feat(javascript-sdk): register-device-name

[ryanbas21]

JIRA Ticket

https://bugster.forgerock.org/jira/browse/SDKS-2298

Description

make it so register accepts a parameter for registering a device name. An optional generic parameter that adds a device name to the registration step. This makes it so that ::${devicename} is concated to the device string that is made from the outcome.

Type of Change

Please Delete options that are not relevant

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

How Has This Been Tested?

See the e2e example, which uses stoyans tenant

  const url = new URL(window.location.href);
  const amUrl =
    url.searchParams.get('amUrl') || 'https://openam-forgerrock-sdksteanant.forgeblocks.com/am/';
  const realmPath = url.searchParams.get('realmPath') || 'alpha';
  const un = url.searchParams.get('un') || 'ryan';
  const pw = url.searchParams.get('pw') || 'Password1!';
  const tree = url.searchParams.get('tree') || 'WebAuthn-Registration';

Click the device registration button and then go through the flow there. You should see the hidden callback have the outcome value with DeviceName (as passed in) concated to the end.

The name can be very long and cut off

Definition of Done

Check all that apply

• Acceptance criteria is met.
• All tasks listed in the user story have been completed.
• Coded to standards.
• Code peer-reviewed.
• Ensure backward compatibility (special attention).
• API reference docs is updated.
• Unit tests are written.
• Integration tests are written.
• e2e tests are written.
• CI build passing on the feature branch.
• Functional spec is written/updated
• contains example code snippets.
• Change log updated.
• Documentation story is created and tracked.
• UI is completed or ticket is created.
• Demo to PO and team.
• Tech debts and remaining tasks are tracked in separated ticket(s).

Documentation

• Acceptance criteria met
• Spell-check run
• Peer reviewed
• Proofread

[github-actions]

Your preview environment pr-340-ryanbas21 has been deployed.

Preview environment endpoints are available at:

• https://angular-todo-pr-340-ryanbas21.cloud.okteto.net
• https://central-login-pr-340-ryanbas21.cloud.okteto.net
• https://embedded-login-pr-340-ryanbas21.cloud.okteto.net
• https://reactjs-todo-pr-340-ryanbas21.cloud.okteto.net
• https://todo-api-pr-340-ryanbas21.cloud.okteto.net

[ryanbas21]

so typechecking happens on build, was an oversight by me.

[nx-cloud]

☁️ Nx Cloud Report

CI is running/has finished running commands for commit f845505. As they complete they will appear below. Click to see the status, the terminal output, and the build insights.

📂 See all runs for this branch

---

✅ Successfully ran 5 targets

• nx affected --target=e2e --parallel --max-parallel=3
• nx affected --target=test --configuration=integration
• nx affected --target=test --parallel --max-parallel=3
• nx affected --target=lint --parallel --max-parallel=3
• nx affected --target=build --parallel --max-parallel=3

---

Sent with 💌 from NxCloud.

[ryanbas21]

This is a type that can create a Device Name if given a name or not

[cerebrl]

I like the strictness of this type, but the name feels a bit misleading.

[ryanbas21]

realistically, i thought a simpler type could be used, i have no idea why i couldn't use a simpler type, it only worked when I went this route.

[ryanbas21]

hypothetically, we could give hiddenCallback a generic that defaults to unknown and then we can provide that here for more type inference and passing.

[ryanbas21]

Had to force this type, theres probably a way to create a string builder that outputs as the type though that may fit better.

[ryanbas21]

I suppose this will always be string, but if userHandle is ever a more strict type then we could leverage that here.

[cerebrl]

userHandle is just a username, so it can be any kind of string. This is used for supporting the "usernameless" flow where the username is stored on the WebAuthn device.

[ryanbas21]

Right but one could pass “username” and in typescript 5 we could leverage a const generic which would make the type “username” and not string so it could be used more strictly

[ryanbas21]

I think I addedt his when I was trying to find ways to test this with jest, but I can remove it.

[cerebrl]

Probably should remove it then, if it's not needed.

[ryanbas21]

removed

[ryanbas21]

This is just for that manual test I wrote, has no affect on the automation

[cerebrl]

Oh, I was wondering why the additional flow was added. There's currently no automation around WebAuthn; everything is manually tested. So, nothing should prevent you from adding your feature to the existing flow, rather than create an entirely new flow.

[ryanbas21]

Yeah I only added it because the only difference is that the previous flow didn't add a device name, but i could just add a device name and remvoe this i think if preferred.

[ryanbas21]

The main reason for this flow, is that the tenant i used had a different tree, so I used stoyans tenant and the flow itself requires certs that run without errors.

So my testing was done in a dfiferent env and couldn't use the mock server itself.

[cerebrl]

This looks good overall. A few additional comments:

• Can you fill out the PR description template?
• Provide screenshots of the results from testing this new feature from Platform Admin (showing full end-to-end testing)
• Rework the name of the new type
• I don't think you need to create a whole new flow in the autoscript.ts, but let me know if I'm missing something

[cerebrl]

Is this a TODO comment?

[ryanbas21]

No, this was instructions for when you get to this step, you can ensure the callback has the value with mydevice at the end since it concates with a stringifed object its messy.

see here:

[cerebrl]

Oh, okay. Rather than this comment instructing the manual tester to inspect the step in the console, can we just have a condition in the code to check this for us, similar to the other conditions that are ensuring things are working properly? If mydevice is not present, let's just throw an error like how we handle other issues.

[cerebrl]

Oh, I was wondering why the additional flow was added. There's currently no automation around WebAuthn; everything is manually tested. So, nothing should prevent you from adding your feature to the existing flow, rather than create an entirely new flow.

[cerebrl]

This type reads a bit odd for me. Should the type name be something more like OutcomeWithName, rather than DeviceName?

[ryanbas21]

Done

[cerebrl]

I like the strictness of this type, but the name feels a bit misleading.

[cerebrl]

userHandle is just a username, so it can be any kind of string. This is used for supporting the "usernameless" flow where the username is stored on the WebAuthn device.

[cerebrl]

Probably should remove it then, if it's not needed.

[cerebrl]

LGTM!