Input Loading
In general, the data you receive is an encoded JSON object. The library provides utilities to convert the string into objects.
To do so, you will need an Attestation Statement Support Manager and a Serializer.
Attestation Statement Support Manager
Authenticator Responses may contain an Attestation Statement. This attestation holds data regarding the authenticator depending on several factors such as its manufacturer and model, what you asked in the options, the capabilities of the browser or what the user allowed.
Supported Attestation Statement Types
The following attestation types are supported. Note that you should only use the none
one unless you have specific needs described in the dedicated page.
none
: no attestation is provided.fido-u2f
: for non-FIDO2 compatible devices (old FIDO / U2F security tokens).packed
: generally used by authenticators with limited resources (e.g. secure elements). It uses a very compact but still extensible encoding method.android key
: commonly used by old or disconnected Android devices.trusted platform module
: for devices with built-in security chips.apple
: for Apple devices
The Serializer
To convert Authenticator Responses from the encoded string to an object, you will need a Serializer. It only needs the Attestation Statement Support Manager created above.
Please do not use json_encode
or json_decode
to convert this data either way.
Loading Data
In general, the data you receive looks like as follows.
Only this type of input is supported. If you receive other forms of data, please contact us.
If the data is correctly loaded, the variable $publicKeyCredential
will be an instance of Webauthn\PublicKeyCredential
. An exception is thrown in case of an error.
At this stage, the data is not verified.
Last updated