webauthn-json.jswebauthn-json library (a lightweight client-side WebAuthn wrapper) adapted for use in ProjectForge's U2F/FIDO2 authentication flow. This library simplifies the Web Authentication API by handling the conversion between the browser's native ArrayBuffer-based credential objects and their JSON-serializable representations — a critical bridge since WebAuthn credentials use binary buffers that don't survive JSON.stringify. The file bundles a base64url codec, a recursive schema-driven type converter, and a comprehensive type schema defining the shapes of PublicKeyCredentialCreationOptions and PublicKeyCredentialRequestOptions.The file inlines four conceptual modules originally from the webauthn-json npm package:
Base64url Codec — base64urlToBuffer and bufferToBase64url convert between ArrayBuffer instances and URL-safe base64 strings. Since WebAuthn rawId, challenge, and user.id are binary ArrayBuffer values, they must be encoded as base64url strings for JSON transmission to the server.
Recursive Schema Converter — The convert function is the engine. It walks a schema tree with three node types: "copy" (pass through unchanged), "convert" (apply the transformation function, e.g., base64url encoding), and Object/Array (recurse into children). Schema fields can also declare deriveFn hooks that compute values from the input, and required/optional flags for validation.
Schema Definitions — Declared as plain JS objects: credentialCreationOptions, publicKeyCredentialWithAttestation (for registration), credentialRequestOptions, and publicKeyCredentialWithAssertion (for authentication). Each schema specifies which fields are copied, converted, derived, or optional.
Public API — Four functions: create(requestJSON) calls navigator.credentials.create() with converted options; get(requestJSON) calls navigator.credentials.get(); schema exports the schema definitions; supported() feature-detects WebAuthn availability.
This file provides the high-level schema-driven approach. The companion webauthn.js (file #2762) provides a lower-level, hand-written alternative that ProjectForge's actual authentication components use. Both exist in the codebase as the WebAuthn integration was explored through multiple approaches — the vendored library approach and the hand-rolled approach — before settling on the custom implementation in webauthn.js.
| Commit | What changed |
|---|---|
5865c2cd1 | Added the entire 190-line webauthn-json.js file as a single commit. This was the initial WebAuthn work-in-progress: the vendored webauthn-json library was brought in as a reference implementation while the team explored client-side WebAuthn integration. The file has eslint-disable at the top, indicating it was treated as external code not subject to the project's linting rules. |