Merge pull request #120 from MasterKale/fix/simplify-encoding-user-handle-in-assertion-response

fix/simplify-encoding-user-handle-in-assertion-response
author: Matthew Miller <matthew@millerti.me> 2021-04-17 22:06:35 -0700
committer: GitHub <noreply@github.com> 2021-04-17 22:06:35 -0700
commit: becd1415ff3fba22218f808f6dac761901b71a5c (patch)
tree: 541f90e33aa08659c985c5c3f91ebfaed74692e8 /packages/browser/src/methods
parent: cb445cd8404af140120260ca77294a70d7202a71 (diff)
parent: 926eda9ae5f12b88179c6c13d0ee5ede49e5e411 (diff)
4 files changed, 13 insertions, 12 deletions
diff --git a/packages/browser/src/methods/startAssertion.test.ts b/packages/browser/src/methods/startAssertion.test.ts
index c077219..f005a26 100644
--- a/packages/browser/src/methods/startAssertion.test.ts
+++ b/packages/browser/src/methods/startAssertion.test.ts
@@ -6,7 +6,7 @@ import {
 } from '@simplewebauthn/typescript-types';
 
 import supportsWebauthn from '../helpers/supportsWebauthn';
-import toUint8Array from '../helpers/toUint8Array';
+import utf8StringToBuffer from '../helpers/utf8StringToBuffer';
 import bufferToBase64URLString from '../helpers/bufferToBase64URLString';
 
 import startAssertion from './startAssertion';
@@ -23,7 +23,7 @@ const mockUserHandle = 'mockUserHandle';
 
 // With ASCII challenge
 const goodOpts1: PublicKeyCredentialRequestOptionsJSON = {
-  challenge: bufferToBase64URLString(toUint8Array('fizz')),
+  challenge: bufferToBase64URLString(utf8StringToBuffer('fizz')),
   allowCredentials: [
     {
       id: 'C0VGlvYFratUdAV1iCw-ULpUW8E-exHPXQChBfyVeJZCMfjMFcwDmOFgoMUz39LoMtCJUBW8WPlLkGT6q8qTCg',
@@ -36,7 +36,7 @@ const goodOpts1: PublicKeyCredentialRequestOptionsJSON = {
 
 // With UTF-8 challenge
 const goodOpts2UTF8: PublicKeyCredentialRequestOptionsJSON = {
-  challenge: bufferToBase64URLString(toUint8Array('やれやれだぜ')),
+  challenge: bufferToBase64URLString(utf8StringToBuffer('やれやれだぜ')),
   allowCredentials: [],
   timeout: 1,
 };
@@ -78,7 +78,7 @@ test('should convert options before passing to navigator.credentials.get(...)',
 
 test('should support optional allowCredential', async () => {
   await startAssertion({
-    challenge: bufferToBase64URLString(toUint8Array('fizz')),
+    challenge: bufferToBase64URLString(utf8StringToBuffer('fizz')),
     timeout: 1,
   });
 
@@ -87,7 +87,7 @@ test('should support optional allowCredential', async () => {
 
 test('should convert allow allowCredential to undefined when empty', async () => {
   await startAssertion({
-    challenge: bufferToBase64URLString(toUint8Array('fizz')),
+    challenge: bufferToBase64URLString(utf8StringToBuffer('fizz')),
     timeout: 1,
     allowCredentials: [],
   });
@@ -120,7 +120,7 @@ test('should return base64url-encoded response values', async done => {
   expect(response.response.authenticatorData).toEqual('bW9ja0F1dGhlbnRpY2F0b3JEYXRh');
   expect(response.response.clientDataJSON).toEqual('bW9ja0NsaWVudERhdGFKU09O');
   expect(response.response.signature).toEqual('bW9ja1NpZ25hdHVyZQ');
-  expect(response.response.userHandle).toEqual('bW9ja1VzZXJIYW5kbGU');
+  expect(response.response.userHandle).toEqual('mockUserHandle');
 
   done();
 });
diff --git a/packages/browser/src/methods/startAssertion.ts b/packages/browser/src/methods/startAssertion.ts
index fa25f47..786d55b 100644
--- a/packages/browser/src/methods/startAssertion.ts
+++ b/packages/browser/src/methods/startAssertion.ts
@@ -6,6 +6,7 @@ import {
 
 import bufferToBase64URLString from '../helpers/bufferToBase64URLString';
 import base64URLStringToBuffer from '../helpers/base64URLStringToBuffer';
+import bufferToUTF8String from '../helpers/bufferToUTF8String';
 import supportsWebauthn from '../helpers/supportsWebauthn';
 import toPublicKeyCredentialDescriptor from '../helpers/toPublicKeyCredentialDescriptor';
 
@@ -46,7 +47,7 @@ export default async function startAssertion(
 
   let userHandle = undefined;
   if (response.userHandle) {
-    userHandle = bufferToBase64URLString(response.userHandle);
+    userHandle = bufferToUTF8String(response.userHandle);
   }
 
   // Convert values to base64 to make it easier to send back to the server
diff --git a/packages/browser/src/methods/startAttestation.test.ts b/packages/browser/src/methods/startAttestation.test.ts
index b4cfa52..244a4d2 100644
--- a/packages/browser/src/methods/startAttestation.test.ts
+++ b/packages/browser/src/methods/startAttestation.test.ts
@@ -5,7 +5,7 @@ import {
   PublicKeyCredentialCreationOptionsJSON,
 } from '@simplewebauthn/typescript-types';
 
-import toUint8Array from '../helpers/toUint8Array';
+import utf8StringToBuffer from '../helpers/utf8StringToBuffer';
 import supportsWebauthn from '../helpers/supportsWebauthn';
 import bufferToBase64URLString from '../helpers/bufferToBase64URLString';
 
@@ -20,7 +20,7 @@ const mockAttestationObject = 'mockAtte';
 const mockClientDataJSON = 'mockClie';
 
 const goodOpts1: PublicKeyCredentialCreationOptionsJSON = {
-  challenge: bufferToBase64URLString(toUint8Array('fizz')),
+  challenge: bufferToBase64URLString(utf8StringToBuffer('fizz')),
   attestation: 'direct',
   pubKeyCredParams: [
     {
@@ -90,7 +90,7 @@ test('should return base64url-encoded response values', async done => {
       return new Promise(resolve => {
         resolve({
           id: 'foobar',
-          rawId: toUint8Array('foobar'),
+          rawId: utf8StringToBuffer('foobar'),
           response: {
             attestationObject: Buffer.from(mockAttestationObject, 'ascii'),
             clientDataJSON: Buffer.from(mockClientDataJSON, 'ascii'),
diff --git a/packages/browser/src/methods/startAttestation.ts b/packages/browser/src/methods/startAttestation.ts
index 22ebe64..379e295 100644
--- a/packages/browser/src/methods/startAttestation.ts
+++ b/packages/browser/src/methods/startAttestation.ts
@@ -4,7 +4,7 @@ import {
   AttestationCredentialJSON,
 } from '@simplewebauthn/typescript-types';
 
-import toUint8Array from '../helpers/toUint8Array';
+import utf8StringToBuffer from '../helpers/utf8StringToBuffer';
 import bufferToBase64URLString from '../helpers/bufferToBase64URLString';
 import base64URLStringToBuffer from '../helpers/base64URLStringToBuffer';
 import supportsWebauthn from '../helpers/supportsWebauthn';
@@ -28,7 +28,7 @@ export default async function startAttestation(
     challenge: base64URLStringToBuffer(creationOptionsJSON.challenge),
     user: {
       ...creationOptionsJSON.user,
-      id: toUint8Array(creationOptionsJSON.user.id),
+      id: utf8StringToBuffer(creationOptionsJSON.user.id),
     },
     excludeCredentials: creationOptionsJSON.excludeCredentials.map(toPublicKeyCredentialDescriptor),
   };
author	Matthew Miller <matthew@millerti.me>	2021-04-17 22:06:35 -0700
committer	GitHub <noreply@github.com>	2021-04-17 22:06:35 -0700
commit	becd1415ff3fba22218f808f6dac761901b71a5c (patch)
tree	541f90e33aa08659c985c5c3f91ebfaed74692e8 /packages/browser/src/methods
parent	cb445cd8404af140120260ca77294a70d7202a71 (diff)
parent	926eda9ae5f12b88179c6c13d0ee5ede49e5e411 (diff)