Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: WebAuthN support #966

Draft
wants to merge 84 commits into
base: master
Choose a base branch
from
Draft
Changes from 1 commit
Commits
Show all changes
84 commits
Select commit Hold shift + click to select a range
c57b645
add initial passkey types
niftyvictor Oct 10, 2024
56422f3
passkey types cleanup
niftyvictor Oct 11, 2024
f102128
added untested support for options, sign in and sign up methods
niftyvictor Oct 16, 2024
de9fb88
Merge branch 'feat/webauthn/base' into feat/webauthn/basic-methods
niftyvictor Oct 16, 2024
40bd6e9
updated types based on pr changes
niftyvictor Oct 17, 2024
e150fc2
pr changes. removed incorrect errors and added missing ones
niftyvictor Oct 18, 2024
8c8d711
added missing user type
niftyvictor Oct 18, 2024
ced57b1
added webauthn details to user object
niftyvictor Oct 18, 2024
fbbed56
pr fixes. centralized error types and added crud for credentials
niftyvictor Oct 21, 2024
64a4a6b
pr fixes
niftyvictor Oct 21, 2024
3186aa5
pr fixes and added decode method
niftyvictor Oct 21, 2024
3fa31ce
added types implementation and minor fixes
niftyvictor Oct 28, 2024
177b580
pr fixes
niftyvictor Oct 28, 2024
5d1363e
pr fixes and cleanup
niftyvictor Oct 28, 2024
57e210d
pr fixes
niftyvictor Oct 28, 2024
ea42bd1
updated initial recipe implementation
niftyvictor Oct 29, 2024
b8cffc1
fixed implementation
niftyvictor Nov 6, 2024
bf9e00f
added basic build
niftyvictor Nov 8, 2024
b44752f
added basic build exports
niftyvictor Nov 8, 2024
dba5cda
pr fixes
niftyvictor Nov 8, 2024
c84a76a
pr fixes
niftyvictor Nov 8, 2024
3649b45
pr fixes
niftyvictor Nov 12, 2024
3bb7234
pr fixes
niftyvictor Nov 12, 2024
ce371d1
pr fixes
niftyvictor Nov 12, 2024
d356701
added missing default email delivery implementation
niftyvictor Nov 25, 2024
e743046
added basic tests and mock
niftyvictor Nov 25, 2024
6a2e53f
Merge pull request #952 from supertokens/feat/webauthn/basic-methods
victorbojica Nov 25, 2024
fbb2d4b
feat: added API testing
victorbojica Dec 3, 2024
ab6980d
Add support for correct types for signup and signin endpoints (#967)
deepjyoti30-st Jan 8, 2025
8dcca2d
WebAuthn API testing updates (#971)
victorbojica Jan 8, 2025
00f03b5
added expires at and created at and minor fixes and register crendeti…
niftyvictor Jan 14, 2025
48fbcde
Merge remote-tracking branch 'origin/feat/webauthn/base' into feat/we…
niftyvictor Jan 14, 2025
217bbd3
fix
niftyvictor Jan 14, 2025
eafcf8e
Split listUsersByAccountInfo input type from AccountInfo (#973)
victorbojica Jan 21, 2025
fd87984
removed email support for sign in
niftyvictor Jan 21, 2025
8e68827
Add fix for not requiring email in webauthn sign in
deepjyoti30-st Jan 27, 2025
f3fd0dd
Add build files for changes related to email not being required
deepjyoti30-st Jan 27, 2025
