[PM-5731] feat: add support for silent discoverability

2026-01-09 20:13:18 +00:00 · 2024-01-30 13:10:09 +01:00
parent f3c64a89eb
commit 6bb724ff06
5 changed files with 157 additions and 3 deletions
--- a/src/Core/Abstractions/IFido2AuthenticatorService.cs
+++ b/src/Core/Abstractions/IFido2AuthenticatorService.cs
@@ -6,5 +6,7 @@ namespace Bit.Core.Abstractions
    {
        Task<Fido2AuthenticatorMakeCredentialResult> MakeCredentialAsync(Fido2AuthenticatorMakeCredentialParams makeCredentialParams);
        Task<Fido2AuthenticatorGetAssertionResult> GetAssertionAsync(Fido2AuthenticatorGetAssertionParams assertionParams);
+        // TODO: Should this return a List? Or maybe IEnumerable?
+        Task<Fido2AuthenticatorDiscoverableCredentialMetadata[]> SilentCredentialDiscoveryAsync(string rpId);
    }
 }
--- a/src/Core/Services/Fido2AuthenticatorService.cs
+++ b/src/Core/Services/Fido2AuthenticatorService.cs
@@ -194,6 +194,19 @@ namespace Bit.Core.Services
            }
        }

+        public async Task<Fido2AuthenticatorDiscoverableCredentialMetadata[]> SilentCredentialDiscoveryAsync(string rpId)
+        {
+            var credentials = (await FindCredentialsByRpAsync(rpId)).Select(cipher => new Fido2AuthenticatorDiscoverableCredentialMetadata {
+                Type = "public-key",
+                Id = GuidToRawFormat(cipher.Login.MainFido2Credential.CredentialId),
+                RpId = cipher.Login.MainFido2Credential.RpId,
+                UserHandle = cipher.Login.MainFido2Credential.UserHandleValue,
+                UserName = cipher.Login.MainFido2Credential.UserName
+            }).ToArray();
+
+            return credentials;
+        }
+
        ///<summary>
        /// Finds existing crendetials and returns the `CipherId` for each one
        ///</summary>
--- a/src/Core/Utilities/Fido2/Fido2AuthenticatorDiscoverableCredentialMetadata.cs
+++ b/src/Core/Utilities/Fido2/Fido2AuthenticatorDiscoverableCredentialMetadata.cs
@@ -0,0 +1,16 @@
+/// <summary>
+/// Represents the metadata of a discoverable credential for a FIDO2 authenticator.
+/// See: https://www.w3.org/TR/webauthn-3/#sctn-op-silent-discovery
+/// </summary>
+public class Fido2AuthenticatorDiscoverableCredentialMetadata
+{
+    public string Type { get; set; }
+
+    public byte[] Id { get; set; }
+
+    public string RpId { get; set; }
+
+    public byte[] UserHandle { get; set; }
+
+    public string UserName { get; set; }
+}
--- a/src/Core/Utilities/Fido2/PublicKeyCredentialDescriptor.cs
+++ b/src/Core/Utilities/Fido2/PublicKeyCredentialDescriptor.cs
@@ -1,9 +1,9 @@
 namespace Bit.Core.Utilities.Fido2
 {
    public class PublicKeyCredentialDescriptor {
-        public byte[] Id {get; set;}
-        public string[] Transports;
-        public string Type;
+        public byte[] Id { get; set; }
+        public string[] Transports { get; set; }
+        public string Type { get; set; }
    }
 }