Update the addNewWebAuthnDevice method (#100)

ReachFive · Jun 15, 2020 · decab0a · decab0a
1 parent f777676
commit decab0a
Show file tree

Hide file tree

Showing 2 changed files with 21 additions and 8 deletions.
diff --git a/src/main/apiClient.ts b/src/main/apiClient.ts
@@ -17,7 +17,7 @@ import { computePkceParams, PkceParams } from './pkceService'
 import {
   encodePublicKeyCredentialCreationOptions, encodePublicKeyCredentialRequestOptions,
   serializeRegistrationPublicKeyCredential, serializeAuthenticationPublicKeyCredential,
-  CredentialCreationOptionsSerialized, CredentialRequestOptionsSerialized,
+  RegistrationOptions, CredentialRequestOptionsSerialized,
   publicKeyCredentialType
 } from './webAuthnService'
 
@@ -619,15 +619,15 @@ export default class ApiClient {
     }
 
     return this.http
-      .post<CredentialCreationOptionsSerialized>('/webauthn/registration-options', { body, accessToken })
+      .post<RegistrationOptions>('/webauthn/registration-options', { body, accessToken })
       .then(response => {
-        const options = encodePublicKeyCredentialCreationOptions(response.publicKey)
+        const publicKey = encodePublicKeyCredentialCreationOptions(response.options.publicKey)
 
-        return navigator.credentials.create({ publicKey: options })
+        return navigator.credentials.create({ publicKey })
       })
       .then(credentials => {
         if (!credentials || credentials.type !== publicKeyCredentialType) {
-          throw new Error('Unable to register invalid public key crendentials.')
+          throw new Error('Unable to register invalid public key credentials.')
         }
 
         const serializedCredentials = serializeRegistrationPublicKeyCredential(credentials)

diff --git a/src/main/webAuthnService.ts b/src/main/webAuthnService.ts
@@ -4,7 +4,12 @@ import { encodeToBase64 } from '../utils/base64'
 
 export const publicKeyCredentialType = 'public-key'
 
-export type CredentialCreationOptionsSerialized = { publicKey: PublicKeyCredentialCreationOptionsSerialized }
+export type RegistrationOptions = {
+    friendlyName: string
+    options: {
+        publicKey: PublicKeyCredentialCreationOptionsSerialized
+    }
+}
 export type CredentialRequestOptionsSerialized = { publicKey: PublicKeyCredentialRequestOptionsSerialized }
 
 type PublicKeyCredentialCreationOptionsSerialized = {
@@ -17,7 +22,11 @@ type PublicKeyCredentialCreationOptionsSerialized = {
     challenge: string
     pubKeyCredParams: PublicKeyCredentialParameters[]
     timeout?: number
-    excludeCredentials?: PublicKeyCredentialDescriptor[]
+    excludeCredentials?: {
+        type: "public-key"
+        id: string
+        transports?: Array<"usb" | "nfc" | "ble" | "internal">
+    }[]
     authenticatorSelection?: AuthenticatorSelectionCriteria
     attestation?: 'none'|  'indirect' | 'direct'
     extensions?: AuthenticationExtensionsClientInputs
@@ -64,7 +73,11 @@ export function encodePublicKeyCredentialCreationOptions(serializedOptions: Publ
         user: {
             ...serializedOptions.user,
             id:  Buffer.from(serializedOptions.user.id, 'base64')
-        }
+        },
+        excludeCredentials: serializedOptions.excludeCredentials && serializedOptions.excludeCredentials!.map(excludeCredential => ({
+            ...excludeCredential,
+            id: Buffer.from(excludeCredential.id, 'base64')
+        }))
     }
 }