diff --git a/Sources/WebAuthn/Ceremonies/Authentication/PublicKeyCredentialRequestOptions.swift b/Sources/WebAuthn/Ceremonies/Authentication/PublicKeyCredentialRequestOptions.swift index 81340ed..737d905 100644 --- a/Sources/WebAuthn/Ceremonies/Authentication/PublicKeyCredentialRequestOptions.swift +++ b/Sources/WebAuthn/Ceremonies/Authentication/PublicKeyCredentialRequestOptions.swift @@ -70,20 +70,25 @@ public struct PublicKeyCredentialRequestOptions: Encodable, Sendable { public struct PublicKeyCredentialDescriptor: Equatable, Encodable, Sendable { /// Defines hints as to how clients might communicate with a particular authenticator in order to obtain an /// assertion for a specific credential - public enum AuthenticatorTransport: String, Equatable, Encodable, Sendable { + public struct AuthenticatorTransport: UnreferencedStringEnumeration, Sendable { + public var rawValue: String + public init(_ rawValue: String) { + self.rawValue = rawValue + } + /// Indicates the respective authenticator can be contacted over removable USB. - case usb + public static let usb: Self = "usb" /// Indicates the respective authenticator can be contacted over Near Field Communication (NFC). - case nfc + public static let nfc: Self = "nfc" /// Indicates the respective authenticator can be contacted over Bluetooth Smart (Bluetooth Low Energy / BLE). - case ble + public static let ble: Self = "ble" /// Indicates the respective authenticator can be contacted using a combination of (often separate) /// data-transport and proximity mechanisms. This supports, for example, authentication on a desktop /// computer using a smartphone. - case hybrid + public static let hybrid: Self = "hybrid" /// Indicates the respective authenticator is contacted using a client device-specific transport, i.e., it is /// a platform authenticator. These authenticators are not removable from the client device. - case `internal` + public static let `internal`: Self = "internal" } /// Will always be ``CredentialType/publicKey`` @@ -124,13 +129,18 @@ public struct PublicKeyCredentialDescriptor: Equatable, Encodable, Sendable { /// The Relying Party may require user verification for some of its operations but not for others, and may use this /// type to express its needs. -public enum UserVerificationRequirement: String, Encodable, Sendable { +public struct UserVerificationRequirement: UnreferencedStringEnumeration, Sendable { + public var rawValue: String + public init(_ rawValue: String) { + self.rawValue = rawValue + } + /// The Relying Party requires user verification for the operation and will fail the overall ceremony if the /// user wasn't verified. - case required + public static let required: Self = "required" /// The Relying Party prefers user verification for the operation if possible, but will not fail the operation. - case preferred + public static let preferred: Self = "preferred" /// The Relying Party does not want user verification employed during the operation (e.g., in the interest of /// minimizing disruption to the user interaction flow). - case discouraged + public static let discouraged: Self = "discouraged" } diff --git a/Sources/WebAuthn/Ceremonies/Authentication/VerifiedAuthentication.swift b/Sources/WebAuthn/Ceremonies/Authentication/VerifiedAuthentication.swift index 723b777..b86c043 100644 --- a/Sources/WebAuthn/Ceremonies/Authentication/VerifiedAuthentication.swift +++ b/Sources/WebAuthn/Ceremonies/Authentication/VerifiedAuthentication.swift @@ -15,9 +15,14 @@ import Foundation /// On successful authentication, this structure contains a summary of the authentication flow public struct VerifiedAuthentication: Sendable { - public enum CredentialDeviceType: String, Sendable { - case singleDevice = "single_device" - case multiDevice = "multi_device" + public struct CredentialDeviceType: UnreferencedStringEnumeration, Sendable { + public var rawValue: String + public init(_ rawValue: String) { + self.rawValue = rawValue + } + + public static let singleDevice: Self = "single_device" + public static let multiDevice: Self = "multi_device" } /// The credential id associated