Add cancel feature to web authenticator (#876)

0xsend · Nov 20, 2024 · 396a3ae · 396a3ae
1 parent 7c039b9
commit 396a3ae
Show file tree

Hide file tree

Showing 2 changed files with 59 additions and 0 deletions.
diff --git a/packages/webauthn-authenticator/src/web-authenticator.ts b/packages/webauthn-authenticator/src/web-authenticator.ts
@@ -125,6 +125,15 @@ function generateAssertionObject(
 
 export class Authenticator {
   public readonly credentials: Record<string, WebauthnCredential> = {}
+  private cancelNext = false
+
+  private throwNotAllowedError() {
+    throw {
+      name: 'NotAllowedError',
+      message: 'The operation either timed out or was not allowed.',
+      constructor: { name: 'DOMException' },
+    }
+  }
 
   /**
    * Creates a new public key credential to be used for WebAuthn attestations and assertions.
@@ -180,6 +189,12 @@ export class Authenticator {
     credentialOptions: CredentialCreationOptionsSerialized
   ): Promise<PublicKeyCredentialAttestationSerialized> {
     log('createPublicKeyCredential', credentialOptions)
+
+    if (this.cancelNext) {
+      this.cancelNext = false
+      this.throwNotAllowedError()
+    }
+
     const credOptsPubKey = credentialOptions.publicKey
     if (
       !credOptsPubKey ||
@@ -240,6 +255,12 @@ export class Authenticator {
    */
   async getPublicKeyCredential(credentialRequestOptions: CredentialRequestOptionsSerialized) {
     log('getPublicKeyCredential', credentialRequestOptions)
+
+    if (this.cancelNext) {
+      this.cancelNext = false
+      this.throwNotAllowedError()
+    }
+
     const credReqOptsPubKey = credentialRequestOptions.publicKey
     const clientDataJSON = {
       type: 'webauthn.get',
@@ -286,4 +307,8 @@ export class Authenticator {
 
     return credentialResponse
   }
+
+  cancelNextOperation() {
+    this.cancelNext = true
+  }
 }
diff --git a/packages/webauthn-authenticator/test/index.test.ts b/packages/webauthn-authenticator/test/index.test.ts
@@ -106,6 +106,23 @@ M2r/eobZPWzLAuuKhc4rKm6jQJtExXSvmg==
 
         verifyAssertion({ cred: cred2, testBytes, keyPair })
       })
+
+      it('should throw exception after calling cancelNextOperation', async () => {
+        const { Authenticator } = await import('../src')
+
+        const authenticator = new Authenticator()
+        authenticator.cancelNextOperation()
+
+        await expect(
+          authenticator.createPublicKeyCredential({} as CredentialCreationOptionsSerialized)
+        ).rejects.toThrowError('The operation either timed out or was not allowed.')
+
+        authenticator.cancelNextOperation()
+
+        await expect(
+          authenticator.getPublicKeyCredential({} as CredentialRequestOptionsSerialized)
+        ).rejects.toThrowError('The operation either timed out or was not allowed.')
+      })
     })
 
     describe('without mock', () => {
@@ -196,6 +213,23 @@ M2r/eobZPWzLAuuKhc4rKm6jQJtExXSvmg==
 
         verifyAssertion({ cred: cred2, testBytes, keyPair })
       })
+
+      it('should throw exception after calling cancelNextOperation', async () => {
+        const { Authenticator } = await import('../src')
+
+        const authenticator = new Authenticator()
+        authenticator.cancelNextOperation()
+
+        await expect(
+          authenticator.createPublicKeyCredential({} as CredentialCreationOptionsSerialized)
+        ).rejects.toThrowError('The operation either timed out or was not allowed.')
+
+        authenticator.cancelNextOperation()
+
+        await expect(
+          authenticator.getPublicKeyCredential({} as CredentialRequestOptionsSerialized)
+        ).rejects.toThrowError('The operation either timed out or was not allowed.')
+      })
     })
   })
 })