diff options
| author | Matthew Miller <matthew@millerti.me> | 2024-01-19 22:34:37 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-01-19 22:34:37 -0800 |
| commit | dd387e656c4877f188f1e5fe83202ac5e1782664 (patch) | |
| tree | 9ca5925a1ffff6f755ca436598e3b72f3f117167 /packages/server/src | |
| parent | 2f4d01b6a1831bfeb22befe220995a2c4f01c905 (diff) | |
| parent | 65ec8a1f8a83657ab1609e9bc631dc6c3062dd85 (diff) | |
Merge pull request #507 from MasterKale/fix/503-consistent-utf8-challenge-strings
fix/503-consistent-utf8-challenge-strings
Diffstat (limited to 'packages/server/src')
3 files changed, 27 insertions, 1 deletions
diff --git a/packages/server/src/authentication/generateAuthenticationOptions.test.ts b/packages/server/src/authentication/generateAuthenticationOptions.test.ts index f8ed0ca..8d55580 100644 --- a/packages/server/src/authentication/generateAuthenticationOptions.test.ts +++ b/packages/server/src/authentication/generateAuthenticationOptions.test.ts @@ -132,6 +132,17 @@ Deno.test('should generate a challenge if one is not provided', async () => { assert(isoBase64URL.isBase64url(options.challenge)); }); +Deno.test('should treat string challenges as UTF-8 strings', async () => { + const options = await generateAuthenticationOptions({ + challenge: 'こんにちは', + }); + + assertEquals( + options.challenge, + '44GT44KT44Gr44Gh44Gv', + ); +}); + Deno.test('should set rpId if specified', async () => { const rpID = 'simplewebauthn.dev'; diff --git a/packages/server/src/registration/generateRegistrationOptions.test.ts b/packages/server/src/registration/generateRegistrationOptions.test.ts index 3b7f62b..fded674 100644 --- a/packages/server/src/registration/generateRegistrationOptions.test.ts +++ b/packages/server/src/registration/generateRegistrationOptions.test.ts @@ -192,6 +192,21 @@ Deno.test('should generate a challenge if one is not provided', async () => { mockGenerateChallenge.restore(); }); +Deno.test('should treat string challenges as UTF-8 strings', async () => { + const options = await generateRegistrationOptions({ + rpID: 'not.real', + rpName: 'SimpleWebAuthn', + userID: '1234', + userName: 'usernameHere', + challenge: 'こんにちは', + }); + + assertEquals( + options.challenge, + '44GT44KT44Gr44Gh44Gv', + ); +}); + Deno.test('should use custom supported algorithm IDs as-is when provided', async () => { const options = await generateRegistrationOptions({ rpID: 'not.real', diff --git a/packages/server/src/registration/generateRegistrationOptions.ts b/packages/server/src/registration/generateRegistrationOptions.ts index 54bdaa5..c894abb 100644 --- a/packages/server/src/registration/generateRegistrationOptions.ts +++ b/packages/server/src/registration/generateRegistrationOptions.ts @@ -157,7 +157,7 @@ export async function generateRegistrationOptions( */ let _challenge = challenge; if (typeof _challenge === 'string') { - _challenge = isoUint8Array.fromASCIIString(_challenge); + _challenge = isoUint8Array.fromUTF8String(_challenge); } return { |