Merge pull request #64 from swift-server/sendable

Add Sendable Annotations

Author: 0xTim

Package.swift

@@ -37,10 +37,15 @@ let package = Package(
                 .product(name: "Crypto", package: "swift-crypto"),
                 .product(name: "_CryptoExtras", package: "swift-crypto"),
                 .product(name: "Logging", package: "swift-log"),
-            ]
+            ],
+            swiftSettings: [.enableExperimentalFeature("StrictConcurrency=complete")]
         ),
-        .testTarget(name: "WebAuthnTests", dependencies: [
-            .target(name: "WebAuthn")
-        ])
+        .testTarget(
+            name: "WebAuthnTests",
+            dependencies: [
+                .target(name: "WebAuthn")
+            ],
+            swiftSettings: [.enableExperimentalFeature("StrictConcurrency=complete")]
+        )
     ]
 )

Sources/WebAuthn/Ceremonies/Authentication/AuthenticationCredential.swift

@@ -17,7 +17,7 @@ import Foundation
 /// The unprocessed response received from `navigator.credentials.get()`.
 ///
 /// When decoding using `Decodable`, the `rawID` is decoded from base64url to bytes.
-public struct AuthenticationCredential {
+public struct AuthenticationCredential: Sendable {
     /// The credential ID of the newly created credential.
     public let id: URLEncodedBase64
 

Sources/WebAuthn/Ceremonies/Authentication/AuthenticatorAssertionResponse.swift

@@ -18,7 +18,7 @@ import Crypto
 /// This is what the authenticator device returned after we requested it to authenticate a user.
 ///
 /// When decoding using `Decodable`, byte arrays are decoded from base64url to bytes.
-public struct AuthenticatorAssertionResponse {
+public struct AuthenticatorAssertionResponse: Sendable {
     /// Representation of what we passed to `navigator.credentials.get()`
     ///
     /// When decoding using `Decodable`, this is decoded from base64url to bytes.
@@ -69,7 +69,7 @@ extension AuthenticatorAssertionResponse: Decodable {
     }
 }
 
-struct ParsedAuthenticatorAssertionResponse {
+struct ParsedAuthenticatorAssertionResponse: Sendable {
     let rawClientData: [UInt8]
     let clientData: CollectedClientData
     let rawAuthenticatorData: [UInt8]

Sources/WebAuthn/Ceremonies/Authentication/PublicKeyCredentialRequestOptions.swift

@@ -19,7 +19,7 @@ import Foundation
 /// When encoding using `Encodable`, the byte arrays are encoded as base64url.
 ///
 /// - SeeAlso: https://www.w3.org/TR/webauthn-2/#dictionary-assertion-options
-public struct PublicKeyCredentialRequestOptions: Encodable {
+public struct PublicKeyCredentialRequestOptions: Encodable, Sendable {
     /// A challenge that the authenticator signs, along with other data, when producing an authentication assertion
     ///
     /// When encoding using `Encodable` this is encoded as base64url.
@@ -68,10 +68,10 @@ public struct PublicKeyCredentialRequestOptions: Encodable {
 /// Information about a generated credential.
 ///
 /// When encoding using `Encodable`, `id` is encoded as base64url.
-public struct PublicKeyCredentialDescriptor: Equatable, Encodable {
+public struct PublicKeyCredentialDescriptor: Equatable, Encodable, Sendable {
     /// Defines hints as to how clients might communicate with a particular authenticator in order to obtain an
     /// assertion for a specific credential
-    public enum AuthenticatorTransport: String, Equatable, Encodable {
+    public enum AuthenticatorTransport: String, Equatable, Encodable, Sendable {
         /// Indicates the respective authenticator can be contacted over removable USB.
         case usb
         /// Indicates the respective authenticator can be contacted over Near Field Communication (NFC).
@@ -125,7 +125,7 @@ public struct PublicKeyCredentialDescriptor: Equatable, Encodable {
 
