passkey, middleware

apps/login/src/app/api/passkeys/verify/route.ts

@@ -18,14 +18,13 @@ export async function POST(request: NextRequest) {
     const session = await getSession(sessionCookie.id, sessionCookie.token);
 
     const userId = session?.session?.factors?.user?.id;
-
     if (userId) {
-      return verifyPasskeyRegistration(
+      return verifyPasskeyRegistration({
         passkeyId,
         passkeyName,
         publicKeyCredential,
         userId,
-      )
+      })
         .then((resp) => {
           return NextResponse.json(resp);
         })

apps/login/src/lib/zitadel.ts

@@ -7,11 +7,11 @@ import {
 } from "@zitadel/client/v2";
 import { createManagementServiceClient } from "@zitadel/client/v1";
 import { createServerTransport } from "@zitadel/node";
-import { GetActiveIdentityProvidersRequest } from "@zitadel/proto/zitadel/settings/v2/settings_service_pb";
 import { Checks } from "@zitadel/proto/zitadel/session/v2/session_service_pb";
 import { RequestChallenges } from "@zitadel/proto/zitadel/session/v2/challenge_pb";
 import {
   RetrieveIdentityProviderIntentRequest,
+  VerifyPasskeyRegistrationRequest,
   VerifyU2FRegistrationRequest,
 } from "@zitadel/proto/zitadel/user/v2/user_service_pb";
 
@@ -19,7 +19,7 @@ import { CreateCallbackRequest } from "@zitadel/proto/zitadel/oidc/v2/oidc_servi
 import { TextQueryMethod } from "@zitadel/proto/zitadel/object/v2/object_pb";
 import type { RedirectURLs } from "@zitadel/proto/zitadel/user/v2/idp_pb";
 import { ProviderSlug } from "./demos";
-import { PlainMessage } from "@zitadel/client";
+import { PartialMessage, PlainMessage } from "@zitadel/client";
 
 const SESSION_LIFETIME_S = 3000;
 
@@ -433,24 +433,10 @@ export async function getActiveIdentityProviders(orgId?: string) {
  * @returns the newly set email
  */
 export async function verifyPasskeyRegistration(
-  passkeyId: string,
-  passkeyName: string,
-  publicKeyCredential:
-    | {
-        [key: string]: any;
-      }
-    | undefined,
-  userId: string,
+  request: PartialMessage<VerifyPasskeyRegistrationRequest>,
 ) {
-  return userService.verifyPasskeyRegistration(
-    {
-      passkeyId,
-      passkeyName,
-      publicKeyCredential,
-      userId,
-    },
-    {},
-  );
+  request.publicKeyCredential = (request.publicKeyCredential as any).toJson();
+  return userService.verifyPasskeyRegistration(request, {});
 }
 
 /**

apps/login/src/middleware.ts

@@ -10,7 +10,7 @@ export const config = {
   ],
 };
 
-const INSTANCE = process.env.ZITADEL_API_URL;
+const INSTANCE = process.env.ZITADEL_API_URL?.replace("https://", "");
 const SERVICE_USER_ID = process.env.ZITADEL_SERVICE_USER_ID as string;
 
 export function middleware(request: NextRequest) {
@@ -18,11 +18,11 @@ export function middleware(request: NextRequest) {
   requestHeaders.set("x-zitadel-login-client", SERVICE_USER_ID);
 
   // this is a workaround for the next.js server not forwarding the host header
-  requestHeaders.set("x-zitadel-forwarded", `host="${request.nextUrl.host}"`);
-  // requestHeaders.set("x-zitadel-public-host", `${request.nextUrl.host}`);
+  // requestHeaders.set("x-zitadel-forwarded", `host="${request.nextUrl.host}"`);
+  requestHeaders.set("x-zitadel-public-host", `${request.nextUrl.host}`);
 
   // this is a workaround for the next.js server not forwarding the host header
-  // requestHeaders.set("x-zitadel-instance-host", `${INSTANCE}`);
+  requestHeaders.set("x-zitadel-instance-host", `${INSTANCE}`);
 
   const responseHeaders = new Headers();
   responseHeaders.set("Access-Control-Allow-Origin", "*");

apps/login/src/ui/RegisterPasskey.tsx

@@ -95,8 +95,6 @@ export default function RegisterPasskey({
         (resp.publicKeyCredentialCreationOptions as CredentialCreationOptions) ??
         {};
 
-      console.log(options);
-
       if (options?.publicKey) {
         options.publicKey.challenge = coerceToArrayBuffer(
           options.publicKey.challenge,
@@ -145,6 +143,7 @@ export default function RegisterPasskey({
                   ),
                 },
               };
+
               return submitVerify(passkeyId, "", data, sessionId).then(() => {
                 const params = new URLSearchParams();