fix webauthn flow, idp flow

2025-12-12 06:42:59 +00:00 · 2023-08-21 17:00:29 +02:00
parent e301f6a198
commit ead206a188
4 changed files with 19 additions and 17 deletions
--- a/apps/login/app/api/idp/start/route.ts
+++ b/apps/login/app/api/idp/start/route.ts
@@ -6,7 +6,13 @@ export async function POST(request: NextRequest) {
  if (body) {
    let { idpId, successUrl, failureUrl } = body;
-    return startIdentityProviderFlow(server, { idpId, successUrl, failureUrl })
+    return startIdentityProviderFlow(server, {
      idpId,
      urls: {
        successUrl,
        failureUrl,
      },
    })
      .then((resp) => {
        return NextResponse.json(resp);
      })
--- a/apps/login/lib/zitadel.ts
+++ b/apps/login/lib/zitadel.ts
@@ -22,7 +22,6 @@ import {
  SetSessionResponse,
  DeleteSessionResponse,
  VerifyPasskeyRegistrationResponse,
  ChallengeKind,
  LoginSettings,
  GetLoginSettingsResponse,
  ListAuthenticationMethodTypesResponse,
@@ -34,6 +33,7 @@ import {
  GetAuthRequestRequest,
  CreateCallbackRequest,
  CreateCallbackResponse,
  RequestChallenges,
 } from "@zitadel/server";
 export const zitadelConfig: ZitadelServerOptions = {
@@ -100,9 +100,8 @@ export async function getPasswordComplexitySettings(
 export async function createSession(
  server: ZitadelServer,
  loginName: string,
  domain: string,
  password: string | undefined,
-  challenges: ChallengeKind[] | undefined
+  challenges: RequestChallenges
 ): Promise<CreateSessionResponse | undefined> {
  const sessionService = session.getSession(server);
  return password
@@ -110,12 +109,12 @@ export async function createSession(
        {
          checks: { user: { loginName }, password: { password } },
          challenges,
          domain,
        },
        {}
      )
    : sessionService.createSession(
-        { checks: { user: { loginName } }, domain },
+        { checks: { user: { loginName } }, challenges },
        {}
      );
 }
@@ -124,19 +123,18 @@ export async function setSession(
  server: ZitadelServer,
  sessionId: string,
  sessionToken: string,
  domain: string | undefined,
  password: string | undefined,
-  passkey: { credentialAssertionData: any } | undefined,
+  webAuthN: { credentialAssertionData: any } | undefined,
-  challenges: ChallengeKind[] | undefined
+  challenges: RequestChallenges
 ): Promise<SetSessionResponse | undefined> {
  const sessionService = session.getSession(server);
-  const payload = { sessionId, sessionToken, challenges, domain };
+  const payload = { sessionId, sessionToken, challenges };
  return password
    ? sessionService.setSession(
        {
          ...payload,
-          checks: { password: { password }, passkey },
+          checks: { password: { password }, webAuthN },
        },
        {}
      )
@@ -206,14 +204,13 @@ export async function addHumanUser(
 export async function startIdentityProviderFlow(
  server: ZitadelServer,
-  { idpId, successUrl, failureUrl }: StartIdentityProviderFlowRequest
+  { idpId, urls }: StartIdentityProviderFlowRequest
 ): Promise<StartIdentityProviderFlowResponse> {
  const userService = user.getUser(server);
  return userService.startIdentityProviderFlow({
    idpId,
-    successUrl,
+    urls,
    failureUrl,
  });
 }
--- a/apps/login/ui/LoginPasskey.tsx
+++ b/apps/login/ui/LoginPasskey.tsx
@@ -2,7 +2,6 @@
 import { useEffect, useRef, useState } from "react";
 import { useRouter } from "next/navigation";
 import { Challenges_Passkey } from "@zitadel/server";
 import { coerceToArrayBuffer, coerceToBase64Url } from "#/utils/base64";
 import { Button, ButtonVariants } from "./Button";
 import Alert from "./Alert";
--- a/packages/zitadel-server/src/index.ts
+++ b/packages/zitadel-server/src/index.ts
@@ -20,9 +20,9 @@ export {
 } from "./proto/server/zitadel/settings/v2alpha/login_settings";
 export {
-  ChallengeKind,
+  RequestChallenges,
  Challenges,
-  Challenges_Passkey,
+  Challenges_WebAuthN,
 } from "./proto/server/zitadel/session/v2alpha/challenge";
 export {