원클릭으로
webauthn-contract-tests
How to lock WebAuthn begin-ceremony API response shapes against browser/client challenge mismatches
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
How to lock WebAuthn begin-ceremony API response shapes against browser/client challenge mismatches
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
Reuse the shared museum tray renderer across authenticated and public coin presentations.
Extend existing coin share cards with feature-specific context without duplicating renderers.
How to test GORM many-to-many relationships with join tables that have custom timestamp fields (beyond CreatedAt/UpdatedAt)
| name | webauthn-contract-tests |
| description | How to lock WebAuthn begin-ceremony API response shapes against browser/client challenge mismatches |
| domain | api-design |
| confidence | high |
| source | earned |
Use this when changing WebAuthn/passkey registration or login endpoints. Browser APIs are strict about where challenge, rpId, and credential IDs live, and schema wrapper mismatches can appear as missing challenge data on Safari/PWA clients.
options.challenge is non-empty when the API contract says options is passed to navigator.credentials.get({ publicKey: options }).rpId and at least one allowCredentials entry in the regression to catch credential loading or base64url encoding regressions.See src/api/handlers/webauthn_test.go:
TestWebAuthnHandlerLoginBeginReturnsRequestOptionsWithChallengeTestWebAuthnHandlerLoginFinishExpiredSessionTestWebAuthnHandlerLoginFinishMissingSessionBeginLogin returns HTTP 200; that can still hide a missing or incorrectly nested challenge.CredentialAssertion wrapper under another options key unless the frontend explicitly expects options.publicKey.challenge.