From 77d569a071158c91ac90d2499fdb25f5a58fa799 Mon Sep 17 00:00:00 2001 From: Pranav Jain Date: Fri, 27 Sep 2024 15:00:19 -0400 Subject: [PATCH] chore(sdk-api): extract userId from userHandle for passkeys Ticket: WP-2592 TICKET: WP-2592 --- modules/sdk-api/src/bitgoAPI.ts | 35 ++++++++++++++++----------------- modules/sdk-api/src/types.ts | 5 ----- 2 files changed, 17 insertions(+), 23 deletions(-) diff --git a/modules/sdk-api/src/bitgoAPI.ts b/modules/sdk-api/src/bitgoAPI.ts index b1fe9f829c..072afd82cd 100644 --- a/modules/sdk-api/src/bitgoAPI.ts +++ b/modules/sdk-api/src/bitgoAPI.ts @@ -47,7 +47,6 @@ import { AddAccessTokenOptions, AddAccessTokenResponse, AuthenticateOptions, - AuthenticateWithPasskeyOptions, AuthenticateWithAuthCodeOptions, BitGoAPIOptions, BitGoJson, @@ -777,26 +776,26 @@ export class BitGoAPI implements BitGoBase { * Validate the passkey response is in the expected format * Should be as is returned from navigator.credentials.get() */ - validateWebauthnResponse(params: AuthenticateWithPasskeyOptions): void { - if (!_.isString(params.username)) { - throw new Error('expected string username'); - } - const webauthnResponse = JSON.parse(params.webauthnResponse); - if (!webauthnResponse && !webauthnResponse.response) { + validatePasskeyResponse(passkeyResponse: string): void { + const parsedPasskeyResponse = JSON.parse(passkeyResponse); + if (!parsedPasskeyResponse && !parsedPasskeyResponse.response) { throw new Error('unexpected webauthnResponse'); } - if (!_.isString(webauthnResponse.id)) { + if (!_.isString(parsedPasskeyResponse.id)) { throw new Error('id is missing'); } - if (!_.isString(webauthnResponse.response.authenticatorData)) { + if (!_.isString(parsedPasskeyResponse.response.authenticatorData)) { throw new Error('authenticatorData is missing'); } - if (!_.isString(webauthnResponse.response.clientDataJSON)) { + if (!_.isString(parsedPasskeyResponse.response.clientDataJSON)) { throw new Error('clientDataJSON is missing'); } - if (!_.isString(webauthnResponse.response.signature)) { + if (!_.isString(parsedPasskeyResponse.response.signature)) { throw new Error('signature is missing'); } + if (!_.isString(parsedPasskeyResponse.response.userHandle)) { + throw new Error('userHandle is missing'); + } } /** @@ -945,12 +944,8 @@ export class BitGoAPI implements BitGoBase { /** * Login to the bitgo platform with passkey. */ - async authenticateWithPasskey(params: AuthenticateWithPasskeyOptions): Promise { + async authenticateWithPasskey(passkey: string): Promise { try { - if (!_.isObject(params)) { - throw new Error('required object params'); - } - if (this._token) { return new Error('already logged in'); } @@ -958,9 +953,13 @@ export class BitGoAPI implements BitGoBase { const authUrl = this.microservicesUrl('/api/auth/v1/session'); const request = this.post(authUrl); - this.validateWebauthnResponse(params); + this.validatePasskeyResponse(passkey); + const userId = JSON.parse(passkey).response.userHandle; - const response: superagent.Response = await request.send(params); + const response: superagent.Response = await request.send({ + passkey: passkey, + userId: userId, + }); // extract body and user information const body = response.body; this._user = body.user; diff --git a/modules/sdk-api/src/types.ts b/modules/sdk-api/src/types.ts index cdc601e6c9..dbd77b8b86 100644 --- a/modules/sdk-api/src/types.ts +++ b/modules/sdk-api/src/types.ts @@ -104,11 +104,6 @@ export interface AuthenticateOptions { forReset2FA?: boolean; } -export interface AuthenticateWithPasskeyOptions { - username: string; - webauthnResponse: string; -} - export interface ProcessedAuthenticationOptions { email: string; password: string;