diff --git a/README.md b/README.md index 8cd8d60..dfd68d9 100644 --- a/README.md +++ b/README.md @@ -296,7 +296,7 @@ To enable WebAuthn you need to: 1. Install the peer dependencies: ```bash -npx nypm i @simplewebauthn/server@10 @simplewebauthn/browser@10 +npx nypm i @simplewebauthn/server@11 @simplewebauthn/browser@11 ``` 2. Enable it in your `nuxt.config.ts` diff --git a/package.json b/package.json index f2ee6d0..c3fa29f 100644 --- a/package.json +++ b/package.json @@ -43,8 +43,8 @@ "uncrypto": "^0.1.3" }, "peerDependencies": { - "@simplewebauthn/browser": "^10.0.0", - "@simplewebauthn/server": "^10.0.1" + "@simplewebauthn/browser": "^11.0.0", + "@simplewebauthn/server": "^11.0.0" }, "peerDependenciesMeta": { "@simplewebauthn/browser": { @@ -63,7 +63,7 @@ "@nuxt/test-utils": "^3.14.2", "@nuxt/ui": "^2.18.6", "@nuxt/ui-pro": "^1.4.3", - "@simplewebauthn/types": "^10.0.0", + "@simplewebauthn/types": "^11.0.0", "changelogen": "^0.5.7", "eslint": "^9.12.0", "nuxt": "^3.13.2", diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index 5ec6b62..4364632 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -15,11 +15,11 @@ importers: specifier: ^3.13.2 version: 3.13.2(magicast@0.3.5)(rollup@3.29.4) '@simplewebauthn/browser': - specifier: ^10.0.0 - version: 10.0.0 + specifier: ^11.0.0 + version: 11.0.0 '@simplewebauthn/server': - specifier: ^10.0.1 - version: 10.0.1 + specifier: ^11.0.0 + version: 11.0.0 defu: specifier: ^6.1.4 version: 6.1.4 @@ -67,8 +67,8 @@ importers: specifier: ^1.4.3 version: 1.4.3(magicast@0.3.5)(rollup@3.29.4)(vite@5.4.6(@types/node@22.5.5)(terser@5.33.0))(vue@3.5.6(typescript@5.6.2)) '@simplewebauthn/types': - specifier: ^10.0.0 - version: 10.0.0 + specifier: ^11.0.0 + version: 11.0.0 changelogen: specifier: ^0.5.7 version: 0.5.7(magicast@0.3.5) @@ -1442,15 +1442,15 @@ packages: cpu: [x64] os: [win32] - '@simplewebauthn/browser@10.0.0': - resolution: {integrity: sha512-hG0JMZD+LiLUbpQcAjS4d+t4gbprE/dLYop/CkE01ugU/9sKXflxV5s0DRjdz3uNMFecatRfb4ZLG3XvF8m5zg==} + '@simplewebauthn/browser@11.0.0': + resolution: {integrity: sha512-KEGCStrl08QC2I561BzxqGiwoknblP6O1YW7jApdXLPtIqZ+vgJYAv8ssLCdm1wD8HGAHd49CJLkUF8X70x/pg==} - '@simplewebauthn/server@10.0.1': - resolution: {integrity: sha512-djNWcRn+H+6zvihBFJSpG3fzb0NQS9c/Mw5dYOtZ9H+oDw8qn9Htqxt4cpqRvSOAfwqP7rOvE9rwqVaoGGc3hg==} + '@simplewebauthn/server@11.0.0': + resolution: {integrity: sha512-zu8dxKcPiRUNSN2kmrnNOzNbRI8VaR/rL4ENCHUfC6PEE7SAAdIql9g5GBOd/wOVZolIsaZz3ccFxuGoVP0iaw==} engines: {node: '>=20.0.0'} - '@simplewebauthn/types@10.0.0': - resolution: {integrity: sha512-SFXke7xkgPRowY2E+8djKbdEznTVnD5R6GO7GPTthpHrokLvNKw8C3lFZypTxLI7KkCfGPfhtqB3d7OVGGa9jQ==} + '@simplewebauthn/types@11.0.0': + resolution: {integrity: sha512-b2o0wC5u2rWts31dTgBkAtSNKGX0cvL6h8QedNsKmj8O4QoLFQFR3DBVBUlpyVEhYKA+mXGUaXbcOc4JdQ3HzA==} '@sindresorhus/merge-streams@2.3.0': resolution: {integrity: sha512-LtoMMhxAlorcGhmFYI+LhPgbPZCkgP6ra1YL604EeF6U98pLlQ3iWIGMdWSC+vWmPBWBNgmDBAhnAobLROJmwg==} @@ -4506,9 +4506,6 @@ packages: typescript: optional: true - tslib@2.6.3: - resolution: {integrity: sha512-xNvxJEOUiWPGhUuUdQgAJPKOOJfGnIyKySOc09XkKsgdUV/3E2zvwZYdejjmRgPCgcym1juLH3226yA7sEFJKQ==} - tslib@2.7.0: resolution: {integrity: sha512-gLXCKdN1/j47AiHiOkJN69hJmcbGTHI0ImLmbYLHykhgeN0jVGola9yVjFgzCUklsZQMW55o+dW7IXv3RCXDzA==} @@ -6483,27 +6480,27 @@ snapshots: dependencies: '@peculiar/asn1-schema': 2.3.13 asn1js: 3.0.5 - tslib: 2.6.3 + tslib: 2.7.0 '@peculiar/asn1-ecc@2.3.13': dependencies: '@peculiar/asn1-schema': 2.3.13 '@peculiar/asn1-x509': 2.3.13 asn1js: 3.0.5 - tslib: 2.6.3 + tslib: 2.7.0 '@peculiar/asn1-rsa@2.3.13': dependencies: '@peculiar/asn1-schema': 2.3.13 '@peculiar/asn1-x509': 2.3.13 asn1js: 3.0.5 - tslib: 2.6.3 + tslib: 2.7.0 '@peculiar/asn1-schema@2.3.13': dependencies: asn1js: 3.0.5 pvtsutils: 1.3.5 - tslib: 2.6.3 + tslib: 2.7.0 '@peculiar/asn1-x509@2.3.13': dependencies: @@ -6511,7 +6508,7 @@ snapshots: asn1js: 3.0.5 ipaddr.js: 2.2.0 pvtsutils: 1.3.5 - tslib: 2.6.3 + tslib: 2.7.0 '@phc/format@1.0.0': {} @@ -6706,11 +6703,11 @@ snapshots: '@rollup/rollup-win32-x64-msvc@4.22.0': optional: true - '@simplewebauthn/browser@10.0.0': + '@simplewebauthn/browser@11.0.0': dependencies: - '@simplewebauthn/types': 10.0.0 + '@simplewebauthn/types': 11.0.0 - '@simplewebauthn/server@10.0.1': + '@simplewebauthn/server@11.0.0': dependencies: '@hexagon/base64': 1.1.28 '@levischuck/tiny-cbor': 0.2.2 @@ -6719,12 +6716,12 @@ snapshots: '@peculiar/asn1-rsa': 2.3.13 '@peculiar/asn1-schema': 2.3.13 '@peculiar/asn1-x509': 2.3.13 - '@simplewebauthn/types': 10.0.0 + '@simplewebauthn/types': 11.0.0 cross-fetch: 4.0.0 transitivePeerDependencies: - encoding - '@simplewebauthn/types@10.0.0': {} + '@simplewebauthn/types@11.0.0': {} '@sindresorhus/merge-streams@2.3.0': {} @@ -7280,7 +7277,7 @@ snapshots: dependencies: pvtsutils: 1.3.5 pvutils: 1.1.3 - tslib: 2.6.3 + tslib: 2.7.0 assertion-error@2.0.1: {} @@ -9780,7 +9777,7 @@ snapshots: pvtsutils@1.3.5: dependencies: - tslib: 2.6.3 + tslib: 2.7.0 pvutils@1.1.3: {} @@ -10364,8 +10361,6 @@ snapshots: optionalDependencies: typescript: 5.6.2 - tslib@2.6.3: {} - tslib@2.7.0: {} tsscmp@1.0.6: {} diff --git a/src/runtime/app/composables/webauthn.ts b/src/runtime/app/composables/webauthn.ts index 2599ca6..986d191 100644 --- a/src/runtime/app/composables/webauthn.ts +++ b/src/runtime/app/composables/webauthn.ts @@ -31,8 +31,18 @@ export function useWebAuthn(options: { * @default '/api/webauthn/authenticate' */ authenticateEndpoint?: string + /** + * Enable browser autofill for authentication + * @default false + */ + useBrowserAutofill?: boolean } = {}): WebAuthnComposable { - const { registerEndpoint = '/api/webauthn/register', authenticateEndpoint = '/api/webauthn/authenticate' } = options + const { + registerEndpoint = '/api/webauthn/register', + authenticateEndpoint = '/api/webauthn/authenticate', + useBrowserAutofill = false, + } = options + async function register(user: { userName: string, displayName?: string }) { const { creationOptions, attemptId } = await $fetch(registerEndpoint, { method: 'POST', @@ -42,7 +52,9 @@ export function useWebAuthn(options: { }, }) - const attestationResponse = await startRegistration(creationOptions) + const attestationResponse = await startRegistration({ + optionsJSON: creationOptions, + }) const verificationResponse = await $fetch(registerEndpoint, { method: 'POST', body: { @@ -65,7 +77,10 @@ export function useWebAuthn(options: { }, }) - const assertionResponse = await startAuthentication(requestOptions) + const assertionResponse = await startAuthentication({ + optionsJSON: requestOptions, + useBrowserAutofill, + }) const verificationResponse = await $fetch(authenticateEndpoint, { method: 'POST', body: { diff --git a/src/runtime/server/lib/webauthn/authenticate.ts b/src/runtime/server/lib/webauthn/authenticate.ts index bfad52e..c8ba0c9 100644 --- a/src/runtime/server/lib/webauthn/authenticate.ts +++ b/src/runtime/server/lib/webauthn/authenticate.ts @@ -71,9 +71,9 @@ export function defineWebAuthnAuthenticateEventHandler({ await onSuccess(event, { user, credential: { - id: verification.registrationInfo!.credentialID, - publicKey: bufferToBase64URLString(verification.registrationInfo!.credentialPublicKey), - counter: verification.registrationInfo!.counter, + id: verification.registrationInfo!.credential.id, + publicKey: bufferToBase64URLString(verification.registrationInfo!.credential.publicKey), + counter: verification.registrationInfo!.credential.counter, backedUp: verification.registrationInfo!.credentialBackedUp, - transports: body.response.response.transports, + transports: verification.registrationInfo!.credential.transports, }, registrationInfo: verification.registrationInfo!, })