feat(webauthn): implement WebAuthn.enable CDP call

ed-lepedus-thenvoi · claude · ed-lepedus-thenvoi · commit ce3a0eddbb2d · 2026-01-24T09:13:58.000Z
The webauthn_enable tool now actually calls the CDP WebAuthn.enable
command, enabling the virtual authenticator environment.

Test verifies this by successfully adding a virtual authenticator
after calling the tool.

Co-Authored-By: Claude Opus 4.5 &lt;noreply@anthropic.com&gt;
diff --git a/src/tools/webauthn.ts b/src/tools/webauthn.ts
@@ -4,6 +4,8 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
+import type {CDPSession} from '../third_party/index.js';
+
 import {ToolCategory} from './categories.js';
 import {defineTool} from './ToolDefinition.js';
 
@@ -15,8 +17,11 @@ export const enableWebAuthn = defineTool({
     readOnlyHint: false,
   },
   schema: {},
-  handler: async (_request, response, _context) => {
-    // Skeleton - does nothing yet
-    response.appendResponseLine('WebAuthn enabled');
+  handler: async (_request, response, context) => {
+    const page = context.getSelectedPage();
+    // @ts-expect-error _client is internal Puppeteer API
+    const session = page._client() as CDPSession;
+    await session.send('WebAuthn.enable');
+    response.appendResponseLine('WebAuthn virtual authenticator environment enabled.');
   },
 });
diff --git a/tests/tools/webauthn.test.ts b/tests/tools/webauthn.test.ts
@@ -12,11 +12,25 @@ import {withMcpContext} from '../utils.js';
 
 describe('webauthn', () => {
   describe('webauthn_enable', () => {
-    it('can be called without error', async () => {
+    it('enables WebAuthn so virtual authenticators can be added', async () => {
       await withMcpContext(async (response, context) => {
         await enableWebAuthn.handler({params: {}}, response, context);
-        // If we get here without error, the tool exists and can be called
-        assert.ok(true);
+
+        // Verify WebAuthn is enabled by successfully adding a virtual authenticator
+        // This will fail if WebAuthn.enable wasn't called
+        const page = context.getSelectedPage();
+        // @ts-expect-error _client is internal Puppeteer API
+        const session = page._client();
+        const result = await session.send('WebAuthn.addVirtualAuthenticator', {
+          options: {
+            protocol: 'ctap2',
+            transport: 'internal',
+            hasResidentKey: true,
+            hasUserVerification: true,
+            isUserVerified: true,
+          },
+        });
+        assert.ok(result.authenticatorId, 'Should return authenticator ID');
       });
     });
   });
