@@ -47,6 +47,8 @@ pub struct MakeCredentialResponse {
4747 pub enterprise_attestation : Option < bool > ,
4848 pub large_blob_key : Option < Vec < u8 > > ,
4949 pub unsigned_extensions_output : MakeCredentialsResponseUnsignedExtensions ,
50+ /// Transport the credential was created over, stamped by the channel.
51+ pub transport : Option < crate :: Transport > ,
5052}
5153
5254/// Serializable attestation object for CBOR encoding.
@@ -82,7 +84,6 @@ impl WebAuthnIDLResponse for MakeCredentialResponse {
8284 fn to_idl_model (
8385 & self ,
8486 request : & Self :: Context ,
85- transport : Option < crate :: Transport > ,
8687 ) -> Result < Self :: IdlModel , ResponseSerializationError > {
8788 // The AT flag MUST be set on makeCredential responses per CTAP 2.2 §6.1.
8889 let attested = self
@@ -118,7 +119,7 @@ impl WebAuthnIDLResponse for MakeCredentialResponse {
118119 // Build attestation object (CBOR map with authData, fmt, attStmt)
119120 let attestation_object_bytes = self . build_attestation_object ( & authenticator_data_bytes) ?;
120121
121- let transports = registration_transports ( transport) ;
122+ let transports = registration_transports ( self . transport ) ;
122123
123124 // Build client extension results
124125 let client_extension_results = self . build_client_extension_results ( ) ;
@@ -1424,6 +1425,7 @@ mod tests {
14241425 enterprise_attestation : None ,
14251426 large_blob_key : None ,
14261427 unsigned_extensions_output : MakeCredentialsResponseUnsignedExtensions :: default ( ) ,
1428+ transport : None ,
14271429 }
14281430 }
14291431
@@ -1449,7 +1451,7 @@ mod tests {
14491451
14501452 let response = create_test_response ( ) ;
14511453 let request = create_test_request ( ) ;
1452- let json = response. to_json_string ( & request, None , JsonFormat :: default ( ) ) ;
1454+ let json = response. to_json_string ( & request, JsonFormat :: default ( ) ) ;
14531455 assert ! ( json. is_ok( ) ) ;
14541456
14551457 let json_str = json. unwrap ( ) ;
@@ -1504,7 +1506,7 @@ mod tests {
15041506 fn test_response_to_idl_model ( ) {
15051507 let response = create_test_response ( ) ;
15061508 let request = create_test_request ( ) ;
1507- let model = response. to_idl_model ( & request, None ) . unwrap ( ) ;
1509+ let model = response. to_idl_model ( & request) . unwrap ( ) ;
15081510
15091511 // Verify the credential ID
15101512 assert_eq ! ( model. raw_id. 0 , vec![ 0x01 , 0x02 , 0x03 , 0x04 ] ) ;
@@ -1523,7 +1525,7 @@ mod tests {
15231525 // WebAuthn L3 §5.2.1.1: the registration `transports` member reports the
15241526 // transport the credential was created over, as AuthenticatorTransport tokens.
15251527 // Both the FIDO2 and U2F-downgrade paths converge on this serialization.
1526- let response = create_test_response ( ) ;
1528+ let mut response = create_test_response ( ) ;
15271529 let request = create_test_request ( ) ;
15281530
15291531 for ( transport, token) in [
@@ -1532,15 +1534,16 @@ mod tests {
15321534 ( crate :: Transport :: Nfc , "nfc" ) ,
15331535 ( crate :: Transport :: Hybrid , "hybrid" ) ,
15341536 ] {
1535- let model = response. to_idl_model ( & request, Some ( transport) ) . unwrap ( ) ;
1537+ response. transport = Some ( transport) ;
1538+ let model = response. to_idl_model ( & request) . unwrap ( ) ;
15361539 assert_eq ! ( model. response. transports, vec![ token. to_string( ) ] ) ;
15371540 }
15381541
15391542 // The token reaches the JSON wire format too.
1543+ response. transport = Some ( crate :: Transport :: Nfc ) ;
15401544 let json = response
15411545 . to_json_string (
15421546 & request,
1543- Some ( crate :: Transport :: Nfc ) ,
15441547 crate :: ops:: webauthn:: idl:: response:: JsonFormat :: default ( ) ,
15451548 )
15461549 . unwrap ( ) ;
@@ -1549,7 +1552,8 @@ mod tests {
15491552 assert_eq ! ( transports, & vec![ serde_json:: Value :: from( "nfc" ) ] ) ;
15501553
15511554 // An unknown transport leaves the list empty.
1552- let model = response. to_idl_model ( & request, None ) . unwrap ( ) ;
1555+ response. transport = None ;
1556+ let model = response. to_idl_model ( & request) . unwrap ( ) ;
15531557 assert ! ( model. response. transports. is_empty( ) ) ;
15541558 }
15551559
@@ -1562,7 +1566,7 @@ mod tests {
15621566 // by the secp256r1 OID and the uncompressed point.
15631567 let response = create_test_response ( ) ;
15641568 let request = create_test_request ( ) ;
1565- let model = response. to_idl_model ( & request, None ) . unwrap ( ) ;
1569+ let model = response. to_idl_model ( & request) . unwrap ( ) ;
15661570
15671571 let public_key_bytes = model
15681572 . response
@@ -1586,7 +1590,7 @@ mod tests {
15861590 fn test_response_attestation_object_format ( ) {
15871591 let response = create_test_response ( ) ;
15881592 let request = create_test_request ( ) ;
1589- let model = response. to_idl_model ( & request, None ) . unwrap ( ) ;
1593+ let model = response. to_idl_model ( & request) . unwrap ( ) ;
15901594
15911595 // Decode the attestation object
15921596 let attestation_bytes = model. response . attestation_object . 0 ;
@@ -1631,7 +1635,7 @@ mod tests {
16311635 } ;
16321636
16331637 let request = create_test_request ( ) ;
1634- let model = response. to_idl_model ( & request, None ) . unwrap ( ) ;
1638+ let model = response. to_idl_model ( & request) . unwrap ( ) ;
16351639
16361640 // Verify cred_props extension
16371641 let cred_props = model. client_extension_results . cred_props . as_ref ( ) . unwrap ( ) ;
0 commit comments