summaryrefslogtreecommitdiffhomepage
path: root/packages/browser/src/methods
diff options
context:
space:
mode:
authorMatthew Miller <matthew@millerti.me>2021-04-15 21:37:46 -0700
committerMatthew Miller <matthew@millerti.me>2021-04-15 21:37:46 -0700
commit1a4c8ab2ab4bcb27b83b2be6d8d0fddaaa56ba50 (patch)
tree947b86bcaf959b17b134e966b8bd979992d0f5c3 /packages/browser/src/methods
parent032e8cb32467c140e945dd71b868828b9fb4a259 (diff)
Convert assertion userHandle back to UTF-8 string
This is the opposite of how `user.id` is converted to an ArrayBuffer prior to being passed into `navigator.credentials.create()`, so when this value is returned to the RP in an assertion it will now look like the string value originally specified in attestation options, instead of the base64url-encoded version of that string “for some reason”.
Diffstat (limited to 'packages/browser/src/methods')
-rw-r--r--packages/browser/src/methods/startAssertion.test.ts2
-rw-r--r--packages/browser/src/methods/startAssertion.ts3
2 files changed, 3 insertions, 2 deletions
diff --git a/packages/browser/src/methods/startAssertion.test.ts b/packages/browser/src/methods/startAssertion.test.ts
index 83c5a8b..a17c160 100644
--- a/packages/browser/src/methods/startAssertion.test.ts
+++ b/packages/browser/src/methods/startAssertion.test.ts
@@ -120,7 +120,7 @@ test('should return base64url-encoded response values', async done => {
expect(response.response.authenticatorData).toEqual('bW9ja0F1dGhlbnRpY2F0b3JEYXRh');
expect(response.response.clientDataJSON).toEqual('bW9ja0NsaWVudERhdGFKU09O');
expect(response.response.signature).toEqual('bW9ja1NpZ25hdHVyZQ');
- expect(response.response.userHandle).toEqual('bW9ja1VzZXJIYW5kbGU');
+ expect(response.response.userHandle).toEqual('mockUserHandle');
done();
});
diff --git a/packages/browser/src/methods/startAssertion.ts b/packages/browser/src/methods/startAssertion.ts
index fa25f47..786d55b 100644
--- a/packages/browser/src/methods/startAssertion.ts
+++ b/packages/browser/src/methods/startAssertion.ts
@@ -6,6 +6,7 @@ import {
import bufferToBase64URLString from '../helpers/bufferToBase64URLString';
import base64URLStringToBuffer from '../helpers/base64URLStringToBuffer';
+import bufferToUTF8String from '../helpers/bufferToUTF8String';
import supportsWebauthn from '../helpers/supportsWebauthn';
import toPublicKeyCredentialDescriptor from '../helpers/toPublicKeyCredentialDescriptor';
@@ -46,7 +47,7 @@ export default async function startAssertion(
let userHandle = undefined;
if (response.userHandle) {
- userHandle = bufferToBase64URLString(response.userHandle);
+ userHandle = bufferToUTF8String(response.userHandle);
}
// Convert values to base64 to make it easier to send back to the server
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-23 07:25:19 +0000