Create params

To start

This section explain you how to create the json to send to the client browser.

First of all, you need to instantiate the client

<?php
use Svgta\WebAuthn\client;
$webauthn = new client();

To process

As for registration, you have to give your Relaying Party, ex : 

$webauthn->rp->set(
    name: 'My wonderful project',
);

AllowCredentials : now, give all credentials ID (credential.id) of the devices saved for the user : 

$webauthn->allowCredentials->add(
    id: "O1kSf7QDZGYUcZXpMdRFM...",
    type: "public-key",
);

$webauthn->allowCredentials->add(
    id: "other key",
    type: "public-key",
);

Then, you will get the parameters to send with : 

header('Content-Type: application/json; charset=utf-8');
echo $webauthn->authenticate()->toJson();

You will get something like that : 

{
    "challenge": "35Ph_rnJbr4OZd...",
    "rpId": "myproject.tld",
    "userVerification": "preferred",
    "allowCredentials": [
        {
            "type": "public-key",
            "id": "O1kSf7QDZGYUcZXpMdRFM..."
        }
    ],
    "timeout": 300000
}

Set userVerification

By default, user verification is set to "preferred". You can force it with : 

// ...
$webauthn->userVerification->required();
// OR
$webauthn->userVerification->discouraged();
// OR (default)
$webauthn->userVerification->preferred();
//...
header('Content-Type: application/json; charset=utf-8');
echo $webauthn->authenticate()->toJson();

Anonymous authentication

You can do an anonymous authentication (without knowing the user before the process). In this case :

  • In the registration phase you needed :

    • force the userVerification to required

    • force the residentKey to required

  • In authentication phase :

    • You can't give any allowCredentials

    • You need to force the userVerification to required

Full authentication example : 

<?php
use Svgta\WebAuthn\client;
$webauthn = new client();
$webauthn->rp->set(
    name: 'My wonderful project',
);
$webauthn->userVerification->required();
header('Content-Type: application/json; charset=utf-8');
echo $webauthn->authenticate()->toJson();

Json sent : 

{
    "challenge": "6_kySRZQWsVBYCizNa...",
    "rpId": "myproject.tld",
    "userVerification": "required",
    "timeout": 300000
}
PreviousIntroductionNextCallback

Last updated