fix(deps): update dependency @simplewebauthn/server to v10 (#5705)

* fix(deps): update dependency @simplewebauthn/server to v10 * fix(core): update code to support @simplewebauthn/server v10 --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: wangsijie <wangsijie@silverhand.io>
logto-io · May 13, 2024 · b7d950b · b7d950b
1 parent d38ddf1
commit b7d950b
Show file tree

Hide file tree

Showing 4 changed files with 22 additions and 101 deletions.
diff --git a/packages/core/package.json b/packages/core/package.json
@@ -45,7 +45,7 @@
     "@logto/shared": "workspace:^3.1.0",
     "@silverhand/essentials": "^2.9.0",
     "@silverhand/slonik": "31.0.0-beta.2",
-    "@simplewebauthn/server": "^9.0.0",
+    "@simplewebauthn/server": "^10.0.0",
     "@withtyped/client": "^0.8.7",
     "camelcase": "^8.0.0",
     "camelcase-keys": "^9.0.0",

diff --git a/packages/core/src/routes/interaction/utils/webauthn.ts b/packages/core/src/routes/interaction/utils/webauthn.ts
@@ -37,7 +37,7 @@ export const generateWebAuthnRegistrationOptions = async ({
   const options: GenerateRegistrationOptionsOpts = {
     rpName: rpId,
     rpID: rpId,
-    userID: id,
+    userID: Uint8Array.from(Buffer.from(id)),
     userName: getUserDisplayName({ username, primaryEmail, primaryPhone }) ?? 'Unnamed User',
     timeout: 60_000,
     attestationType: 'none',
@@ -47,7 +47,7 @@ export const generateWebAuthnRegistrationOptions = async ({
           verification.type === MfaFactor.WebAuthn
       )
       .map(({ credentialId, transports }) => ({
-        id: Uint8Array.from(Buffer.from(credentialId, 'base64')),
+        id: credentialId,
         type: 'public-key',
         transports,
       })),
@@ -99,7 +99,7 @@ export const generateWebAuthnAuthenticationOptions = async ({
   const options: GenerateAuthenticationOptionsOpts = {
     timeout: 60_000,
     allowCredentials: webAuthnVerifications.map(({ credentialId, transports }) => ({
-      id: isoBase64URL.toBuffer(credentialId),
+      id: credentialId,
       type: 'public-key',
       transports,
     })),
@@ -151,7 +151,7 @@ export const verifyWebAuthnAuthentication = async ({
     expectedRPID: rpId,
     authenticator: {
       credentialPublicKey: isoBase64URL.toBuffer(publicKey),
-      credentialID: isoBase64URL.toBuffer(credentialId),
+      credentialID: credentialId,
       counter,
       transports,
     },

diff --git a/packages/core/src/routes/interaction/verifications/mfa-payload-verification.ts b/packages/core/src/routes/interaction/verifications/mfa-payload-verification.ts
@@ -106,7 +106,7 @@ const verifyBindWebAuthn = async (
 
   return {
     type,
-    credentialId: isoBase64URL.fromBuffer(credentialID),
+    credentialId: credentialID,
     publicKey: isoBase64URL.fromBuffer(credentialPublicKey),
     counter,
     agent: userAgent,

diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml