TsgcWSAPIServer_WebAuthn › Events › OnWebAuthnAuthenticationOptionsResponse
Fires after the server has built the PublicKeyCredentialRequestOptions response for /authenticate/begin; lets the application inspect or persist the generated challenge.
property OnWebAuthnAuthenticationOptionsResponse: TsgcWebAuthnOnAuthenticationOptionsResponse;
// TsgcWebAuthnOnAuthenticationOptionsResponse = procedure(Sender: TObject; const aRequest: TsgcWebAuthn_AuthenticationOptions_Request; const aResponse: TsgcWebAuthn_AuthenticationOptions_Response) of object—
Companion to OnWebAuthnAuthenticationOptionsRequest. Fires after the server has built the full PublicKeyCredentialRequestOptions payload (challenge, RP id, user verification, allowCredentials with transports, timeout). Use it to persist the challenge to a shared store in clustered deployments, to audit the emitted options or to expose metrics before the response is serialized to the client.
procedure TForm1.sgcWSAPIServer_WebAuthn1WebAuthnAuthenticationOptionsResponse(
Sender: TObject; const aRequest: TsgcWebAuthn_AuthenticationOptions_Request;
const aResponse: TsgcWebAuthn_AuthenticationOptions_Response);
begin
SaveChallenge(aRequest.User.Name, aResponse.Challenge);
end;