diff options
Diffstat (limited to 'packages/server/src')
5 files changed, 20 insertions, 15 deletions
diff --git a/packages/server/src/authentication/generateAuthenticationOptions.test.ts b/packages/server/src/authentication/generateAuthenticationOptions.test.ts index 78c6473..fe365f2 100644 --- a/packages/server/src/authentication/generateAuthenticationOptions.test.ts +++ b/packages/server/src/authentication/generateAuthenticationOptions.test.ts @@ -1,9 +1,13 @@ jest.mock('../helpers/generateChallenge'); +import base64url from '../helpers/base64url'; + import { generateAuthenticationOptions } from './generateAuthenticationOptions'; +const challengeString = 'dG90YWxseXJhbmRvbXZhbHVl'; +const challengeBuffer = base64url.toBuffer(challengeString) + test('should generate credential request options suitable for sending via JSON', () => { - const challenge = 'totallyrandomvalue'; const options = generateAuthenticationOptions({ allowCredentials: [ @@ -19,12 +23,12 @@ test('should generate credential request options suitable for sending via JSON', }, ], timeout: 1, - challenge, + challenge: challengeBuffer, }); expect(options).toEqual({ // base64url-encoded - challenge: 'dG90YWxseXJhbmRvbXZhbHVl', + challenge: challengeString, allowCredentials: [ { id: 'MTIzNA', @@ -43,7 +47,7 @@ test('should generate credential request options suitable for sending via JSON', test('defaults to 60 seconds if no timeout is specified', () => { const options = generateAuthenticationOptions({ - challenge: 'totallyrandomvalue', + challenge: challengeBuffer, allowCredentials: [ { id: Buffer.from('1234', 'ascii'), type: 'public-key' }, { id: Buffer.from('5678', 'ascii'), type: 'public-key' }, @@ -55,7 +59,7 @@ test('defaults to 60 seconds if no timeout is specified', () => { test('should not set userVerification if not specified', () => { const options = generateAuthenticationOptions({ - challenge: 'totallyrandomvalue', + challenge: challengeBuffer, allowCredentials: [ { id: Buffer.from('1234', 'ascii'), type: 'public-key' }, { id: Buffer.from('5678', 'ascii'), type: 'public-key' }, @@ -86,7 +90,7 @@ test('should generate without params', () => { test('should set userVerification if specified', () => { const options = generateAuthenticationOptions({ - challenge: 'totallyrandomvalue', + challenge: challengeBuffer, allowCredentials: [ { id: Buffer.from('1234', 'ascii'), type: 'public-key' }, { id: Buffer.from('5678', 'ascii'), type: 'public-key' }, @@ -99,7 +103,7 @@ test('should set userVerification if specified', () => { test('should set extensions if specified', () => { const options = generateAuthenticationOptions({ - challenge: 'totallyrandomvalue', + challenge: challengeBuffer, allowCredentials: [ { id: Buffer.from('1234', 'ascii'), type: 'public-key' }, { id: Buffer.from('5678', 'ascii'), type: 'public-key' }, diff --git a/packages/server/src/authentication/generateAuthenticationOptions.ts b/packages/server/src/authentication/generateAuthenticationOptions.ts index 3561b28..1eab513 100644 --- a/packages/server/src/authentication/generateAuthenticationOptions.ts +++ b/packages/server/src/authentication/generateAuthenticationOptions.ts @@ -4,7 +4,7 @@ import type { PublicKeyCredentialDescriptorFuture, UserVerificationRequirement, } from '@simplewebauthn/typescript-types'; -import base64url from 'base64url'; +import base64url from '../helpers/base64url' import { generateChallenge } from '../helpers/generateChallenge'; @@ -43,10 +43,10 @@ export function generateAuthenticationOptions( } = options; return { - challenge: base64url.encode(challenge), + challenge: base64url.fromBuffer(_challenge), allowCredentials: allowCredentials?.map(cred => ({ ...cred, - id: base64url.encode(cred.id as Buffer), + id: base64url.fromBuffer(cred.id as Uint8Array), })), timeout, userVerification, diff --git a/packages/server/src/authentication/verifyAuthenticationResponse.ts b/packages/server/src/authentication/verifyAuthenticationResponse.ts index 6bb6e98..7ae002e 100644 --- a/packages/server/src/authentication/verifyAuthenticationResponse.ts +++ b/packages/server/src/authentication/verifyAuthenticationResponse.ts @@ -1,4 +1,3 @@ -import base64url from 'base64url'; import { AuthenticationCredentialJSON, AuthenticatorDevice, @@ -13,6 +12,7 @@ import { parseAuthenticatorData } from '../helpers/parseAuthenticatorData'; import { isBase64URLString } from '../helpers/isBase64URLString'; import { parseBackupFlags } from '../helpers/parseBackupFlags'; import { AuthenticationExtensionsAuthenticatorOutputs } from '../helpers/decodeAuthenticatorExtensions'; +import base64url from '../helpers/base64url'; export type VerifyAuthenticationResponseOpts = { credential: AuthenticationCredentialJSON; diff --git a/packages/server/src/helpers/convertCertBufferToPEM.ts b/packages/server/src/helpers/convertCertBufferToPEM.ts index 53398e5..5339282 100644 --- a/packages/server/src/helpers/convertCertBufferToPEM.ts +++ b/packages/server/src/helpers/convertCertBufferToPEM.ts @@ -1,6 +1,7 @@ -import base64url from 'base64url'; import type { Base64URLString } from '@simplewebauthn/typescript-types'; +import base64url from './base64url'; + /** * Convert buffer to an OpenSSL-compatible PEM text format. */ diff --git a/packages/server/src/registration/generateRegistrationOptions.ts b/packages/server/src/registration/generateRegistrationOptions.ts index a2cc9cf..12138b0 100644 --- a/packages/server/src/registration/generateRegistrationOptions.ts +++ b/packages/server/src/registration/generateRegistrationOptions.ts @@ -7,9 +7,9 @@ import type { PublicKeyCredentialDescriptorFuture, PublicKeyCredentialParameters, } from '@simplewebauthn/typescript-types'; -import base64url from 'base64url'; import { generateChallenge } from '../helpers/generateChallenge'; +import base64url from '../helpers/base64url'; export type GenerateRegistrationOptionsOpts = { rpName: string; @@ -152,7 +152,7 @@ export function generateRegistrationOptions( } return { - challenge: base64url.encode(challenge), + challenge: base64url.fromBuffer(_challenge), rp: { name: rpName, id: rpID, @@ -167,7 +167,7 @@ export function generateRegistrationOptions( attestation: attestationType, excludeCredentials: excludeCredentials.map(cred => ({ ...cred, - id: base64url.encode(cred.id as Buffer), + id: base64url.fromBuffer(cred.id as Uint8Array), })), authenticatorSelection, extensions, |