 /// The Relying Party may require user verification for some of its operations but not for others, and may use this
 /// type to express its needs.
-public enum UserVerificationRequirement: String, Encodable {
+public enum UserVerificationRequirement: String, Encodable, Sendable {
     /// The Relying Party requires user verification for the operation and will fail the overall ceremony if the
     /// user wasn't verified.
     case required

Sources/WebAuthn/Ceremonies/Authentication/VerifiedAuthentication.swift

@@ -15,8 +15,8 @@
 import Foundation
 
 /// On successful authentication, this structure contains a summary of the authentication flow
-public struct VerifiedAuthentication {
-    public enum CredentialDeviceType: String {
+public struct VerifiedAuthentication: Sendable {
+    public enum CredentialDeviceType: String, Sendable {
         case singleDevice = "single_device"
         case multiDevice = "multi_device"
     }

Sources/WebAuthn/Ceremonies/Registration/PublicKeyCredentialCreationOptions.swift

@@ -119,7 +119,7 @@ public struct PublicKeyCredentialRelyingPartyEntity: Encodable {
  /// creating a new credential.
  ///
  /// When encoding using `Encodable`, `id` is base64url encoded.
-public struct PublicKeyCredentialUserEntity: Encodable {
+public struct PublicKeyCredentialUserEntity: Encodable, Sendable {
     /// Generated by the Relying Party, unique to the user account, and must not contain personally identifying
     /// information about the user.
     ///

Sources/WebAuthn/Ceremonies/Shared/AuthenticatorAttachment.swift

@@ -18,7 +18,7 @@
 /// - SeeAlso: [WebAuthn Level 3 Editor's Draft §5.4.5. Authenticator Attachment Enumeration (enum AuthenticatorAttachment)](https://w3c.github.io/webauthn/#enum-attachment)
 /// - SeeAlso: [WebAuthn Level 3 Editor's Draft §6.2.1. Authenticator Attachment Modality](https://w3c.github.io/webauthn/#sctn-authenticator-attachment-modality)
 ///
-public struct AuthenticatorAttachment: UnreferencedStringEnumeration {
+public struct AuthenticatorAttachment: UnreferencedStringEnumeration, Sendable {
     public var rawValue: String
     public init(_ rawValue: String) {
         self.rawValue = rawValue

Sources/WebAuthn/Ceremonies/Shared/AuthenticatorData.swift

@@ -18,7 +18,7 @@ import SwiftCBOR
 
 /// Data created and/ or used by the authenticator during authentication/ registration.
 /// The data contains, for example, whether a user was present or verified.
-struct AuthenticatorData: Equatable {
+struct AuthenticatorData: Equatable, Sendable {
     let relyingPartyIDHash: [UInt8]
     let flags: AuthenticatorFlags
     let counter: UInt32

Sources/WebAuthn/Ceremonies/Shared/AuthenticatorFlags.swift

@@ -12,7 +12,7 @@
 //
 //===----------------------------------------------------------------------===//
 
-struct AuthenticatorFlags: Equatable {
+struct AuthenticatorFlags: Equatable, Sendable {
 
     /**
      Taken from https://w3c.github.io/webauthn/#sctn-authenticator-data

Sources/WebAuthn/Ceremonies/Shared/COSE/COSEAlgorithmIdentifier.swift

@@ -18,7 +18,7 @@ import Crypto
 /// COSEAlgorithmIdentifier From §5.10.5. A number identifying a cryptographic algorithm. The algorithm
 /// identifiers SHOULD be values registered in the IANA COSE Algorithms registry
 /// [https://www.w3.org/TR/webauthn/#biblio-iana-cose-algs-reg], for instance, -7 for "ES256" and -257 for "RS256".
-public enum COSEAlgorithmIdentifier: Int, RawRepresentable, CaseIterable, Encodable {
+public enum COSEAlgorithmIdentifier: Int, RawRepresentable, CaseIterable, Encodable, Sendable {
     /// AlgES256 ECDSA with SHA-256
 	case algES256 = -7
 	/// AlgES384 ECDSA with SHA-384