From 88ef377658e8fbb110bd2c9f7248e732d3231f15 Mon Sep 17 00:00:00 2001 From: peintnermax Date: Tue, 29 Aug 2023 16:37:46 +0200 Subject: [PATCH] passkey fix --- apps/login/app/api/session/route.ts | 5 +-- apps/login/ui/LoginPasskey.tsx | 19 ++++++----- apps/login/utils/session.ts | 51 ++++++++++++++++------------- 3 files changed, 42 insertions(+), 33 deletions(-) diff --git a/apps/login/app/api/session/route.ts b/apps/login/app/api/session/route.ts index 2ca9ee9dd5d..92b2882ae7c 100644 --- a/apps/login/app/api/session/route.ts +++ b/apps/login/app/api/session/route.ts @@ -45,7 +45,7 @@ export async function PUT(request: NextRequest) { const body = await request.json(); if (body) { - const { loginName, password, passkey, authRequestId } = body; + const { loginName, password, webAuthN, authRequestId } = body; const challenges: RequestChallenges = body.challenges; const recentPromise: Promise = loginName @@ -64,12 +64,13 @@ export async function PUT(request: NextRequest) { return recentPromise .then((recent) => { + console.log("setsession", webAuthN); return setSessionAndUpdateCookie( recent.id, recent.token, recent.loginName, password, - passkey, + webAuthN, challenges, authRequestId ).then((session) => { diff --git a/apps/login/ui/LoginPasskey.tsx b/apps/login/ui/LoginPasskey.tsx index cac23437116..5b7c9dcd11d 100644 --- a/apps/login/ui/LoginPasskey.tsx +++ b/apps/login/ui/LoginPasskey.tsx @@ -33,7 +33,7 @@ export default function LoginPasskey({ .then((response) => { console.log(response); const pK = - response.challenges.passkey.publicKeyCredentialRequestOptions + response.challenges.webAuthN.publicKeyCredentialRequestOptions .publicKey; if (pK) { submitLoginAndContinue(pK) @@ -68,7 +68,7 @@ export default function LoginPasskey({ challenges: { webAuthN: { domain: "", - userVerificationRequirement: 2, + userVerificationRequirement: 1, }, }, authRequestId, @@ -85,6 +85,7 @@ export default function LoginPasskey({ async function submitLogin(data: any) { setLoading(true); + console.log(data); const res = await fetch("/api/session", { method: "PUT", headers: { @@ -92,7 +93,7 @@ export default function LoginPasskey({ }, body: JSON.stringify({ loginName, - passkey: data, + webAuthN: { credentialAssertionData: data }, authRequestId, }), }); @@ -127,18 +128,18 @@ export default function LoginPasskey({ }) .then((assertedCredential: any) => { if (assertedCredential) { - let authData = new Uint8Array( + const authData = new Uint8Array( assertedCredential.response.authenticatorData ); - let clientDataJSON = new Uint8Array( + const clientDataJSON = new Uint8Array( assertedCredential.response.clientDataJSON ); - let rawId = new Uint8Array(assertedCredential.rawId); - let sig = new Uint8Array(assertedCredential.response.signature); - let userHandle = new Uint8Array( + const rawId = new Uint8Array(assertedCredential.rawId); + const sig = new Uint8Array(assertedCredential.response.signature); + const userHandle = new Uint8Array( assertedCredential.response.userHandle ); - let data = JSON.stringify({ + const data = JSON.stringify({ id: assertedCredential.id, rawId: coerceToBase64Url(rawId, "rawId"), type: assertedCredential.type, diff --git a/apps/login/utils/session.ts b/apps/login/utils/session.ts index a5f7bd0c17e..d40fc8ec55b 100644 --- a/apps/login/utils/session.ts +++ b/apps/login/utils/session.ts @@ -58,17 +58,16 @@ export async function setSessionAndUpdateCookie( sessionToken: string, loginName: string, password: string | undefined, - passkey: { credentialAssertionData: any } | undefined, + webAuthN: { credentialAssertionData: any } | undefined, challenges: RequestChallenges | undefined, authRequestId: string | undefined ): Promise { - console.log(password, passkey, challenges); return setSession( server, sessionId, sessionToken, password, - passkey, + webAuthN, challenges ).then((updatedSession) => { if (updatedSession) { @@ -83,28 +82,36 @@ export async function setSessionAndUpdateCookie( sessionCookie.authRequestId = authRequestId; } - return getSession(server, sessionCookie.id, sessionCookie.token).then( - (response) => { - if (response?.session && response.session.factors?.user?.loginName) { - const { session } = response; - const newCookie: SessionCookie = { - id: sessionCookie.id, - token: updatedSession.sessionToken, - changeDate: session.changeDate?.toString() ?? "", - loginName: session.factors?.user?.loginName ?? "", - }; + return new Promise((resolve) => setTimeout(resolve, 1000)).then(() => + // TODO: remove + getSession(server, sessionCookie.id, sessionCookie.token).then( + (response) => { + if ( + response?.session && + response.session.factors?.user?.loginName + ) { + const { session } = response; + const newCookie: SessionCookie = { + id: sessionCookie.id, + token: updatedSession.sessionToken, + changeDate: session.changeDate?.toString() ?? "", + loginName: session.factors?.user?.loginName ?? "", + }; - if (sessionCookie.authRequestId) { - newCookie.authRequestId = sessionCookie.authRequestId; + if (sessionCookie.authRequestId) { + newCookie.authRequestId = sessionCookie.authRequestId; + } + + return updateSessionCookie(sessionCookie.id, newCookie).then( + () => { + return { challenges: updatedSession.challenges, ...session }; + } + ); + } else { + throw "could not get session or session does not have loginName"; } - - return updateSessionCookie(sessionCookie.id, newCookie).then(() => { - return { challenges: updatedSession.challenges, ...session }; - }); - } else { - throw "could not get session or session does not have loginName"; } - } + ) ); } else { throw "Session not be set";