From 43a13cb45139253fe89762f2bdabd28e2d99501c Mon Sep 17 00:00:00 2001
From: Andreas Coroiu <andreas.coroiu@gmail.com>
Date: Thu, 30 Mar 2023 15:57:46 +0200
Subject: [PATCH] [EC-598] feat: extend return from authenticator

---
 ...fido2-authenticator.service.abstraction.ts | 15 ++++++++--
 .../fido2-authenticator.service.spec.ts       |  4 ++-
 .../services/fido2-authenticator.service.ts   | 30 ++++++++++++-------
 3 files changed, 36 insertions(+), 13 deletions(-)

diff --git a/libs/common/src/webauthn/abstractions/fido2-authenticator.service.abstraction.ts b/libs/common/src/webauthn/abstractions/fido2-authenticator.service.abstraction.ts
index 92bd80c6896..c6726f3eee8 100644
--- a/libs/common/src/webauthn/abstractions/fido2-authenticator.service.abstraction.ts
+++ b/libs/common/src/webauthn/abstractions/fido2-authenticator.service.abstraction.ts
@@ -4,13 +4,17 @@ export abstract class Fido2AuthenticatorService {
    *
    * @return {Uint8Array} Attestation object
    **/
-  makeCredential: (params: Fido2AuthenticatorMakeCredentialsParams) => Promise<Uint8Array>;
+  makeCredential: (
+    params: Fido2AuthenticatorMakeCredentialsParams,
+    abortController?: AbortController
+  ) => Promise<Fido2AuthenticatorMakeCredentialResult>;
 
   /**
    * Generate an assertion using an existing credential
    */
   getAssertion: (
-    params: Fido2AuthenticatorGetAssertionParams
+    params: Fido2AuthenticatorGetAssertionParams,
+    abortController?: AbortController
   ) => Promise<Fido2AuthenticatorGetAssertionResult>;
 }
 
@@ -84,6 +88,13 @@ export interface Fido2AuthenticatorMakeCredentialsParams {
   // requireUserPresence: true; // Always required
 }
 
+export interface Fido2AuthenticatorMakeCredentialResult {
+  credentialId: BufferSource;
+  attestationObject: BufferSource;
+  authData: BufferSource;
+  publicKeyAlgorithm: number;
+}
+
 export interface Fido2AuthenticatorGetAssertionParams {
   /** The caller’s RP ID, as determined by the user agent and the client. */
   rpId: string;
diff --git a/libs/common/src/webauthn/services/fido2-authenticator.service.spec.ts b/libs/common/src/webauthn/services/fido2-authenticator.service.spec.ts
index babbf9cc126..fbff20f13c4 100644
--- a/libs/common/src/webauthn/services/fido2-authenticator.service.spec.ts
+++ b/libs/common/src/webauthn/services/fido2-authenticator.service.spec.ts
@@ -435,7 +435,9 @@ describe("FidoAuthenticatorService", () => {
         it("should return attestation object", async () => {
           const result = await authenticator.makeCredential(params);
 
-          const attestationObject = CBOR.decode(result.buffer);
+          const attestationObject = CBOR.decode(
+            Fido2Utils.bufferSourceToUint8Array(result.attestationObject).buffer
+          );
 
           const encAuthData: Uint8Array = attestationObject.authData;
           const rpIdHash = encAuthData.slice(0, 32);
diff --git a/libs/common/src/webauthn/services/fido2-authenticator.service.ts b/libs/common/src/webauthn/services/fido2-authenticator.service.ts
index a974b795fcd..71a203d5ff1 100644
--- a/libs/common/src/webauthn/services/fido2-authenticator.service.ts
+++ b/libs/common/src/webauthn/services/fido2-authenticator.service.ts
@@ -10,6 +10,7 @@ import {
   Fido2AutenticatorErrorCode,
   Fido2AuthenticatorGetAssertionParams,
   Fido2AuthenticatorGetAssertionResult,
+  Fido2AuthenticatorMakeCredentialResult,
   Fido2AuthenticatorMakeCredentialsParams,
   Fido2AuthenticatorService as Fido2AuthenticatorServiceAbstraction,
 } from "../abstractions/fido2-authenticator.service.abstraction";
@@ -35,7 +36,9 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
     private cipherService: CipherService,
     private userInterface: Fido2UserInterfaceService
   ) {}
-  async makeCredential(params: Fido2AuthenticatorMakeCredentialsParams): Promise<Uint8Array> {
+  async makeCredential(
+    params: Fido2AuthenticatorMakeCredentialsParams
+  ): Promise<Fido2AuthenticatorMakeCredentialResult> {
     if (params.credTypesAndPubKeyAlgs.every((p) => p.alg !== Fido2AlgorithmIdentifier.ES256)) {
       throw new Fido2AutenticatorError(Fido2AutenticatorErrorCode.NotSupported);
     }
@@ -116,22 +119,29 @@ export class Fido2AuthenticatorService implements Fido2AuthenticatorServiceAbstr
       }
     }
 
+    const credentialId = params.requireResidentKey ? cipher.id : cipher.fido2Key.nonDiscoverableId;
+    const authData = await generateAuthData({
+      rpId: params.rpEntity.id,
+      credentialId,
+      counter: cipher.fido2Key.counter,
+      userPresence: true,
+      userVerification: false,
+      keyPair,
+    });
     const attestationObject = new Uint8Array(
       CBOR.encode({
         fmt: "none",
         attStmt: {},
-        authData: await generateAuthData({
-          rpId: params.rpEntity.id,
-          credentialId: params.requireResidentKey ? cipher.id : cipher.fido2Key.nonDiscoverableId,
-          counter: cipher.fido2Key.counter,
-          userPresence: true,
-          userVerification: false,
-          keyPair,
-        }),
+        authData,
       })
     );
 
-    return attestationObject;
+    return {
+      credentialId: Fido2Utils.stringToBuffer(credentialId),
+      attestationObject,
+      authData,
+      publicKeyAlgorithm: -7,
+    };
   }
 
   async getAssertion(