passwordless-lib · aseigler · Oct 23, 2023 · Oct 9, 2023
diff --git a/Src/Fido2.Models/Objects/AuthenticationExtensionsClientInputs.cs b/Src/Fido2.Models/Objects/AuthenticationExtensionsClientInputs.cs
@@ -22,14 +22,6 @@ public sealed class AuthenticationExtensionsClientInputs
     [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
     public string AppID { get; set; }
 
-    /// <summary>
-    /// This extension allows a WebAuthn Relying Party to guide the selection of the authenticator that will be leveraged when creating the credential. It is intended primarily for Relying Parties that wish to tightly control the experience around credential creation.
-    /// https://www.w3.org/TR/webauthn/#sctn-authenticator-selection-extension
-    /// </summary>
-    [JsonPropertyName("authnSel")]
-    [JsonIgnore(Condition = JsonIgnoreCondition.WhenWritingNull)]
-    public byte[][] AuthenticatorSelection { get; set; }
-
     /// <summary>
     /// This extension enables the WebAuthn Relying Party to determine which extensions the authenticator supports.
     /// https://www.w3.org/TR/webauthn/#sctn-supported-extensions-extension

diff --git a/Src/Fido2.Models/Objects/AuthenticationExtensionsClientOutputs.cs b/Src/Fido2.Models/Objects/AuthenticationExtensionsClientOutputs.cs
@@ -20,13 +20,6 @@ public class AuthenticationExtensionsClientOutputs
     [JsonPropertyName("appid")]
     public bool AppID { get; set; }
 
-    /// <summary>
-    /// This extension allows a WebAuthn Relying Party to guide the selection of the authenticator that will be leveraged when creating the credential. It is intended primarily for Relying Parties that wish to tightly control the experience around credential creation.
-    /// https://www.w3.org/TR/webauthn/#sctn-authenticator-selection-extension
-    /// </summary>
-    [JsonPropertyName("authnSel")]
-    public bool AuthenticatorSelection { get; set; }
-
     /// <summary>
     /// This extension enables the WebAuthn Relying Party to determine which extensions the authenticator supports.
     /// https://www.w3.org/TR/webauthn/#sctn-supported-extensions-extension

diff --git a/Test/AuthenticatorResponse.cs b/Test/AuthenticatorResponse.cs
@@ -256,7 +256,6 @@ public void TestAuthenticatorAttestationRawResponse()
             Extensions = new AuthenticationExtensionsClientOutputs
             {
                 AppID = true,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -283,7 +282,6 @@ public void TestAuthenticatorAttestationRawResponse()
         Assert.Equal(new byte[] { 0xa0 }, rawResponse.Response.AttestationObject);
         Assert.Equal(clientDataJson, rawResponse.Response.ClientDataJson);
         Assert.True(rawResponse.Extensions.AppID);
-        Assert.True(rawResponse.Extensions.AuthenticatorSelection);
         Assert.Equal(new string[] { "foo", "bar" }, rawResponse.Extensions.Extensions);
         Assert.Equal("test", rawResponse.Extensions.Example);
         Assert.Equal((ulong)4, rawResponse.Extensions.UserVerificationMethod[0][0]);
@@ -1239,7 +1237,6 @@ public void TestAuthenticatorAssertionRawResponse()
             Extensions = new AuthenticationExtensionsClientOutputs
             {
                 AppID = true,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -1268,7 +1265,6 @@ public void TestAuthenticatorAssertionRawResponse()
         Assert.Equal(clientDataJson, assertionResponse.Response.ClientDataJson);
         Assert.Equal(new byte[] { 0xf1, 0xd0 }, assertionResponse.Response.UserHandle);
         Assert.True(assertionResponse.Extensions.AppID);
-        Assert.True(assertionResponse.Extensions.AuthenticatorSelection);
         Assert.Equal(new string[] { "foo", "bar" }, assertionResponse.Extensions.Extensions);
         Assert.Equal("test", assertionResponse.Extensions.Example);
         Assert.Equal((ulong)4, assertionResponse.Extensions.UserVerificationMethod[0][0]);
@@ -1317,7 +1313,6 @@ public void TestAuthenticatorAssertionTypeNotPublicKey()
             Extensions = new AuthenticationExtensionsClientOutputs
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -1386,7 +1381,6 @@ public void TestAuthenticatorAssertionIdMissing()
             Extensions = new AuthenticationExtensionsClientOutputs
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -1456,7 +1450,6 @@ public void TestAuthenticatorAssertionRawIdMissing()
             Extensions = new AuthenticationExtensionsClientOutputs()
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -1526,7 +1519,6 @@ public void TestAuthenticatorAssertionUserHandleEmpty()
             Extensions = new AuthenticationExtensionsClientOutputs()
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -1596,7 +1588,6 @@ public void TestAuthenticatorAssertionUserHandleNotOwnerOfPublicKey()
             Extensions = new AuthenticationExtensionsClientOutputs()
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -1666,7 +1657,6 @@ public void TestAuthenticatorAssertionTypeNotWebAuthnGet()
             Extensions = new AuthenticationExtensionsClientOutputs
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -1738,7 +1728,6 @@ public void TestAuthenticatorAssertionAppId()
             Extensions = new AuthenticationExtensionsClientOutputs()
             {
                 AppID = true,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -1809,7 +1798,6 @@ public void TestAuthenticatorAssertionInvalidRpIdHash()
             Extensions = new AuthenticationExtensionsClientOutputs()
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -1881,7 +1869,6 @@ public void TestAuthenticatorAssertionUPRequirementNotMet()
             Extensions = new AuthenticationExtensionsClientOutputs
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -1952,7 +1939,6 @@ public void TestAuthenticatorAssertionUVPolicyNotMet()
             Extensions = new AuthenticationExtensionsClientOutputs
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -2021,7 +2007,6 @@ public void TestAuthenticatorAssertionBEPolicyRequired()
             Extensions = new AuthenticationExtensionsClientOutputs()
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -2091,7 +2076,6 @@ public void TestAuthenticatorAssertionBEPolicyDisallow()
             Extensions = new AuthenticationExtensionsClientOutputs
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -2161,7 +2145,6 @@ public void TestAuthenticatorAssertionBSPolicyRequired()
             Extensions = new AuthenticationExtensionsClientOutputs
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -2231,7 +2214,6 @@ public void TestAuthenticatorAssertionBSPolicyDisallow()
             Extensions = new AuthenticationExtensionsClientOutputs
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -2302,7 +2284,6 @@ public void TestAuthenticatorAssertionStoredPublicKeyMissing()
             Extensions = new AuthenticationExtensionsClientOutputs()
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -2372,7 +2353,6 @@ public void TestAuthenticatorAssertionInvalidSignature()
             Extensions = new AuthenticationExtensionsClientOutputs()
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]
@@ -2449,7 +2429,6 @@ public void TestAuthenticatorAssertionSignCountSignature()
             Extensions = new AuthenticationExtensionsClientOutputs()
             {
                 AppID = false,
-                AuthenticatorSelection = true,
                 Extensions = new string[] { "foo", "bar" },
                 Example = "test",
                 UserVerificationMethod = new ulong[][]

diff --git a/Test/Fido2Tests.cs b/Test/Fido2Tests.cs
@@ -167,7 +167,6 @@ public async Task<Fido2.CredentialMakeResult> MakeAttestationResponseAsync()
                 Extensions = new AuthenticationExtensionsClientOutputs()
                 {
                     AppID = true,
-                    AuthenticatorSelection = true,
                     Extensions = new string[] { "foo", "bar" },
                     Example = "test",
                     UserVerificationMethod = new ulong[][]