Begin adding spc extension

Author: fdennis

webauthn-server-core/src/main/java/com/yubico/webauthn/data/AssertionExtensionInputs.java

@@ -57,17 +57,20 @@ public class AssertionExtensionInputs implements ExtensionInputs {
   private final AppId appid;
   private final Extensions.LargeBlob.LargeBlobAuthenticationInput largeBlob;
   private final Extensions.Prf.PrfAuthenticationInput prf;
+  private final Extensions.Spc.SpcAuthenticationInput spc;
   private final Boolean uvm;
 
   @JsonCreator
   private AssertionExtensionInputs(
       @JsonProperty("appid") AppId appid,
       @JsonProperty("largeBlob") Extensions.LargeBlob.LargeBlobAuthenticationInput largeBlob,
       @JsonProperty("prf") Extensions.Prf.PrfAuthenticationInput prf,
+      @JsonProperty("spc") Extensions.Spc.SpcAuthenticationInput spc,
       @JsonProperty("uvm") Boolean uvm) {
     this.appid = appid;
     this.largeBlob = largeBlob;
     this.prf = prf;
+    this.spc = spc;
     this.uvm = (uvm != null && uvm) ? true : null;
   }
 
@@ -83,6 +86,7 @@ public AssertionExtensionInputs merge(AssertionExtensionInputs other) {
         this.appid != null ? this.appid : other.appid,
         this.largeBlob != null ? this.largeBlob : other.largeBlob,
         this.prf != null ? this.prf : other.prf,
+        this.spc != null ? this.spc : other.spc,
         this.uvm != null ? this.uvm : other.uvm);
   }
 
@@ -103,6 +107,9 @@ public Set<String> getExtensionIds() {
     if (prf != null) {
       ids.add(Extensions.Prf.EXTENSION_ID);
     }
+    if (spc != null) {
+      ids.add(Extensions.Spc.EXTENSION_ID);
+    }
     if (getUvm()) {
       ids.add(Extensions.Uvm.EXTENSION_ID);
     }
@@ -212,6 +219,21 @@ public AssertionExtensionInputsBuilder prf(Extensions.Prf.PrfAuthenticationInput
       return this;
     }
 
+    /**
+     * Enable the Secure Payment Confirmation extension (<code>spc</code>).
+     *
+     * <p>This extension indicates that a credential is either being created for or used for Secure
+     * Payment Confirmation, respectively.
+     *
+     * @see <a
+     *     href="https://www.w3.org/TR/secure-payment-confirmation/#sctn-payment-extension-registration">§5.
+     *     Secure Payment Confirmation extension (SPC)</a>
+     */
+    public AssertionExtensionInputsBuilder spc(Extensions.Spc.SpcAuthenticationInput spc) {
+      this.spc = spc;
+      return this;
+    }
+
     /**
      * Enable the User Verification Method Extension (<code>uvm</code>).
      *
@@ -299,6 +321,41 @@ private Extensions.Prf.PrfAuthenticationInput getPrfJson() {
         : null;
   }
 
+  /**
+   * The input to the Secure Payment Confirmation extension (<code>spc</code>), if any.
+   *
+   * <p>This extension indicates that a credential is either being created for or used for Secure
+   * Payment Confirmation, respectively.
+   *
+   * @since 2.7.0
+   * @see Extensions.Prf.PrfAuthenticationInput#eval(Extensions.Prf.PrfValues)
+   * @see Extensions.Prf.PrfAuthenticationInput#evalByCredential(Map)
+   * @see Extensions.Prf.PrfAuthenticationInput#evalByCredentialWithFallback(Map,
+   *     Extensions.Prf.PrfValues)
+   * @see <a href="https://www.w3.org/TR/2025/WD-webauthn-3-20250127/#prf-extension">§10.1.4.
+   *     Pseudo-random function extension (prf)</a>
+   */
+  public Optional<Extensions.Spc.SpcAuthenticationInput> getSpc() {
+    return Optional.ofNullable(spc);
+  }
+
+  /** For JSON serialization, to omit false and null values. */
+  @JsonProperty("spc")
+  private Extensions.Spc.SpcAuthenticationInput getSpcJson() {
+    return spc != null
+            && (spc.getIsPayment()
+                || spc.getBrowserBoundPubKeyCredParams().isPresent()
+                || spc.getRpId().isPresent()
+                || spc.getTopOrigin().isPresent()
+                || spc.getPayeeName().isPresent()
+                || spc.getPayeeOrigin().isPresent()
+                || spc.getPaymentEntitiesLogos().isPresent()
+                || spc.getTotal().isPresent()
+                || spc.getInstrument().isPresent())
+        ? spc
+        : null;
+  }
+
   /**
    * @return <code>true</code> if the User Verification Method Extension (<code>uvm</code>) is
    *     enabled, <code>false</code> otherwise.

