Let's add the references to the WebAuthn API documentation in the README.md.

FingerprintNg

This project was generated with Angular CLI version 16.1.4.

Development server

Run ng serve --ssl for a dev server with HTTPS. Navigate to https://localhost:4200/. The application will automatically reload if you change any of the source files.

Code scaffolding

Run ng generate component component-name to generate a new component. You can also use ng generate directive|pipe|service|class|guard|interface|enum|module.

Build

Run ng build to build the project. The build artifacts will be stored in the dist/ directory.

Running unit tests

Run ng test to execute the unit tests via Karma.

Running end-to-end tests

Run ng e2e to execute the end-to-end tests via a platform of your choice. To use this command, you need to first add a package that implements end-to-end testing capabilities.

WebAuthn API and Our Service

What is WebAuthn?

Web Authentication (WebAuthn) is a web standard published by the World Wide Web Consortium (W3C). It enables strong authentication by using public key cryptography instead of passwords. WebAuthn allows users to authenticate using biometric methods (fingerprint, facial recognition), security keys, or device PINs.

Key Objects and Their Meanings

PublicKeyCredentialCreationOptions

This object is used during the registration (creation) process. It includes:

• challenge: A random value generated by the server to ensure the response is fresh and unique.
• rp: Information about the relying party (your app), like name and ID.
• user: Information about the user, including a unique ID, name, and display name.
• pubKeyCredParams: An array of allowed public key algorithms.
• authenticatorSelection: Criteria to select the appropriate authenticator, such as attachment type and user verification level.

PublicKeyCredentialRequestOptions

This object is used during the authentication (request) process. It includes:

• challenge: A random value generated by the server to ensure the response is fresh and unique.
• allowCredentials: An array of allowed credentials for the user.
• userVerification: Specifies whether user verification is required.

WebAuthn Service Implementation

The WebAuthn service manages the registration and authentication processes using the WebAuthn API.

webauthn.service.ts

import { Injectable } from '@angular/core';

@Injectable({
  providedIn: 'root'
})
export class WebAuthnService {

  constructor() { }

  // Utility function to generate a random challenge
  private generateRandomBuffer(length: number): Uint8Array {
    const randomBuffer = new Uint8Array(length);
    window.crypto.getRandomValues(randomBuffer);
    return randomBuffer;
  }

  async register() {
    const challenge = this.generateRandomBuffer(32);

    const publicKey: PublicKeyCredentialCreationOptions = {
      challenge: challenge,
      rp: {
        name: "YourApp"
      },
      user: {
        id: this.generateRandomBuffer(16),
        name: "[email protected]",
        displayName: "User"
      },
      pubKeyCredParams: [{
        type: "public-key",
        alg: -7
      }],
      authenticatorSelection: {
        authenticatorAttachment: "platform",
        userVerification: "required"
      },
      timeout: 60000,
      attestation: "direct"
    };

    try {
      const credential = await navigator.credentials.create({ publicKey }) as PublicKeyCredential;
      this.storeCredential(credential, challenge);
      return credential;
    } catch (err) {
      console.error("Registration failed", err);
      throw err;
    }
  }

  async authenticate() {
    const storedCredential = this.getStoredCredential();
    if (!storedCredential) {
      throw new Error("No stored credential found");
    }

    const publicKey: PublicKeyCredentialRequestOptions = {
      challenge: new Uint8Array(storedCredential.challenge),
      allowCredentials: [{
        id: new Uint8Array(storedCredential.rawId),
        type: "public-key"
      }],
      userVerification: "required",
      timeout: 60000
    };

    try {
      const credential = await navigator.credentials.get({ publicKey }) as PublicKeyCredential;
      return credential;
    } catch (err) {
      console.error("Authentication failed", err);
      throw err;
    }
  }

  private storeCredential(credential: PublicKeyCredential, challenge: Uint8Array) {
    const credentialData = {
      rawId: Array.from(new Uint8Array(credential.rawId)),
      challenge: Array.from(challenge)
    };
    localStorage.setItem('webauthn_credential', JSON.stringify(credentialData));
  }

  private getStoredCredential(): any {
    const storedCredential = localStorage.getItem('webauthn_credential');
    return storedCredential ? JSON.parse(storedCredential) : null;
  }
}

AppComponent

Handles the registration and authentication process and provides user feedback.

app.component.ts

import { Component } from '@angular/core';
import { WebAuthnService } from './services/webauthn.service';

@Component({
  selector: 'app-root',
  template: `
    <div>
      <h1>Fingerprint Authentication</h1>
      <button (click)="register()">Register Fingerprint</button>
      <button (click)="login()">Login with Fingerprint</button>
      <p *ngIf="message" [ngClass]="{'success': isSuccess, 'error': !isSuccess}">{{ message }}</p>
    </div>
  `,
  styles: [`
    .success {
      color: green;
    }
    .error {
      color: red;
    }
    button {
      margin: 10px;
      padding: 10px;
      font-size: 16px;
    }
    p {
      margin: 10px;
      font-size: 16px;
    }
  `]
})
export class AppComponent {
  message: string | null = null;
  isSuccess: boolean = false;

  constructor(private webAuthnService: WebAuthnService) { }

  async register() {
    try {
      const credential = await this.webAuthnService.register();
      this.message = "Registration successful!";
      this.isSuccess = true;
    } catch (err) {
      this.message = "Registration failed. Please try again.";
      this.isSuccess = false;
    }
  }

  async login() {
    try {
      const credential = await this.webAuthnService.authenticate();
      this.message = "Authentication successful!";
      this.isSuccess = true;
    } catch (err) {
      this.message = "Authentication failed. Please try again.";
      this.isSuccess = false;
    }
  }
}

app.module.ts

Ensure the module is properly configured with the necessary components and services.

import { NgModule } from '@angular/core';
import { BrowserModule } from '@angular/platform-browser';
import { AppComponent } from './app.component';
import { WebAuthnService } from './services/webauthn.service';

@NgModule({
  declarations: [
    AppComponent
  ],
  imports: [
    BrowserModule
  ],
  providers: [WebAuthnService],
  bootstrap: [AppComponent]
})
export class AppModule { }

References

• PublicKeyCredentialCreationOptions: MDN Web Docs
• PublicKeyCredentialRequestOptions: MDN Web Docs
• Web Authentication API: MDN Web Docs
• Web Authentication: An API for accessing Public Key Credentials - Level 1: W3C Recommendation

Further help

To get more help on the Angular CLI use ng help or go check out the Angular CLI Overview and Command Reference page.

Conclusion

This documentation provides an overview of how to implement fingerprint authentication using the WebAuthn API in an Angular application. It includes key concepts, the WebAuthn service implementation, and a unified AppComponent for registration and authentication.