Building credentials create options

Folder.DotSettings

@@ -0,0 +1,2 @@
+<wpf:ResourceDictionary xml:space="preserve" xmlns:x="http://schemas.microsoft.com/winfx/2006/xaml" xmlns:s="clr-namespace:System;assembly=mscorlib" xmlns:ss="urn:shemas-jetbrains-com:settings-storage-xaml" xmlns:wpf="http://schemas.microsoft.com/winfx/2006/xaml/presentation">
+	<s:Boolean x:Key="/Default/UserDictionary/Words/=Passwordless/@EntryIndexedValue">True</s:Boolean></wpf:ResourceDictionary>

NameTransform.cs

@@ -0,0 +1,10 @@
+namespace Passwordless;
+
+public static class NameTransform
+{
+    public static string ToFileName(string name)
+    {
+        var converted = name.ToLowerInvariant();
+        return Path.GetInvalidFileNameChars().Aggregate(converted, (current, c) => current.Replace(c, '_'));
+    }
+}

Program.cs

@@ -1,4 +1,8 @@
+using System.Text;
 using Fido2NetLib;
+using Fido2NetLib.Objects;
+using Microsoft.AspNetCore.Mvc;
+using Passwordless;
 
 var builder = WebApplication.CreateBuilder(args);
 
@@ -26,16 +30,34 @@ if (app.Environment.IsDevelopment())
 app.UseStaticFiles();
 app.UseHttpsRedirection();
 
-var summaries = new[]
-{
-    "Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
-};
-
-
-app.MapGet("/buildCredentialOptions", (IFido2 fido2) =>
+app.MapGet("/buildCredentialOptions", ([FromQuery] string login, IFido2 fido2) =>
     {
         var data = File.ReadAllText("./data/test.json");
-        return data;
+        var loginDisplay = Encoding.UTF8.GetString(Convert.FromBase64String(login));
+        var loginName = NameTransform.ToFileName(loginDisplay);
+
+        var user = new Fido2User
+        {
+            DisplayName = loginDisplay,
+            Id = Convert.FromBase64String(login),
+            Name = loginName,
+        };
+
+        var authenticatorSelection = new AuthenticatorSelection
+        {
+            UserVerification = UserVerificationRequirement.Discouraged,
+            RequireResidentKey = false,
+        };
+
+        var extensions = new AuthenticationExtensionsClientInputs
+        {
+            Extensions = true,
+            UserVerificationMethod = false,
+        };
+        
+        var options = fido2.RequestNewCredential(user, new List<PublicKeyCredentialDescriptor>(), authenticatorSelection, AttestationConveyancePreference.None, extensions);
+        
+        return options;
     })
     .WithName("BuildCredentialOptions")
     .WithOpenApi();

README.md

@@ -0,0 +1,77 @@
+This is a very basic demo of passwordless authentication in the web, also known as "WebAuthn".
+
+# Overview
+
+# Technical Details
+
+`CredentialCreateOptions` generated by the program looks like this:
+- The algorithm identifiers are defined [in the IANA registry](https://www.iana.org/assignments/cose/cose.xhtml#algorithms)
+```json
+{
+  "rp": {
+    "id": "localhost",
+    "name": "FIDO2 Test"
+  },
+  "user": {
+    "name": "test osteron",
+    "id": "VGVzdCBPc3Rlcm9u",
+    "displayName": "Test Osteron"
+  },
+  "challenge": "UkTN1q5kjoWcHOFTB6AZWQ",
+  "pubKeyCredParams": [
+    {
+      "type": "public-key",
+      "alg": -7
+    },
+    {
+      "type": "public-key",
+      "alg": -257
+    },
+    {
+      "type": "public-key",
+      "alg": -37
+    },
+    {
+      "type": "public-key",
+      "alg": -35
+    },
+    {
+      "type": "public-key",
+      "alg": -258
+    },
+    {
+      "type": "public-key",
+      "alg": -38
+    },
+    {
+      "type": "public-key",
+      "alg": -36
+    },
+    {
+      "type": "public-key",
+      "alg": -259
+    },
+    {
+      "type": "public-key",
+      "alg": -39
+    },
+    {
+      "type": "public-key",
+      "alg": -8
+    }
+  ],
+  "timeout": 60000,
+  "attestation": "none",
+  "authenticatorSelection": {
+    "requireResidentKey": false,
+    "userVerification": "discouraged"
+  },
+  "excludeCredentials": [],
+  "extensions": {
+    "exts": true,
+    "uvm": false
+  },
+  "status": "ok",
+  "errorMessage": ""
+}
+```

requests/buildCredentialOptions.http

@@ -0,0 +1 @@
+GET http://localhost:5172/buildCredentialOptions?login=VGVzdCBPc3Rlcm9u