diff options
Diffstat (limited to 'packages/server/src')
| -rw-r--r-- | packages/server/src/deps.ts | 2 | ||||
| -rw-r--r-- | packages/server/src/registration/generateRegistrationOptions.test.ts | 5 | ||||
| -rw-r--r-- | packages/server/src/registration/generateRegistrationOptions.ts | 23 |
3 files changed, 20 insertions, 10 deletions
diff --git a/packages/server/src/deps.ts b/packages/server/src/deps.ts index 3acef11..53b6247 100644 --- a/packages/server/src/deps.ts +++ b/packages/server/src/deps.ts @@ -5,12 +5,12 @@ export type { AuthenticationResponseJSON, AuthenticatorDevice, AuthenticatorSelectionCriteria, + AuthenticatorTransportFuture, Base64URLString, COSEAlgorithmIdentifier, CredentialDeviceType, Crypto, PublicKeyCredentialCreationOptionsJSON, - PublicKeyCredentialDescriptorFuture, PublicKeyCredentialParameters, PublicKeyCredentialRequestOptionsJSON, RegistrationResponseJSON, diff --git a/packages/server/src/registration/generateRegistrationOptions.test.ts b/packages/server/src/registration/generateRegistrationOptions.test.ts index fded674..6704d23 100644 --- a/packages/server/src/registration/generateRegistrationOptions.test.ts +++ b/packages/server/src/registration/generateRegistrationOptions.test.ts @@ -67,8 +67,7 @@ Deno.test('should map excluded credential IDs if specified', async () => { userName: 'usernameHere', excludeCredentials: [ { - id: isoUint8Array.fromASCIIString('someIDhere'), - type: 'public-key', + id: 'someIDhere', transports: ['usb', 'ble', 'nfc', 'internal'], }, ], @@ -78,7 +77,7 @@ Deno.test('should map excluded credential IDs if specified', async () => { options.excludeCredentials, [ { - id: 'c29tZUlEaGVyZQ', + id: 'someIDhere', type: 'public-key', transports: ['usb', 'ble', 'nfc', 'internal'], }, diff --git a/packages/server/src/registration/generateRegistrationOptions.ts b/packages/server/src/registration/generateRegistrationOptions.ts index c894abb..2504751 100644 --- a/packages/server/src/registration/generateRegistrationOptions.ts +++ b/packages/server/src/registration/generateRegistrationOptions.ts @@ -2,9 +2,10 @@ import type { AttestationConveyancePreference, AuthenticationExtensionsClientInputs, AuthenticatorSelectionCriteria, + AuthenticatorTransportFuture, + Base64URLString, COSEAlgorithmIdentifier, PublicKeyCredentialCreationOptionsJSON, - PublicKeyCredentialDescriptorFuture, PublicKeyCredentialParameters, } from '../deps.ts'; import { generateChallenge } from '../helpers/generateChallenge.ts'; @@ -19,7 +20,10 @@ export type GenerateRegistrationOptionsOpts = { userDisplayName?: string; timeout?: number; attestationType?: AttestationConveyancePreference; - excludeCredentials?: PublicKeyCredentialDescriptorFuture[]; + excludeCredentials?: { + id: Base64URLString; + transports?: AuthenticatorTransportFuture[]; + }[]; authenticatorSelection?: AuthenticatorSelectionCriteria; extensions?: AuthenticationExtensionsClientInputs; supportedAlgorithmIDs?: COSEAlgorithmIdentifier[]; @@ -174,10 +178,17 @@ export async function generateRegistrationOptions( pubKeyCredParams, timeout, attestation: attestationType, - excludeCredentials: excludeCredentials.map((cred) => ({ - ...cred, - id: isoBase64URL.fromBuffer(cred.id as Uint8Array), - })), + excludeCredentials: excludeCredentials.map((cred) => { + if (!isoBase64URL.isBase64URL(cred.id)) { + throw new Error(`excludeCredential id "${cred.id}" is not a valid base64url string`); + } + + return { + ...cred, + id: isoBase64URL.trimPadding(cred.id), + type: 'public-key', + }; + }), authenticatorSelection, extensions: { ...extensions, |