rename webauthn to passkey

README.md

@@ -9,7 +9,7 @@ A collection of auth-related utilities, including:
 - `oslo/jwt`: Create and verify JWTs
 - `oslo/oauth2`: OAuth2 helpers
 - `oslo/otp`: HOTP, TOTP
-- `oslo/webauthn`: Verify Web Authentication API attestations and assertions
+- `oslo/passkey`: Verify Web Authentication API attestations and assertions for passkeys
 
 It's lightweight, runtime-agnostic, and fully typed.
 

docs/malta.config.json

@@ -15,7 +15,7 @@
 				["oslo/jwt", "/reference/jwt"],
 				["oslo/oauth2", "/reference/oauth2"],
 				["oslo/otp", "/reference/otp"],
-				["oslo/webauthn", "/reference/webauthn"]
+				["oslo/passkey", "/reference/passkey"]
 			]
 		},
 		{

docs/pages/index.md

@@ -13,7 +13,7 @@ A collection of auth-related utilities, including:
 - `oslo/jwt`: Create and verify JWTs
 - `oslo/oauth2`: OAuth2 helpers
 - `oslo/otp`: HOTP, TOTP
-- `oslo/webauthn`: Verify Web Authentication API attestations and assertions
+- `oslo/passkey`: Verify Web Authentication API attestations and assertions for passkeys
 
 It's lightweight, runtime-agnostic, and fully typed.
 

docs/pages/reference/passkey/PasskeyController/index.md

@@ -0,0 +1,22 @@
+---
+title: "PasskeyController"
+---
+
+# `PasskeyController`
+
+Provides methods for validating WebAuthn attestation and assertion responses for passkeys. Supports ES256 (algorithm id `-7`) and RS256 (algorithm id `-257`).
+
+## Constructor
+
+```ts
+function constructor(origin: string): this;
+```
+
+### Parameters
+
+- `origin`: Where the frontend is hosted (full url)
+
+## Methods
+
+- [`validateAssertionResponse()`](/reference/passkey/PasskeyController/validateAssertionResponse)
+- [`validateAttestationResponse()`](/reference/passkey/PasskeyController/validateAttestationResponse)

docs/pages/reference/webauthn/WebAuthnController/validateAssertionResponse.md → docs/pages/reference/passkey/PasskeyController/validateAssertionResponse.md

@@ -1,19 +1,19 @@
 ---
-title: "WebAuthnController.validateAssertionResponse()"
+title: "PasskeyController.validateAssertionResponse()"
 ---
 
-# `WebAuthnController.validateAssertionResponse()`
+# `PasskeyController.validateAssertionResponse()`
 
 Validates a WebAuthn assertion response, including the signature. Supports ES256 (algorithm id `-7`) and RS256 (algorithm id `-257`). Throws an error on invalid response.
 
 ## Definition
 
 ```ts
-//$ AssertionResponse=/reference/webauthn/AssertionResponse
+//$ WebAuthnAssertionResponse=/reference/passkey/WebAuthnAssertionResponse
 function validateAssertionResponse(
 	algorithm: "ES256" | "RS256",
 	publicKey: Uint8Array,
-	response: $$AssertionResponse,
+	response: $$WebAuthnAssertionResponse,
 	challenge: Uint8Array
 ): Promise<void>;
 ```
@@ -28,15 +28,15 @@ function validateAssertionResponse(
 ## Example
 
 ```ts
-//$ AssertionResponse=/reference/webauthn/AssertionResponse
-//$ webAuthnController=/reference/webauthn/WebAuthnController
+//$ WebAuthnAssertionResponse=/reference/passkey/WebAuthnAssertionResponse
+//$ passkeyController=/reference/passkey/PasskeyController
 try {
-	const response: $$AssertionResponse = {
+	const response: $$WebAuthnAssertionResponse = {
 		clientDataJSON,
 		authenticatorData,
 		signature
 	};
-	await $$webAuthnController.validateAssertionResponse("ES256", publicKey, response, challenge);
+	await $$passkeyController.validateAssertionResponse("ES256", publicKey, response, challenge);
 } catch {
 	// failed to validate
 }

docs/pages/reference/passkey/PasskeyController/validateAttestationResponse.md

@@ -0,0 +1,38 @@
+---
+title: "PasskeyController.validateAssertionResponse()"
+---
+
+# `PasskeyController.validateAttestationResponse()`
+
+Validates a WebAuthn attestation response, including the signature, but not the attestation certificate. Throws an error on invalid response.
+
+## Definition
+
+```ts
+//$ WebAuthnAttestationResponse=/reference/passkey/WebAuthnAttestationResponse
+function validateAttestationResponse(
+	response: $$WebAuthnAttestationResponse,
+	challenge: Uint8Array
+): Promise<void>;
+```
+
+### Parameters
+
+- `response`: Attestation response
+- `challenge`: Challenge used for creating the signature
+
+## Example
+
+```ts
+//$ WebAuthnAttestationResponse=/reference/passkey/WebAuthnAttestationResponse
+//$ passkeyController=/reference/passkey/PasskeyController
+try {
+	const response: $$WebAuthnAttestationResponse = {
+		clientDataJSON,
+		authenticatorData
+	};
+	await $$passkeyController.validateAttestationResponse(response, challenge);
+} catch {
+	// failed to validate
+}
+```

docs/pages/reference/webauthn/AssertionResponse.md → docs/pages/reference/passkey/WebAuthnAssertionResponse.md

@@ -1,15 +1,15 @@
 ---
-title: "AssertionResponse"
+title: "WebAuthnAssertionResponse"
 ---
 
-# `AssertionResponse`
+# `WebAuthnAssertionResponse`
 
 Represents a WebAuthn assertion response.
 
 ## Definition
 