with the public key diff --git a/Sources/WebAuthn/Ceremonies/Registration/AttestationConveyancePreference.swift b/Sources/WebAuthn/Ceremonies/Registration/AttestationConveyancePreference.swift index 770af12..630962c 100644 --- a/Sources/WebAuthn/Ceremonies/Registration/AttestationConveyancePreference.swift +++ b/Sources/WebAuthn/Ceremonies/Registration/AttestationConveyancePreference.swift @@ -14,10 +14,15 @@ /// Options to specify the Relying Party's preference regarding attestation conveyance during credential generation. /// /// Currently only supports `none`. -public enum AttestationConveyancePreference: String, Encodable, Sendable { +public struct AttestationConveyancePreference: UnreferencedStringEnumeration, Sendable { + public var rawValue: String + public init(_ rawValue: String) { + self.rawValue = rawValue + } + /// Indicates the Relying Party is not interested in authenticator attestation. - case none - // case indirect - // case direct - // case enterprise + public static let none: Self = "none" +// public static let indirect: Self = "indirect" +// public static let direct: Self = "direct" +// public static let enterprise: Self = "enterprise" } diff --git a/Sources/WebAuthn/Ceremonies/Registration/AttestationFormat.swift b/Sources/WebAuthn/Ceremonies/Registration/AttestationFormat.swift index 521fd38..b8ce2d0 100644 --- a/Sources/WebAuthn/Ceremonies/Registration/AttestationFormat.swift +++ b/Sources/WebAuthn/Ceremonies/Registration/AttestationFormat.swift @@ -11,12 +11,17 @@ // //===----------------------------------------------------------------------===// -public enum AttestationFormat: String, RawRepresentable, Equatable, Sendable { - case packed - case tpm - case androidKey = "android-key" - case androidSafetynet = "android-safetynet" - case fidoU2F = "fido-u2f" - case apple - case none +public struct AttestationFormat: UnreferencedStringEnumeration, Sendable { + public var rawValue: String + public init(_ rawValue: String) { + self.rawValue = rawValue + } + + public static let packed: Self = "packed" + public static let tpm: Self = "tpm" + public static let androidKey: Self = "android-key" + public static let androidSafetynet: Self = "android-safetynet" + public static let fidoU2F: Self = "fido-u2f" + public static let apple: Self = "apple" + public static let none: Self = "none" } diff --git a/Sources/WebAuthn/Ceremonies/Registration/AuthenticatorAttestationResponse.swift b/Sources/WebAuthn/Ceremonies/Registration/AuthenticatorAttestationResponse.swift index 52999cd..b12d3b7 100644 --- a/Sources/WebAuthn/Ceremonies/Registration/AuthenticatorAttestationResponse.swift +++ b/Sources/WebAuthn/Ceremonies/Registration/AuthenticatorAttestationResponse.swift @@ -64,10 +64,10 @@ struct ParsedAuthenticatorAttestationResponse { throw WebAuthnError.invalidAuthData } guard let formatCBOR = decodedAttestationObject["fmt"], - case let .utf8String(format) = formatCBOR, - let attestationFormat = AttestationFormat(rawValue: format) else { + case let .utf8String(format) = formatCBOR else { throw WebAuthnError.invalidFmt } + let attestationFormat = AttestationFormat(format) guard let attestationStatement = decodedAttestationObject["attStmt"] else { throw WebAuthnError.missingAttStmt diff --git a/Sources/WebAuthn/Ceremonies/Shared/CollectedClientData.swift b/Sources/WebAuthn/Ceremonies/Shared/CollectedClientData.swift index 88ca7f3..0cad465 100644 --- a/Sources/WebAuthn/Ceremonies/Shared/CollectedClientData.swift +++ b/Sources/WebAuthn/Ceremonies/Shared/CollectedClientData.swift @@ -22,9 +22,14 @@ public struct CollectedClientData: Codable, Hashable, Sendable { case originDoesNotMatch } - public enum CeremonyType: String, Codable, Sendable { - case create = "webauthn.create" - case assert = "webauthn.get" + public struct CeremonyType: UnreferencedStringEnumeration, Sendable { + public var rawValue: String + public init(_ rawValue: String) { + self.rawValue = rawValue + } + + public static let create: Self = "webauthn.create" + public static let assert: Self = "webauthn.get" } /// Contains the string "webauthn.create" when creating new credentials,