Re: [webauthn] Use of CBOR, and Uint8Array/ArrayBuffer (#1362)

Thanks for the suggestion, but I'm not sure [webauthn-json]( is helpful in this case.

Basically I don't want every website needing these extra dependencies, especially one that has been written in TypeScript (introducing the need for Node.js to compile it).


While I'm not completely happy with my implementation yet, I feel like the WebAuthn API should be easier to use - ideally allowing the returned data to be sent directly to the server as normal JSON / Base64 encoded data:

This would also make the server side code considerably easier to implement:

But I must confess, I haven't looked at `attestation` during create() yet, so I'm not sure if my suggestion will work yet (I've just set it to 'none', mostly because I don't think I need it).

And thanks for noting the the mixing of `base64` and `base64Url`, that tripped me up when taking `` from `navigator.credentials.create()`, then later using it for the `` used with `navigator.credentials.get()`.

As to my `base64_to_uint8array()` function (well, copied from [](, as I've never needed to use Uint8Array before), it seems to be working, so I wonder if I'm using it in a different way than you're expecting?

I should note that this is the 3rd time I've tried to implement WebAuthn, and each time I have to leave it due to other work (I don't want to put something on my websites that I do not understand).

GitHub Notification of comment by craigfrancis
Please view or discuss this issue at using your GitHub account

Received on Friday, 17 January 2020 17:40:25 UTC