fix(webauthn): expose cred params functions (#286)

This exposes useful functions for generating credential properties.
go-webauthn · Aug 29, 2024 · e736323 · e736323
1 parent 33464f5
commit e736323
Showing 1 changed file with 68 additions and 2 deletions.
diff --git a/webauthn/registration.go b/webauthn/registration.go
@@ -53,7 +53,7 @@ func (webauthn *WebAuthn) BeginRegistration(user User, opts ...RegistrationOptio
 		},
 	}
 
-	credentialParams := defaultRegistrationCredentialParameters()
+	credentialParams := CredentialParametersDefault()
 
 	creation = &protocol.CredentialCreation{
 		Response: protocol.PublicKeyCredentialCreationOptions{
@@ -234,7 +234,8 @@ func (webauthn *WebAuthn) CreateCredential(user User, session SessionData, parse
 	return NewCredential(clientDataHash, parsedResponse)
 }
 
-func defaultRegistrationCredentialParameters() []protocol.CredentialParameter {
+// CredentialParametersDefault is the default protocol.CredentialParameter list.
+func CredentialParametersDefault() []protocol.CredentialParameter {
 	return []protocol.CredentialParameter{
 		{
 			Type:      protocol.PublicKeyCredentialType,
@@ -278,3 +279,68 @@ func defaultRegistrationCredentialParameters() []protocol.CredentialParameter {
 		},
 	}
 }
+
+// CredentialParametersRecommendedL3 is explicitly the Level 3 recommended protocol.CredentialParameter list.
+func CredentialParametersRecommendedL3() []protocol.CredentialParameter {
+	return []protocol.CredentialParameter{
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgEdDSA,
+		},
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgES256,
+		},
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgRS256,
+		},
+	}
+}
+
+// CredentialParametersExtendedL3 is the Level 3 recommended protocol.CredentialParameter list with all of the other
+// parameters supported by the library.
+func CredentialParametersExtendedL3() []protocol.CredentialParameter {
+	return []protocol.CredentialParameter{
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgEdDSA,
+		},
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgES256,
+		},
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgES384,
+		},
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgES512,
+		},
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgRS256,
+		},
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgRS384,
+		},
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgRS512,
+		},
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgPS256,
+		},
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgPS384,
+		},
+		{
+			Type:      protocol.PublicKeyCredentialType,
+			Algorithm: webauthncose.AlgPS512,
+		},
+	}
+}