fixes Docs: Outdated client.authenticate() Response in V2 Documenta…

…tion #63
passwordless-id · Jul 30, 2024 · cc46eee · cc46eee
1 parent 5f34cc9
commit cc46eee
Showing 1 changed file with 15 additions and 7 deletions.
diff --git a/docs/authentication.md b/docs/authentication.md
@@ -32,7 +32,7 @@ sequenceDiagram
 1️⃣ Requesting challenge
 ------------------------
 
-The challenge is basically a [nonce](https://en.wikipedia.org/wiki/nonce) to avoid replay attacks.
+The challenge is basically a [nonce](https://en.wikipedia.org/wiki/nonce) to avoid replay attacks. It should be a byte array encoded as *base64url* string.
 
 ```
 const challenge = /* request it from server */
@@ -50,7 +50,7 @@ import { client } from '@passwordless-id/webauthn'
 
 const authentication = await client.authenticate({
   /* Required */
-  challenge: "A server-side randomly generated string",
+  challenge: "A server-side randomly generated byte array as base64url encoded",
   /* Optional */
   allowCredentials: ["credential-id-1", "credential-id-2"],
   timeout: 60000
@@ -62,7 +62,8 @@ The following options are available.
 
 | option | default | description |
 |--------|---------|-------------|
-| `timeout` | 60000 | Number of milliseconds the user has to respond to the biometric/PIN check. *(Default: 60000)*
+| `challenge` | - | Random byte array as *base64url* encoded.
+| `timeout` | - | Number of milliseconds the user has to respond to the biometric/PIN check.
 | `userVerification`| `preferred` | Whether the user verification (using local authentication like fingerprint, PIN, etc.) is `required`, `preferred` or `discouraged`.
 | `hints` | `[]` | Which device to use as authenticator, by order of preference. Possible values: `client-device`, `security-key`, `hybrid` (delegate to smartphone).
 | `domain` | `window.location.hostname` | By default, the current domain name is used. Also known as "relying party id". You may want to customize it for ...
@@ -78,10 +79,17 @@ The authentication payload will look like this:
 
 ```json
 {
-  "credentialId": "3924HhJdJMy_svnUowT8eoXrOOO6NLP8SK85q2RPxdU",
-  "authenticatorData": "SZYN5YgOjGh0NBcPZHZgW4_krrmihjLHmVzzuoMdl2MFAAAAAQ==",
-  "clientData": "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiNTY1MzViMTMtNWQ5My00MTk0LWEyODItZjIzNGMxYzI0NTAwIiwib3JpZ2luIjoiaHR0cDovL2xvY2FsaG9zdDo4MDgwIiwiY3Jvc3NPcmlnaW4iOmZhbHNlLCJvdGhlcl9rZXlzX2Nhbl9iZV9hZGRlZF9oZXJlIjoiZG8gbm90IGNvbXBhcmUgY2xpZW50RGF0YUpTT04gYWdhaW5zdCBhIHRlbXBsYXRlLiBTZWUgaHR0cHM6Ly9nb28uZ2wveWFiUGV4In0=",
-  "signature": "MEUCIAqtFVRrn7q9HvJCAsOhE3oKJ-Hb4ISfjABu4lH70MKSAiEA666slmop_oCbmNZdc-QemTv2Rq4g_D7UvIhWT_vVp8M="
+  "clientExtensionResults": {},
+  "id": "XZg7VBiVGFZzHmC4OrTXNQ",
+  "rawId": "XZg7VBiVGFZzHmC4OrTXNQ==",
+  "type": "public-key",
+  "authenticatorAttachment": "platform",
+  "response": {
+    "authenticatorData": "T7IIVvJKaufa_CeBCQrIR3rm4r0HJmAjbMYUxvt8LqAdAAAAAA==",
+    "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiYmYxOWQ3ZjktZjk3ZS00NjEyLTg0MjYtNDYwZTExZmExOTBmIiwib3JpZ2luIjoiaHR0cHM6Ly93ZWJhdXRobi5wYXNzd29yZGxlc3MuaWQiLCJjcm9zc09yaWdpbiI6ZmFsc2V9",
+    "signature": "MEYCIQC1FA7k7j7zf50ar9STzkanna16IkZdIYHwLNeWYWxCRwIhAITEOUcqnMC9_EHmjRxzoq3K-Titr3nWSZKY9n1yC_cL",
+    "userHandle": "ZDUzMGYxMGQtZmI2ZS00ZjdkLTgzMTMtZWQ5N2QzYTU2ZDQ4"
+  }
 }
 ```