webauthn example app made by the Microsoft Edge team. In contrast to other server implementations in JS it worked straight away with my FIDO2 authenticators. So I decided to extract the code and build a server lib.

Installation

npm i @frenatix/webauthn-js

Usage

const webauthn = require('@frenatix/webauth-js')

API

`registerNewCredential()`

const authenticatorData = await webauthn.registerNewCredential({
  response: {
    // from authenticator
    id: 'BBOD...',
    clientDataJSON: '{"type":"webauthn.create","challenge":"123","origin":"http://localhost:3001",":false}',
    attestationObject: 'o2NmbXRmcG...'
  },
  getValidChallengeToken: async (challenge) => {
    const challengeToken = //...
    return challengeToken
  },
  expectedHostname: 'localhost',
  isValidCredentialId: async (credentialId) => {
    /*...*/
  },
  saveUserCredential: async ({ id, publicKeyJwk, signCount, challengeToken }) => {
    /*...*/
  }
})

Parameters

Name	Type	Description
`response`	Object	The response of the authenticator (described here). It consists of the properties `clientDataJSON` and `attestationObject`
`getValidChallengeToken`	function(challenge)	Should returns `true` if challenge check was successful
`userVerification`	string	`required
`expectedHostname`	string \| function	The hostname for this credential
`isValidCredentialId`	function(credentialId)	Check if the credential is already used
`saveUserCredential`	function({id, publicKeyJwk, signCount, challengeToken})	Callback function when credential creation was created

`verifyAssertion()`

verifyAssertion({
  assertion: { 
    // from authenticator
    id: 'WICPLj...',
    clientDataJSON: '{"type":"webauthn.get","challenge":"123","origin":"http://localhost:3001","crossOrigin":false}',
    signature: 'MEUCIQD...',
    authenticatorData: 'SZYN5...',
  },
  credential: {
    // from storage
    id: 'AB123..',
    publicKeyJwk: {
      kty: 'EC',
      crv: 'P-256',
      x: 'MSNo3...',
      y: 'm9sY...'
    },
    signCount: 2
  },
  getValidChallengeToken: async (challenge) => {
    const challengeToken = //...
    return challengeToken
  },
  expectedHostname: 'localhost',
  isAllowedCredentialId: (credentialId) => true,
  updateSignCount: async ({ credentialId, oldSignCount, newSignCount }) => {
    /*...*/
  }
})

Parameters

Name	Type	Description
`assertion`	Object	The response of the authenticator (described here)
`getValidChallengeToken`	function(challenge)	Should returns `true` if challenge check was successful
`userVerification`	string	`required
`expectedHostname`	string \| function	The hostname for this credential
`isAllowedCredentialId`	function(credentialId)	Check if the credential is already allowed
`updateSignCount`	function({credentialId, oldSignCount, newSignCount})	Callback function to update the sign count

Demo Project

You can find a demo project how to use this lib here.

@frenatix/webauthn-js

webauthn-js: A webauthn server lib for node.js

Motivation

Installation

Usage

API

`registerNewCredential()`

Parameters

`verifyAssertion()`

Parameters

Demo Project

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

Weekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

@frenatix/webauthn-js

webauthn-js: A webauthn server lib for node.js

Motivation

Installation

Usage

API

registerNewCredential()

Parameters

verifyAssertion()

Parameters

Demo Project

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

DownloadsWeekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

`registerNewCredential()`

`verifyAssertion()`

Weekly Downloads