Accept number maxTimeToLive (#1051)

This makes our postMesasge interface a bit more lenient (see #1050 for details) and adds console logs to ease debugging of bad authentication requests.
dfinity · Nov 24, 2022 · 957b04a · 957b04a
1 parent 0515a6e
commit 957b04a
Showing 1 changed file with 29 additions and 14 deletions.
diff --git a/src/frontend/src/flows/authenticate/postMessageInterface.ts b/src/frontend/src/flows/authenticate/postMessageInterface.ts
@@ -38,38 +38,52 @@ export interface AuthRequest {
 }
 
 /** Try to read unknown data as authentication request */
-const asAuthRequest = (msg: unknown): AuthRequest | undefined => {
+const asAuthRequest = (msg: unknown): AuthRequest | string => {
   const obj = unknownToRecord(msg);
 
   if (obj === undefined) {
-    return undefined;
+    return "request is undefined";
   }
 
-  if (!hasOwnProperty(obj, "kind") || obj.kind !== "authorize-client") {
-    return undefined;
+  if (!hasOwnProperty(obj, "kind")) {
+    return "request does not have 'kind'";
   }
 
-  if (
-    !hasOwnProperty(obj, "sessionPublicKey") ||
-    !(obj.sessionPublicKey instanceof Uint8Array)
-  ) {
-    return undefined;
+  if (obj.kind !== "authorize-client") {
+    return "'kind' is not 'authorize-client'";
+  }
+
+  if (!hasOwnProperty(obj, "sessionPublicKey")) {
+    return "request does not have 'sessionPublicKey'";
+  }
+
+  if (!(obj.sessionPublicKey instanceof Uint8Array)) {
+    return "'sessionPublicKey' is not 'Uint8Array'";
+  }
+
+  // Temporary work around for clients that use 'number' instead of 'bigint'
+  // https://github.com/dfinity/internet-identity/issues/1050
+  let maxTimeToLive = obj.maxTimeToLive;
+  if (typeof maxTimeToLive === "number") {
+    console.warn(
+      "maxTimeToLive is 'number' but should be 'bigint', this will be an error in the future"
+    );
+    maxTimeToLive = BigInt(maxTimeToLive);
   }
 
-  const maxTimeToLive = obj.maxTimeToLive;
   if (
     typeof maxTimeToLive !== "undefined" &&
     typeof maxTimeToLive !== "bigint"
   ) {
-    return undefined;
+    return "'maxTimeToLive' is not 'bigint'";
   }
 
   const derivationOrigin = obj.derivationOrigin;
   if (
     typeof derivationOrigin !== "undefined" &&
     typeof derivationOrigin !== "string"
   ) {
-    return undefined;
+    return "'derivationOrigin' is not 'string'";
   }
 
   return {
@@ -165,7 +179,7 @@ const waitForAuthRequest = (): Promise<AuthContext> =>
     const eventHandler = async (event: MessageEvent) => {
       const message: unknown = event.data; // Drop assumptions about event.data (an 'any')
       const authRequest = asAuthRequest(message);
-      if (authRequest !== undefined) {
+      if (typeof authRequest !== "string") {
         window.removeEventListener("message", eventHandler);
         console.log(
           `Handling authorize-client request ${JSON.stringify(
@@ -179,7 +193,8 @@ const waitForAuthRequest = (): Promise<AuthContext> =>
         });
       } else {
         console.warn(
-          `Bad authentication request received: ${JSON.stringify(message)}`
+          `Bad authentication request received: ${authRequest}`,
+          message
         );
       }
     };