if (navigator.credentials && window.PublicKeyCredential) {
const available = await window.PublicKeyCredential.isUserVerifyingPlatformAuthenticatorAvailable();
if (available) {
const newCredentialInfo = await navigator.credentials.create(options);
var response = newCredentialInfo.response;
var clientExtensionsResults = newCredentialInfo.getClientExtensionResults();
alert(JSON.stringify(response))
alert(JSON.stringify(clientExtensionsResults));
}
else {
alert("Unsupported");
}
}
gives me to use private key only (usb or smthg. But if I use this options.publicKey with JavaScript and html, everything is ok. It offers me to use FaveID to auth, but response is empty.
My options are
{"rp":{"id":"https://im-faceid.netlify.app","name":"netlify.app"},"user":{"id":{"0":97,"1":87,"2":120,"3":53,"4":89,"5":87,"6":49,"7":118,"8":99,"9":109,"10":82,"11":104,"12":99,"13":50,"14":57,"15":50},"name":"test","displayName":"Test User"},"challenge":{"0":79,"1":72,"2":78,"3":122,"4":101,"5":71,"6":86,"7":111},"pubKeyCredParams":[{"type":"public-key","alg":-7}],"authenticatorSelection":{"authenticatorAttachment":"platform","requireResidentKey":false,"userVerification":"required"},"attestation":"none","timeout":15000}
I see you're calling
navigator.credentials.create()in your<App />component'scomponentDidMount(). macOS and iOS Safari both require that WebAuthn API calls that want to use Touch ID must be made as a result of a "user gesture":See Apple's introduction of their support for WebAuthn for more guidance: https://webkit.org/blog/11312/meet-face-id-and-touch-id-for-the-web/
If you update your React code to move the logic that calls
navigator.credentials.create()into, say, a button click handler, you'll be able to use Face ID. It'll require you click a button to trigger WebAuthn instead of just loading the page, but that's the reality of working with WebAuthn on an Apple OS.