813bd39
added support for backend-sdk-testing
niftyvictor Jan 29, 2025
c0cc3bc
test fixes
niftyvictor Jan 31, 2025
93f30d6
added more test details
niftyvictor Jan 31, 2025
262942b
test fixes
niftyvictor Jan 31, 2025
bd6ef14
test fixes
niftyvictor Jan 31, 2025
9979d7b
test fixes
niftyvictor Jan 31, 2025
376a658
test fixes
niftyvictor Jan 31, 2025
d6bfac8
test fixes
niftyvictor Jan 31, 2025
5221d4b
test fixes
niftyvictor Feb 3, 2025
11f52c0
test fixes
niftyvictor Feb 4, 2025
88377de
updated registerOptions to use the core to get the user email when us…
niftyvictor Feb 5, 2025
a0155f2
Fix method used for getting user details from recover account token
deepjyoti30-st Feb 5, 2025
7c2441e
fix user retrieval by token path
niftyvictor Feb 5, 2025
8e842c6
added missing build
niftyvictor Feb 5, 2025
a4db5f3
test cleanup and fixes
niftyvictor Feb 5, 2025
276769f
Fix issue of parsing email from webauthn user retrieval endpoint
deepjyoti30-st Feb 6, 2025
310a5f8
fix email changes
niftyvictor Feb 6, 2025
1dcb7e5
fix recipeuserid not being passed correctly to registerCredential
niftyvictor Feb 6, 2025
7c5e3c8
type fixes
niftyvictor Feb 6, 2025
9508175
test fixes
niftyvictor Feb 6, 2025
4e04c20
test fixes
niftyvictor Feb 6, 2025
8baa775
fix listUsersByAccountInfo not suing webauthn
niftyvictor Feb 7, 2025
538b5ca
fix sign in adn removed logs
niftyvictor Feb 7, 2025
5308253
fix user verification
niftyvictor Feb 7, 2025
5b87089
updated tests and added userPresence support
niftyvictor Feb 10, 2025
873df1e
test fixes
niftyvictor Feb 11, 2025
1c350be
error handling cleanup and general cleanup
niftyvictor Feb 13, 2025
ade3611
added more tests
niftyvictor Feb 14, 2025
3276174
added more error tests
niftyvictor Feb 14, 2025
0311240
removed email exists error message
niftyvictor Feb 14, 2025
d79d6cb
test fixes, mising tests and build code
niftyvictor Feb 14, 2025
209c789
updated recover account link
niftyvictor Feb 14, 2025
e1655f9
test fixes
niftyvictor Feb 14, 2025
cc3d449
test fixes
niftyvictor Feb 14, 2025
179646f
test fixes
niftyvictor Feb 14, 2025
13beb1b
test fixes
niftyvictor Feb 16, 2025
2cc3347
test fixes
niftyvictor Feb 17, 2025
7a654db
test fixes
niftyvictor Feb 17, 2025
a4c0332
added email verification tests
niftyvictor Feb 19, 2025
d22e26d
added dev info
niftyvictor Feb 19, 2025
27fa091
fix rp id on sign in options
niftyvictor Feb 19, 2025
bb71308
added dev info
niftyvictor Feb 19, 2025
52e71dc
updated cdi version
niftyvictor Feb 21, 2025
59e0da3
updated cdi version
niftyvictor Feb 22, 2025
162bdc9
reverted cdi version for deployment
niftyvictor Feb 22, 2025
1b209ea
updated cdi version and test updates
niftyvictor Feb 22, 2025
1229fff
test fixes
niftyvictor Feb 23, 2025
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
WebAuthn API testing updates (#971)
---------