webauthn-server-core/src/main/java/com/yubico/webauthn/data/ClientAssertionExtensionOutputs.java

@@ -68,14 +68,18 @@ public class ClientAssertionExtensionOutputs implements ClientExtensionOutputs {
 
   private final Extensions.Prf.PrfAuthenticationOutput prf;
 
+  private final Extensions.Spc.SpcAuthenticationOutput spc;
+
   @JsonCreator
   private ClientAssertionExtensionOutputs(
       @JsonProperty("appid") Boolean appid,
       @JsonProperty("largeBlob") Extensions.LargeBlob.LargeBlobAuthenticationOutput largeBlob,
-      @JsonProperty("prf") Extensions.Prf.PrfAuthenticationOutput prf) {
+      @JsonProperty("prf") Extensions.Prf.PrfAuthenticationOutput prf,
+      @JsonProperty("spc") Extensions.Spc.SpcAuthenticationOutput spc) {
     this.appid = appid;
     this.largeBlob = largeBlob;
     this.prf = prf;
+    this.spc = spc;
   }
 
   @Override
@@ -91,6 +95,9 @@ public Set<String> getExtensionIds() {
     if (prf != null) {
       ids.add(Extensions.Prf.EXTENSION_ID);
     }
+    if (spc != null) {
+      ids.add(Extensions.Spc.EXTENSION_ID);
+    }
     return ids;
   }
 
@@ -135,6 +142,20 @@ public Optional<Extensions.Prf.PrfAuthenticationOutput> getPrf() {
     return Optional.ofNullable(prf);
   }
 
+  /**
+   * The extension output for the <a
+   * href="https://www.w3.org/TR/secure-payment-confirmation/#sctn-payment-extension-registration">Secure
+   * Payment Confirmation extension (<code>spc</code>)</a>, if any.
+   *
+   * @see com.yubico.webauthn.data.Extensions.Spc.SpcAuthenticationOutput
+   * @see <a
+   *     href="https://www.w3.org/TR/secure-payment-confirmation/#sctn-payment-extension-registration">§5.
+   *     Secure Payment Confirmation extension (SPC)</a>
+   */
+  public Optional<Extensions.Prf.PrfAuthenticationOutput> getSpc() {
+    return Optional.ofNullable(prf);
+  }
+
   public static class ClientAssertionExtensionOutputsBuilder {
 
     /**

webauthn-server-core/src/main/java/com/yubico/webauthn/data/ClientRegistrationExtensionOutputs.java

@@ -60,17 +60,21 @@ public class ClientRegistrationExtensionOutputs implements ClientExtensionOutput
 
   private final Extensions.Prf.PrfRegistrationOutput prf;
 
+  private final Extensions.Spc.SpcRegistrationOutput spc;
+
   @JsonCreator
   private ClientRegistrationExtensionOutputs(
       @JsonProperty("appidExclude") Boolean appidExclude,
       @JsonProperty("credProps")
           Extensions.CredentialProperties.CredentialPropertiesOutput credProps,
       @JsonProperty("largeBlob") Extensions.LargeBlob.LargeBlobRegistrationOutput largeBlob,
-      @JsonProperty("prf") Extensions.Prf.PrfRegistrationOutput prf) {
+      @JsonProperty("prf") Extensions.Prf.PrfRegistrationOutput prf,
+      @JsonProperty("spc") Extensions.Spc.SpcRegistrationOutput spc) {
     this.appidExclude = appidExclude;
     this.credProps = credProps;
     this.largeBlob = largeBlob;
     this.prf = prf;
+    this.spc = spc;
   }
 
   @Override
@@ -89,6 +93,9 @@ public Set<String> getExtensionIds() {
     if (prf != null) {
       ids.add(Extensions.Prf.EXTENSION_ID);
     }
+    if (spc != null) {
+      ids.add(Extensions.Spc.EXTENSION_ID);
+    }
     return ids;
   }
 
@@ -148,4 +155,18 @@ public Optional<Extensions.LargeBlob.LargeBlobRegistrationOutput> getLargeBlob()
   public Optional<Extensions.Prf.PrfRegistrationOutput> getPrf() {
     return Optional.ofNullable(prf);
   }
+
+  /**
+   * The extension output for the <a
+   * href="https://www.w3.org/TR/secure-payment-confirmation/#sctn-payment-extension-registration">Secure
+   * Payment Confirmation (<code>spc</code>) extension</a>, if any.
+   *
+   * @see com.yubico.webauthn.data.Extensions.Spc.SpcRegistrationOutput
+   * @see <a
+   *     href="https://www.w3.org/TR/secure-payment-confirmation/#sctn-payment-extension-registration">§5.
+   *     Secure Payment Confirmation extension (SPC)</a>
+   */
+  public Optional<Extensions.Spc.SpcRegistrationOutput> getSpc() {
+    return Optional.ofNullable(spc);
+  }
 }