transactionConfirmationData property Null safety
The transaction confirmation data, if any, to be presented to the user for verification.
If this data is present, data must be presented to the user before authenticating.
Basic implementation layout:
@override
void selectAuthenticator(
AuthenticatorSelectionContext context,
AuthenticatorSelectionHandler handler,
) {
if (context.transactionConfirmationData != null) {
showTransactionMessage(context.transactionConfirmationData!,
userConfirmed: (userConfirmed) {
if (userConfirmed) {
selectAuthenticator(context, handler);
}
else {
// Cancel the operation if the transaction was rejected
handler.cancel();
}
});
} else {
// No transaction confirmation,
// just proceed to authenticator selection
selectAuthenticator(context, handler);
}
}
void _showTransactionMessage(String transactionConfirmationData,
Handler<Boolean> confirmationHandler) {
// Display the transaction confirmation data and ask the user to
// confirm it. Then invoke confirmationHandler with the result of
// the confirmation:
// confirmationHandler.accept(confirmation);
}
Note that in the case of registration or authentication not involving transaction confirmation, this is typically empty and thus, it does not require handling.
The contents are the base64 URL decoded contents of the Transaction as described in the FIDO UAF specification.
Implementation
String? get transactionConfirmationData;