PasswordlessWebLogin/CredentialManager.cs

using System.Text;
using System.Text.Json;
using Fido2NetLib;
using Fido2NetLib.Objects;

namespace Passwordless;

public class CredentialManager
{
    private readonly IFido2 _fido2;
    private readonly JsonSerializerOptions _jsonOptions;

    public CredentialManager(IFido2 fido2)
    {
        _fido2 = fido2;

        _jsonOptions = new JsonSerializerOptions()
        {
            WriteIndented = true,

        };
    }
    
    public CredentialCreateOptions BuildCredentialOptions(string login)
    {
        var loginDisplay = Encoding.UTF8.GetString(Convert.FromBase64String(login));
        var loginName = NameTransform.ToFileName(loginDisplay);

        var user = new Fido2User
        {
            DisplayName = loginDisplay,
            Id = Convert.FromBase64String(login),
            Name = loginName,
        };

        var authenticatorSelection = new AuthenticatorSelection
        {
            UserVerification = UserVerificationRequirement.Discouraged,
            RequireResidentKey = false,
        };

        var extensions = new AuthenticationExtensionsClientInputs
        {
            Extensions = true,
            UserVerificationMethod = false,
        };
        
        var options = _fido2.RequestNewCredential(user, new List<PublicKeyCredentialDescriptor>(), authenticatorSelection, AttestationConveyancePreference.None, extensions);
        
        return options;
    }

    public async Task<Fido2.CredentialMakeResult> RegisterCredential(string login, AuthenticatorAttestationRawResponse attestationResponse)
    {
        // 2. Create callback so that lib can verify credential id is unique to this user
        static Task<bool> Callback(IsCredentialIdUniqueToUserParams args, CancellationToken cancellationToken)
        {
            return Task.FromResult(!File.Exists($"./data/{args.CredentialId}"));
        }

        var options = BuildCredentialOptions(login);

        var success = await _fido2.MakeNewCredentialAsync(attestationResponse, options, Callback);

        if (success.Status == "ok")
        {
            await using var fileStream = File.OpenWrite($"./data/{success.Result!.User.Name}");
            await JsonSerializer.SerializeAsync(fileStream, success.Result, _jsonOptions);
        }
        
        return success;
    }
}