 ```ts
-interface AssertionResponse {
+interface WebAuthnAssertionResponse {
 	clientDataJSON: Uint8Array;
 	authenticatorData: Uint8Array;
 	signature: Uint8Array;

docs/pages/reference/webauthn/AttestationResponse.md → docs/pages/reference/passkey/WebAuthnAttestationResponse.md

@@ -1,15 +1,15 @@
 ---
-title: "AttestationResponse"
+title: "WebAuthnAttestationResponse"
 ---
 
-# `AttestationResponse`
+# `WebAuthnAttestationResponse`
 
 Represents a WebAuthn attestation response.
 
 ## Definition
 
 ```ts
-interface AttestationResponse {
+interface WebAuthnAttestationResponse {
 	clientDataJSON: Uint8Array;
 	authenticatorData: Uint8Array;
 }

docs/pages/reference/passkey/index.md

@@ -0,0 +1,16 @@
+---
+title: "oslo/passkey"
+---
+
+# `oslo/passkey`
+
+Provides utilities for working with passkeys using the Web Authentication API.
+
+## Classes
+
+- [`PasskeyController`](/reference/passkey/PasskeyController)
+
+## Interfaces
+
+- [`WebAuthnAssertionResponse`](/reference/passkey/WebAuthnAssertionResponse)
+- [`WebAuthnAttestationResponse`](/reference/passkey/WebAuthnAttestationResponse)

package.json

@@ -24,7 +24,7 @@
 		"./jwt": "./dist/jwt/index.js",
 		"./oauth2": "./dist/oauth2/index.js",
 		"./otp": "./dist/otp/index.js",
-		"./webauthn": "./dist/webauthn/index.js"
+		"./passkey": "./dist/passkey/index.js"
 	},
 	"typesVersions": {
 		"*": {
@@ -52,8 +52,8 @@
 			"otp": [
 				"dist/otp/index.d.ts"
 			],
-			"webauthn": [
-				"dist/webauthn/index.d.ts"
+			"passkey": [
+				"dist/passkey/index.d.ts"
 			]
 		}
 	},
@@ -63,6 +63,7 @@
 		"jwt",
 		"crypto",
 		"webauthn",
+		"passkey",
 		"otp",
 		"encoding",
 		"auth",
@@ -84,9 +85,5 @@
 		"prettier": "^3.0.3",
 		"typescript": "^5.2.2",
 		"vitest": "^0.34.6"
-	},
-	"dependencies": {
-		"@node-rs/argon2": "1.7.0",
-		"@node-rs/bcrypt": "1.9.0"
 	}
 }

src/webauthn/index.ts → src/passkey/index.ts

@@ -2,25 +2,25 @@ import { base64url } from "../encoding/index.js";
 import { compareBytes, concatenateBytes } from "../binary/index.js";
 import { ECDSA, RSASSAPKCS1v1_5, sha256 } from "../crypto/index.js";
 
-export interface AttestationResponse {
+export interface WebAuthnAttestationResponse {
 	clientDataJSON: Uint8Array;
 	authenticatorData: Uint8Array;
 }
 
-export interface AssertionResponse {
+export interface WebAuthnAssertionResponse {
 	clientDataJSON: Uint8Array;
 	authenticatorData: Uint8Array;
 	signature: Uint8Array;
 }
 
-export class WebAuthnController {
+export class PasskeyController {
 	private originURL: URL;
 	constructor(origin: string) {
 		this.originURL = new URL(origin);
 	}
 
 	public async validateAttestationResponse(
-		response: AttestationResponse,
+		response: WebAuthnAttestationResponse,
 		challenge: Uint8Array
 	): Promise<void> {
 		const validClientDataJSON = this.verifyClientDataJSON(
@@ -41,7 +41,7 @@ export class WebAuthnController {
 	public async validateAssertionResponse(
 		algorithm: "ES256" | "RS256",
 		publicKey: Uint8Array,
-		response: AssertionResponse,
+		response: WebAuthnAssertionResponse,
 		challenge: Uint8Array
 	): Promise<void> {
 		const validClientDataJSON = this.verifyClientDataJSON(