From 6e3057a96a34d22cac193e5c17b4a3c01d2ca045 Mon Sep 17 00:00:00 2001
From: aeneasr <3372410+aeneasr@users.noreply.github.com>
Date: Wed, 2 Mar 2022 10:07:54 +0100
Subject: [PATCH] feat(webauthn): add passwordless credentials indicator

---
 selfservice/strategy/webauthn/credentials.go      | 5 ++++-
 selfservice/strategy/webauthn/credentials_test.go | 9 +++++++--
 2 files changed, 11 insertions(+), 3 deletions(-)

diff --git a/selfservice/strategy/webauthn/credentials.go b/selfservice/strategy/webauthn/credentials.go
index 4962edd176a..a831431c76f 100644
--- a/selfservice/strategy/webauthn/credentials.go
+++ b/selfservice/strategy/webauthn/credentials.go
@@ -10,14 +10,16 @@ import (
 type CredentialsConfig struct {
 	// List of webauthn credentials.
 	Credentials Credentials `json:"credentials"`
+	UserHandle  []byte      `json:"user_handle"`
 }
 
 type Credentials []Credential
 
-func CredentialFromWebAuthn(credential *webauthn.Credential) *Credential {
+func CredentialFromWebAuthn(credential *webauthn.Credential, isPasswordless bool) *Credential {
 	return &Credential{
 		ID:              credential.ID,
 		PublicKey:       credential.PublicKey,
+		IsPasswordless:  isPasswordless,
 		AttestationType: credential.AttestationType,
 		Authenticator: Authenticator{
 			AAGUID:       credential.Authenticator.AAGUID,
@@ -55,6 +57,7 @@ type Credential struct {
 	Authenticator   Authenticator `json:"authenticator"`
 	DisplayName     string        `json:"display_name"`
 	AddedAt         time.Time     `json:"added_at"`
+	IsPasswordless  bool          `json:"is_passwordless"`
 }
 
 type Authenticator struct {
diff --git a/selfservice/strategy/webauthn/credentials_test.go b/selfservice/strategy/webauthn/credentials_test.go
index c2114a1a430..bbc7caf9daf 100644
--- a/selfservice/strategy/webauthn/credentials_test.go
+++ b/selfservice/strategy/webauthn/credentials_test.go
@@ -19,9 +19,14 @@ func TestCredentialConversion(t *testing.T) {
 		},
 	}
 
-	actual := CredentialFromWebAuthn(expected).ToWebAuthn()
+	actual := CredentialFromWebAuthn(expected, false).ToWebAuthn()
 	assert.Equal(t, expected, actual)
 
-	actualList := Credentials{*CredentialFromWebAuthn(expected)}.ToWebAuthn()
+	actualList := Credentials{*CredentialFromWebAuthn(expected, false)}.ToWebAuthn()
 	assert.Equal(t, []webauthn.Credential{*expected}, actualList)
+
+	fromWebAuthn := CredentialFromWebAuthn(expected, true)
+	assert.True(t, fromWebAuthn.IsPasswordless)
+	fromWebAuthn = CredentialFromWebAuthn(expected, false)
+	assert.False(t, fromWebAuthn.IsPasswordless)
 }