Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PublicKeyCredentialJSON is an invalid WebIDL construct #1958

Closed
petervanderbeken opened this issue Sep 6, 2023 · 3 comments · Fixed by #1969
Closed

PublicKeyCredentialJSON is an invalid WebIDL construct #1958

petervanderbeken opened this issue Sep 6, 2023 · 3 comments · Fixed by #1969
Assignees
@MasterKale
Labels
type:technical
Milestone
L3-WD-02

Comments

@petervanderbeken
Copy link 

typedef (RegistrationResponseJSON or AuthenticationResponseJSON) PublicKeyCredentialJSON;

is invalid WebIDL. RegistrationResponseJSON and AuthenticationResponseJSON are both dictionaries and thus not distinguishable, and WebIDL unions require each pair of flattened members in a union to be distinguishable.

Replacing PublicKeyCredentialJSON with object would work (with prose describing it's either RegistrationResponseJSON and AuthenticationResponseJSON), or there might be a solution with merging RegistrationResponseJSON and AuthenticationResponseJSON into one dictionary type somehow (would probably require some creativity with required/optional members in various dictionaries).
@MasterKale
Copy link
Contributor

Thanks for pointing this out. WebIDL is so tricky to get right 😅

Replacing PublicKeyCredentialJSON with object would work (with prose describing it's either RegistrationResponseJSON and AuthenticationResponseJSON)

I can submit a PR that aims to take things this direction. I'd hate to have to mash up everything into a single dictionary as I think it'd be quite messy for RP's to work with.

@MasterKale MasterKale self-assigned this Sep 11, 2023
@arianvp
Copy link

arianvp commented Sep 11, 2023

I actually found the union awkward when translating this to go. These are the types my RP uses in Go. Perhaps we can use it as inspiration for the IDL

type PublicKeyCredential struct {
	ID                      Base64URLString                       `json:"id"`
	AuthenticatorAttachment string                                `json:"authenticatorAttachment"`
	ClientExtensionResults  AuthenticationExtensionsClientOutputs `json:"clientExtensionResults"`
	Type                    string                                `json:"type"`
	Response                Response                              `json:"response"`
}

type Response struct {
	AuthenticatorAttestationResponse
	AuthenticatorAssertionResponse

	ClientData        Base64URLString `json:"clientDataJSON"`
	AuthenticatorData Base64URLString `json:"authenticatorData"`
}
type AuthenticatorAttestationResponse struct {
	AttestationObject  Base64URLString `json:"attestationObject"`
	Transports         []string        `json:"transports"`
	PublicKey          Base64URLString `json:"publicKey"`
	PublicKeyAlgorithm string          `json:"publicKeyAlgorithm"`
}

type AuthenticatorAssertionResponse struct {
	Signature  Base64URLString  `json:"signature"`
	UserHandle *Base64URLString `json:"userHandle"`
}

@nadalin nadalin added this to the L3-WD-01 milestone Sep 12, 2023
@MasterKale
Copy link
Contributor

I'm going to work on getting something ready for review by the next WG meeting.

@MasterKale MasterKale mentioned this issue Sep 20, 2023
Merged
@plehegar plehegar modified the milestones: L3-WD-01, L3-WD-02 Oct 4, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MasterKale MasterKale

Labels
type:technical
Projects
None yet
Milestone
L3-WD-02
Development

Successfully merging a pull request may close this issue.

Fix broken PublicKeyCredentialJSON WebIDL definition w3c/webauthn
5 participants
@arianvp @plehegar @MasterKale @petervanderbeken @nadalin