[PM-5731] feat: implement get assertion params object

2026-01-10 20:43:41 +00:00 · 2024-01-17 10:53:10 +01:00
parent ee252be634
commit f9b4e30b0b
5 changed files with 86 additions and 2 deletions
--- a/src/Core/Abstractions/IFido2AuthenticatorService.cs
+++ b/src/Core/Abstractions/IFido2AuthenticatorService.cs
@@ -0,0 +1,9 @@
+using Bit.Core.Utilities.Fido2;
+
+namespace Bit.Core.Abstractions
+{
+    public interface IFido2AuthenticatorService
+    {
+        Task<Fido2AuthenticatorGetAssertionResult> GetAssertionAsync(Fido2AuthenticatorGetAssertionParams assertionParams);
+    }
+}
--- a/src/Core/Services/Fido2AuthenticatorService.cs
+++ b/src/Core/Services/Fido2AuthenticatorService.cs
@@ -0,0 +1,18 @@
+using Bit.Core.Abstractions;
+using Bit.Core.Utilities.Fido2;
+
+namespace Bit.Core.Services
+{
+    public class Fido2AuthenticatorService : IFido2AuthenticatorService
+    {
+        public Task<Fido2AuthenticatorGetAssertionResult> GetAssertionAsync(Fido2AuthenticatorGetAssertionParams assertionParams)
+        {
+            // TODO: IMPLEMENT this
+            return Task.FromResult(new Fido2AuthenticatorGetAssertionResult
+            {
+                AuthenticatorData = new byte[32],
+                Signature = new byte[8]
+            });
+        }
+    }
+}
--- a/src/Core/Utilities/Fido2/Fido2AuthenticatorGetAssertionParams.cs
+++ b/src/Core/Utilities/Fido2/Fido2AuthenticatorGetAssertionParams.cs
@@ -2,11 +2,21 @@
 {
    public class Fido2AuthenticatorGetAssertionParams
    {
+        /** The caller’s RP ID, as determined by the user agent and the client. */
        public string RpId { get; set; }

-        public string CredentialId { get; set; }
+        /** The hash of the serialized client data, provided by the client. */
+        public byte[] Hash {get; set;}

-        public string Counter { get; set; }
+        public PublicKeyCredentialDescriptor[] AllowCredentialDescriptorList {get; set;}
+
+        /** The effective user verification requirement for assertion, a Boolean value provided by the client. */
+        public bool RequireUserVerification {get; set;}
+        
+        /** CTAP2 authenticators support setting this to false, but we only support the WebAuthn authenticator model which does not have that option. */
+        // public bool RequireUserPresence {get; set;} // Always required
+
+        public object Extensions {get; set;}
    }
 }

--- a/src/Core/Utilities/Fido2/PublicKeyCredentialDescriptor.cs
+++ b/src/Core/Utilities/Fido2/PublicKeyCredentialDescriptor.cs
@@ -0,0 +1,9 @@
+namespace Bit.Core.Utilities.Fido2
+{
+    public class PublicKeyCredentialDescriptor {
+        public byte[] Id {get; set;}
+        public string[] Transports;
+        public string Type;
+    }
+}
+