Rename extensions to clientExtensionResults (#485)

joegoldman2 · web-flow · commit c2f384d6c99e · 2024-01-05T10:02:57.000+01:00
* Rename `extensions` to `clientExtensionResults`

* Update WebAuthn.ts
diff --git a/Src/Fido2.BlazorWebAssembly/wwwroot/js/WebAuthn.ts b/Src/Fido2.BlazorWebAssembly/wwwroot/js/WebAuthn.ts
@@ -29,7 +29,7 @@ export async function createCreds(options: PublicKeyCredentialCreationOptions) {
         id: base64StringToUrl(newCreds.id),
         rawId: toBase64Url(newCreds.rawId),
         type: newCreds.type,
-        extensions: newCreds.getClientExtensionResults(),
+        clientExtensionResults: newCreds.getClientExtensionResults(),
         response: {
             attestationObject: toBase64Url(response.attestationObject),
             clientDataJSON: toBase64Url(response.clientDataJSON),
@@ -55,6 +55,7 @@ export async function verify(options: PublicKeyCredentialRequestOptions) {
         id: creds.id,
         rawId: toBase64Url(creds.rawId),
         type: creds.type,
+        clientExtensionResults: creds.getClientExtensionResults(),
         response: {
             authenticatorData: toBase64Url(response.authenticatorData),
             clientDataJSON: toBase64Url(response.clientDataJSON),
diff --git a/Src/Fido2.Models/AuthenticatorAttestationRawResponse.cs b/Src/Fido2.Models/AuthenticatorAttestationRawResponse.cs
@@ -21,7 +21,15 @@ public sealed class AuthenticatorAttestationRawResponse
     public AttestationResponse Response { get; set; }
 
     [JsonPropertyName("extensions")]
-    public AuthenticationExtensionsClientOutputs Extensions { get; set; }
+    [Obsolete("Use ClientExtensionResults instead")]
+    public AuthenticationExtensionsClientOutputs Extensions
+    {
+        get => ClientExtensionResults;
+        set => ClientExtensionResults = value;
+    }
+
+    [JsonPropertyName("clientExtensionResults")]
+    public AuthenticationExtensionsClientOutputs ClientExtensionResults { get; set; }
 
     public sealed class AttestationResponse
     {
diff --git a/Src/Fido2/AuthenticatorAttestationResponse.cs b/Src/Fido2/AuthenticatorAttestationResponse.cs
@@ -123,9 +123,9 @@ public async Task<RegisteredPublicKeyCredential> VerifyAsync(
         // TODO?: Implement sort of like this: ClientExtensions.Keys.Any(x => options.extensions.contains(x);
         byte[]? devicePublicKeyResult = null;
 
-        if (Raw.Extensions?.DevicePubKey is not null)
+        if (Raw.ClientExtensionResults?.DevicePubKey is not null)
         {
-            devicePublicKeyResult = await DevicePublicKeyRegistrationAsync(config, metadataService, Raw.Extensions, AttestationObject.AuthData, clientDataHash, cancellationToken).ConfigureAwait(false);
+            devicePublicKeyResult = await DevicePublicKeyRegistrationAsync(config, metadataService, Raw.ClientExtensionResults, AttestationObject.AuthData, clientDataHash, cancellationToken).ConfigureAwait(false);
         }
 
