Skip to content

Commit 61ad0af

Browse files
refactor(webauthn): fold the ceremony transport into the transports list
1 parent 3652b6e commit 61ad0af

1 file changed

Lines changed: 28 additions & 20 deletions

File tree

libwebauthn/src/ops/webauthn/make_credential.rs

Lines changed: 28 additions & 20 deletions
Original file line numberDiff line numberDiff line change
@@ -121,17 +121,12 @@ impl WebAuthnIDLResponse for MakeCredentialResponse {
121121
// Build attestation object (CBOR map with authData, fmt, attStmt)
122122
let attestation_object_bytes = self.build_attestation_object(&authenticator_data_bytes)?;
123123

124-
// Prefer the authenticator's getInfo 0x09 transports; else the ceremony
125-
// transport. WebAuthn L3 §5.2.1.1: unique tokens, lexicographically sorted.
126-
let transports = match self.authenticator_transports.as_ref() {
127-
Some(reported) if !reported.is_empty() => {
128-
let mut tokens = reported.clone();
129-
tokens.sort();
130-
tokens.dedup();
131-
tokens
132-
}
133-
_ => registration_transports(self.transport),
134-
};
124+
// WebAuthn getTransports(): the authenticator's getInfo 0x09 transports
125+
// folded with the ceremony transport, unique tokens lexicographically sorted.
126+
let mut transports = self.authenticator_transports.clone().unwrap_or_default();
127+
transports.extend(registration_transports(self.transport));
128+
transports.sort();
129+
transports.dedup();
135130

136131
// Build client extension results
137132
let client_extension_results = self.build_client_extension_results();
@@ -1572,37 +1567,50 @@ mod tests {
15721567

15731568
#[test]
15741569
fn test_response_to_idl_model_transports_from_get_info() {
1575-
// The authenticator's getInfo (0x09) transports source the registration
1576-
// `transports` member as unique tokens in lexicographical order, taking
1577-
// precedence over the single ceremony transport (no union).
1570+
// The authenticator's getInfo (0x09) transports are folded with the
1571+
// ceremony transport, as unique tokens in lexicographical order.
15781572
let mut response = create_test_response();
15791573
let request = create_test_request();
15801574

1581-
// Reported out of order with a duplicate; ceremony transport differs.
1575+
// Reported out of order with a duplicate; the ceremony transport (ble) folds in.
15821576
response.transport = Some(crate::Transport::Ble);
15831577
response.authenticator_transports = Some(vec![
15841578
"usb".to_string(),
15851579
"nfc".to_string(),
15861580
"usb".to_string(),
15871581
]);
15881582
let model = response.to_idl_model(&request).unwrap();
1583+
assert_eq!(
1584+
model.response.transports,
1585+
vec!["ble".to_string(), "nfc".to_string(), "usb".to_string()]
1586+
);
1587+
1588+
// A ceremony transport already in the reported list is not duplicated.
1589+
response.transport = Some(crate::Transport::Usb);
1590+
response.authenticator_transports = Some(vec!["usb".to_string(), "nfc".to_string()]);
1591+
let model = response.to_idl_model(&request).unwrap();
15891592
assert_eq!(
15901593
model.response.transports,
15911594
vec!["nfc".to_string(), "usb".to_string()]
15921595
);
15931596

1594-
// An empty reported list falls back to the ceremony transport.
1595-
response.authenticator_transports = Some(Vec::new());
1597+
// No reported transports leaves just the ceremony transport.
1598+
response.authenticator_transports = None;
15961599
let model = response.to_idl_model(&request).unwrap();
1597-
assert_eq!(model.response.transports, vec!["ble".to_string()]);
1600+
assert_eq!(model.response.transports, vec!["usb".to_string()]);
15981601

1599-
// Unknown tokens pass through unchanged.
1602+
// Unknown tokens pass through, folded with the ceremony transport.
1603+
response.transport = Some(crate::Transport::Ble);
16001604
response.authenticator_transports =
16011605
Some(vec!["smart-card".to_string(), "custom".to_string()]);
16021606
let model = response.to_idl_model(&request).unwrap();
16031607
assert_eq!(
16041608
model.response.transports,
1605-
vec!["custom".to_string(), "smart-card".to_string()]
1609+
vec![
1610+
"ble".to_string(),
1611+
"custom".to_string(),
1612+
"smart-card".to_string()
1613+
]
16061614
);
16071615
}
16081616

0 commit comments

Comments
 (0)