feat(webauthn): session messagepack support

go.mod

@@ -12,10 +12,12 @@ require (
 	github.com/google/uuid v1.6.0
 	github.com/mitchellh/mapstructure v1.5.0
 	github.com/stretchr/testify v1.10.0
+	github.com/tinylib/msgp v1.3.0
 )
 
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
+	github.com/philhofer/fwd v1.1.3-0.20240916144458-20a13a1f6b7c // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	golang.org/x/crypto v0.38.0 // indirect

go.sum

@@ -12,10 +12,14 @@ github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
 github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
 github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
+github.com/philhofer/fwd v1.1.3-0.20240916144458-20a13a1f6b7c h1:dAMKvw0MlJT1GshSTtih8C2gDs04w8dReiOGXrGLNoY=
+github.com/philhofer/fwd v1.1.3-0.20240916144458-20a13a1f6b7c/go.mod h1:RqIHx9QI14HlwKwm98g9Re5prTQ6LdeRQn+gXJFxsJM=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA=
 github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
+github.com/tinylib/msgp v1.3.0 h1:ULuf7GPooDaIlbyvgAxBV/FI7ynli6LZ1/nVUNu+0ww=
+github.com/tinylib/msgp v1.3.0/go.mod h1:ykjzy2wzgrlvpDCRc4LA8UXy6D8bzMSuAF3WD57Gok0=
 github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM=
 github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg=
 golang.org/x/crypto v0.38.0 h1:jt+WWG8IZlBnVbomuhg2Mdq0+BBQaHbtqHEFEigjUV8=

protocol/options.go

@@ -1,9 +1,5 @@
 package protocol
 
-import (
-	"github.com/go-webauthn/webauthn/protocol/webauthncose"
-)
-
 type CredentialCreation struct {
 	Response  PublicKeyCredentialCreationOptions `json:"publicKey"`
 	Mediation CredentialMediationRequirement     `json:"mediation,omitempty"`
@@ -73,13 +69,6 @@ type CredentialDescriptor struct {
 	AttestationType string `json:"-"`
 }
 
-// CredentialParameter is the credential type and algorithm
-// that the relying party wants the authenticator to create.
-type CredentialParameter struct {
-	Type      CredentialType                       `json:"type"`
-	Algorithm webauthncose.COSEAlgorithmIdentifier `json:"alg"`
-}
-
 // CredentialType represents the PublicKeyCredentialType IDL and is used with the CredentialDescriptor IDL.
 //
 // This enumeration defines the valid credential types. It is an extension point; values can be added to it in the

protocol/options_credparam.go

@@ -0,0 +1,14 @@
+package protocol
+
+import "github.com/go-webauthn/webauthn/protocol/webauthncose"
+
+//go:generate msgp
+//msgp:replace CredentialType with:string
+//msgp:replace webauthncose.COSEAlgorithmIdentifier with:int
+
+// CredentialParameter is the credential type and algorithm
+// that the relying party wants the authenticator to create.
+type CredentialParameter struct {
+	Type      CredentialType                       `json:"type" msg:"type"`
+	Algorithm webauthncose.COSEAlgorithmIdentifier `json:"alg" msg:"alg"`
+}

webauthn/session.go

@@ -0,0 +1,25 @@
+package webauthn
+
+import (
+	"time"
+
+	"github.com/go-webauthn/webauthn/protocol"
+)
+
+//go:generate msgp
+//msgp:replace protocol.UserVerificationRequirement with:string
+//msgp:replace protocol.AuthenticationExtensions with:map[string]any
+
+// SessionData is the data that should be stored by the Relying Party for the duration of the web authentication
+// ceremony.
+type SessionData struct {
+	Challenge            string    `json:"challenge" msg:"challenge"`
+	RelyingPartyID       string    `json:"rpId" msg:"rpid"`
+	UserID               []byte    `json:"user_id" msg:"uid"`
+	AllowedCredentialIDs [][]byte  `json:"allowed_credentials,omitempty" msg:"allowed"`
+	Expires              time.Time `json:"expires" msg:"exp"`
+
+	UserVerification protocol.UserVerificationRequirement `json:"userVerification" msg:"uv"`
+	Extensions       protocol.AuthenticationExtensions    `json:"extensions,omitempty" msg:"ext"`
+	CredParams       []protocol.CredentialParameter       `json:"credParams,omitempty" msg:"params"`
+}