         // 19. Determine the attestation statement format by performing a USASCII case-sensitive match on fmt
diff --git a/Test/AuthenticatorResponse.cs b/Test/AuthenticatorResponse.cs
@@ -253,7 +253,7 @@ public void TestAuthenticatorAttestationRawResponse()
                 AttestationObject = new CborMap().Encode(),
                 ClientDataJson = clientDataJson
             },
-            Extensions = new AuthenticationExtensionsClientOutputs
+            ClientExtensionResults = new AuthenticationExtensionsClientOutputs
             {
                 AppID = true,
                 Extensions = new string[] { "foo", "bar" },
@@ -281,13 +281,13 @@ public void TestAuthenticatorAttestationRawResponse()
         Assert.Equal(new byte[] { 0xf1, 0xd0 }, rawResponse.RawId);
         Assert.Equal(new byte[] { 0xa0 }, rawResponse.Response.AttestationObject);
         Assert.Equal(clientDataJson, rawResponse.Response.ClientDataJson);
-        Assert.True(rawResponse.Extensions.AppID);
-        Assert.Equal(new string[] { "foo", "bar" }, rawResponse.Extensions.Extensions);
-        Assert.Equal("test", rawResponse.Extensions.Example);
-        Assert.Equal((ulong)4, rawResponse.Extensions.UserVerificationMethod[0][0]);
-        Assert.True(rawResponse.Extensions.PRF.Enabled);
-        Assert.Equal(rawResponse.Extensions.PRF.Results.First, new byte[] { 0xf1, 0xd0 });
-        Assert.Equal(new byte[] { 0xf1, 0xd0 }, rawResponse.Extensions.PRF.Results.Second);
+        Assert.True(rawResponse.ClientExtensionResults.AppID);
+        Assert.Equal(new string[] { "foo", "bar" }, rawResponse.ClientExtensionResults.Extensions);
+        Assert.Equal("test", rawResponse.ClientExtensionResults.Example);
+        Assert.Equal((ulong)4, rawResponse.ClientExtensionResults.UserVerificationMethod[0][0]);
+        Assert.True(rawResponse.ClientExtensionResults.PRF.Enabled);
+        Assert.Equal(rawResponse.ClientExtensionResults.PRF.Results.First, new byte[] { 0xf1, 0xd0 });
+        Assert.Equal(new byte[] { 0xf1, 0xd0 }, rawResponse.ClientExtensionResults.PRF.Results.Second);
     }
 
     [Fact]
diff --git a/Test/Fido2Tests.cs b/Test/Fido2Tests.cs
@@ -165,7 +165,7 @@ public async Task<MakeNewCredentialResult> MakeAttestationResponseAsync()
                     ClientDataJson = _clientDataJson,
                     Transports = new[] { AuthenticatorTransport.Internal }
                 },
-                Extensions = new AuthenticationExtensionsClientOutputs()
+                ClientExtensionResults = new AuthenticationExtensionsClientOutputs()
                 {
                     AppID = true,
                     Extensions = new string[] { "foo", "bar" },

Original file line number	Diff line number	Diff line change
`@@ -123,9 +123,9 @@ public async Task<RegisteredPublicKeyCredential> VerifyAsync(`
`123`	`123`	`// TODO?: Implement sort of like this: ClientExtensions.Keys.Any(x => options.extensions.contains(x);`
`124`	`124`	`byte[]? devicePublicKeyResult = null;`
`125`	`125`
`126`		`- if (Raw.Extensions?.DevicePubKey is not null)`
	`126`	`+ if (Raw.ClientExtensionResults?.DevicePubKey is not null)`
`127`	`127`	`{`
`128`		`- devicePublicKeyResult = await DevicePublicKeyRegistrationAsync(config, metadataService, Raw.Extensions, AttestationObject.AuthData, clientDataHash, cancellationToken).ConfigureAwait(false);`
	`128`	`+ devicePublicKeyResult = await DevicePublicKeyRegistrationAsync(config, metadataService, Raw.ClientExtensionResults, AttestationObject.AuthData, clientDataHash, cancellationToken).ConfigureAwait(false);`
`129`	`129`	`}`
`130`	`130`
`131`	`131`	`// 19. Determine the attestation statement format by performing a USASCII case-sensitive match on fmt`
Original file line number	Diff line number	Diff line change
`@@ -165,7 +165,7 @@ public async Task<MakeNewCredentialResult> MakeAttestationResponseAsync()`
`165`	`165`	`ClientDataJson = _clientDataJson,`
`166`	`166`	`Transports = new[] { AuthenticatorTransport.Internal }`
`167`	`167`	`},`
`168`		`- Extensions = new AuthenticationExtensionsClientOutputs()`
	`168`	`+ ClientExtensionResults = new AuthenticationExtensionsClientOutputs()`
`169`	`169`	`{`
`170`	`170`	`AppID = true,`
`171`	`171`	`Extensions = new string[] { "foo", "bar" },`