Skip to content

fix(passkeys): gate rpId/allowedOrigins validation on enabled flag#20338

Merged
vpomerleau merged 1 commit intomainfrom
FXA-13378
Apr 8, 2026
Merged

fix(passkeys): gate rpId/allowedOrigins validation on enabled flag#20338
vpomerleau merged 1 commit intomainfrom
FXA-13378

Conversation

@vpomerleau
Copy link
Copy Markdown
Contributor

@vpomerleau vpomerleau commented Apr 8, 2026

Because

  • buildPasskeyConfig validated rpId and allowedOrigins unconditionally, causing auth-server to crash at startup on any environment where passkeys is disabled but the required fields are left at their Convict defaults (empty string / empty array)

This pull request

  • Adds @ValidateIf((o) => o.enabled) to rpId and allowedOrigins in PasskeyConfig so those constraints are skipped when the feature is off
  • Wraps the buildPasskeyConfig call in key_server.js with try/catch so that misconfigured-but-enabled passkeys logs via log.error (structured mozlog) before exiting, instead of falling through to console.error
  • Adds a test asserting that disabled passkeys with empty defaults no longer throws

Issue that this pull request solves

Closes: FXA-13378

Checklist

Put an x in the boxes that apply

  • My commit is GPG signed.
  • If applicable, I have modified or added tests which pass locally.
  • I have added necessary documentation (if appropriate).
  • I have verified that my changes render correctly in RTL (if appropriate).
  • I have manually reviewed all AI generated code.

How to review (Optional)

  • Key files/areas to focus on:
  • Suggested review order:
  • Risky or complex parts:

Screenshots (Optional)

Please attach the screenshots of the changes made in case of change in user interface.

Other information (Optional)

Any other information that is important to this pull request.

@vpomerleau
fix(passkeys): gate rpId/allowedOrigins validation on enabled flag
b49047a 
Because:

* buildPasskeyConfig validated rpId and allowedOrigins unconditionally, causing auth-server to crash at startup on any environment where passkeys is disabled but the required fields are left at their Convict defaults (empty string / empty array)

This commit:

* Adds @ValidateIf((o) => o.enabled) to rpId and allowedOrigins in PasskeyConfig so those constraints are skipped when the feature is off
* Wraps the buildPasskeyConfig call in key_server.js with try/catch so that misconfigured-but-enabled passkeys logs via log.error (structured mozlog) before exiting, instead of falling through to console.error
* Adds a test asserting that disabled passkeys with empty defaults no longer throws

Closes #FXA-13378
@vpomerleau vpomerleau requested a review from a team as a code owner April 8, 2026 20:23
@vpomerleau vpomerleau merged commit eaae7f6 into main Apr 8, 2026
21 checks passed
@vpomerleau vpomerleau deleted the FXA-13378 branch April 8, 2026 21:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@LZoog LZoog LZoog approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@vpomerleau @LZoog