passkey u2f improvements

apps/login/src/lib/server/passkeys.ts

@@ -49,7 +49,12 @@ export async function registerPasskeyLink(
     throw new Error("Could not get session");
   }
   // TODO: add org context
-  const registerLink = await createPasskeyRegistrationLink(userId);
+
+  // use session token to add the passkey
+  const registerLink = await createPasskeyRegistrationLink(
+    userId,
+    sessionCookie.token,
+  );
 
   if (!registerLink.code) {
     throw new Error("Missing code in response");

apps/login/src/lib/server/u2f.ts

@@ -44,7 +44,7 @@ export async function addU2F(command: RegisterU2FCommand) {
     return { error: "Could not get session" };
   }
 
-  return registerU2F(userId, domain);
+  return registerU2F(userId, domain, sessionCookie.token);
 }
 
 export async function verifyU2F(command: VerifyU2FCommand) {

apps/login/src/lib/zitadel.ts

@@ -442,7 +442,6 @@ export function createUser(
   info: IDPInformation,
 ) {
   const userData = PROVIDER_MAPPING[provider](info);
-  console.log("ud", userData);
   return userService.addHumanUser(userData, {});
 }
 
@@ -468,23 +467,15 @@ export async function passwordReset(userId: string) {
  */
 export async function createPasskeyRegistrationLink(
   userId: string,
-  token?: string,
+  token: string,
 ) {
-  // let userService;
-  // if (token) {
-  //   const authConfig: ZitadelServerOptions = {
-  //     name: "zitadel login",
-  //     apiUrl: process.env.ZITADEL_API_URL ?? "",
-  //     token: token,
-  //   };
-  //
-  //   const sessionUser = initializeServer(authConfig);
-  //   userService = user.getUser(sessionUser);
-  // } else {
-  //   userService = user.getUser(server);
-  // }
+  const transport = createServerTransport(token, {
+    baseUrl: process.env.ZITADEL_API_URL!,
+    httpVersion: "2",
+  });
 
-  return userService.createPasskeyRegistrationLink({
+  const service = createUserServiceClient(transport);
+  return service.createPasskeyRegistrationLink({
     userId,
     medium: {
       case: "returnCode",
@@ -499,8 +490,18 @@ export async function createPasskeyRegistrationLink(
  * @param domain the domain on which the factor is registered
  * @returns the newly set email
  */
-export async function registerU2F(userId: string, domain: string) {
-  return userService.registerU2F({
+export async function registerU2F(
+  userId: string,
+  domain: string,
+  token: string,
+) {
+  const transport = createServerTransport(token, {
+    baseUrl: process.env.ZITADEL_API_URL!,
+    httpVersion: "2",
+  });
+
+  const service = createUserServiceClient(transport);
+  return service.registerU2F({
     userId,
     domain,
   });
@@ -550,7 +551,6 @@ export async function registerPasskey(
     userId,
     code,
     domain,
-    // authenticator:
   });
 }
 

apps/login/src/ui/RegisterPasskey.tsx

@@ -139,6 +139,10 @@ export default function RegisterPasskey({
       return;
     }
 
+    continueAndLogin();
+  }
+
+  function continueAndLogin() {
     const params = new URLSearchParams();
 
     if (organization) {
@@ -147,41 +151,11 @@ export default function RegisterPasskey({
 
     if (authRequestId) {
       params.set("authRequestId", authRequestId);
-      params.set("sessionId", sessionId);
-
-      router.push("/passkey?" + params);
-    } else {
-      continueAndLogin();
     }
-  }
 
-  function continueAndLogin() {
-    if (authRequestId) {
-      const params = new URLSearchParams({
-        authRequest: authRequestId,
-      });
+    params.set("sessionId", sessionId);
 
-      if (sessionId) {
-        params.set("sessionId", sessionId);
-      }
-
-      if (organization) {
-        params.set("organization", organization);
-      }
-
-      router.push("/login?" + params);
-    } else {
-      const params = new URLSearchParams();
-
-      if (sessionId) {
-        params.append("sessionId", sessionId);
-      }
-      if (organization) {
-        params.append("organization", organization);
-      }
-
-      router.push("/signedin?" + params);
-    }
+    router.push("/passkey?" + params);
   }
 
   return (