Co-authored-by: Victor Bojica <victor@niftylearning.io>
  • Loading branch information
victorbojica and niftyvictor authored Jan 8, 2025
commit 8dcca2db25c1460c4dc11ef1b823fa1604837e4e
3 changes: 0 additions & 3 deletions lib/ts/recipe/webauthn/api/implementation.ts
Original file line number Diff line number Diff line change
@@ -8,7 +8,6 @@ import { SessionContainerInterface } from "../../session/types";
import {
DEFAULT_REGISTER_OPTIONS_ATTESTATION,
DEFAULT_REGISTER_OPTIONS_TIMEOUT,
DEFAULT_REGISTER_OPTIONS_REQUIRE_RESIDENT_KEY,
DEFAULT_REGISTER_OPTIONS_RESIDENT_KEY,
DEFAULT_REGISTER_OPTIONS_USER_VERIFICATION,
DEFAULT_SIGNIN_OPTIONS_TIMEOUT,
@@ -87,15 +86,13 @@ export default function getAPIImplementation(): APIInterface {

const timeout = DEFAULT_REGISTER_OPTIONS_TIMEOUT;
const attestation = DEFAULT_REGISTER_OPTIONS_ATTESTATION;
const requireResidentKey = DEFAULT_REGISTER_OPTIONS_REQUIRE_RESIDENT_KEY;
const residentKey = DEFAULT_REGISTER_OPTIONS_RESIDENT_KEY;
const userVerification = DEFAULT_REGISTER_OPTIONS_USER_VERIFICATION;
const supportedAlgorithmIds = DEFAULT_REGISTER_OPTIONS_SUPPORTED_ALGORITHM_IDS;

let response = await options.recipeImplementation.registerOptions({
...props,
attestation,
requireResidentKey,
residentKey,
userVerification,
origin,
1 change: 0 additions & 1 deletion lib/ts/recipe/webauthn/constants.ts
Original file line number Diff line number Diff line change
@@ -29,7 +29,6 @@ export const SIGNUP_EMAIL_EXISTS_API = "/webauthn/email/exists";

// defaults that can be overridden by the developer
export const DEFAULT_REGISTER_OPTIONS_ATTESTATION = "none";
export const DEFAULT_REGISTER_OPTIONS_REQUIRE_RESIDENT_KEY = false;
export const DEFAULT_REGISTER_OPTIONS_RESIDENT_KEY = "required";
export const DEFAULT_REGISTER_OPTIONS_USER_VERIFICATION = "preferred";
export const DEFAULT_REGISTER_OPTIONS_SUPPORTED_ALGORITHM_IDS = [-8, -7, -257];
4 changes: 0 additions & 4 deletions lib/ts/recipe/webauthn/index.ts
Original file line number Diff line number Diff line change
@@ -34,7 +34,6 @@ import { getUserContext } from "../../utils";
import { SessionContainerInterface } from "../session/types";
import { User } from "../../types";
import {
DEFAULT_REGISTER_OPTIONS_REQUIRE_RESIDENT_KEY,
DEFAULT_REGISTER_OPTIONS_RESIDENT_KEY,
DEFAULT_REGISTER_OPTIONS_SUPPORTED_ALGORITHM_IDS,
DEFAULT_REGISTER_OPTIONS_USER_VERIFICATION,
@@ -51,7 +50,6 @@ export default class Wrapper {
static Error = SuperTokensError;

static async registerOptions({
requireResidentKey = DEFAULT_REGISTER_OPTIONS_REQUIRE_RESIDENT_KEY,
residentKey = DEFAULT_REGISTER_OPTIONS_RESIDENT_KEY,
userVerification = DEFAULT_REGISTER_OPTIONS_USER_VERIFICATION,
attestation = DEFAULT_REGISTER_OPTIONS_ATTESTATION,
@@ -61,7 +59,6 @@ export default class Wrapper {
userContext,
...rest
}: {
requireResidentKey?: boolean;
residentKey?: ResidentKey;
userVerification?: UserVerification;
attestation?: Attestation;
@@ -166,7 +163,6 @@ export default class Wrapper {

return Recipe.getInstanceOrThrowError().recipeInterfaceImpl.registerOptions({
...emailOrRecoverAccountToken,
requireResidentKey,
residentKey,
userVerification,
supportedAlgorithmIds,
4 changes: 4 additions & 0 deletions lib/ts/recipe/webauthn/recipeImplementation.ts
Original file line number Diff line number Diff line change
@@ -24,6 +24,8 @@ export default function getRecipeInterface(
tenantId,
userContext,
supportedAlgorithmIds,
userVerification,
residentKey,
...rest
}) {
const emailInput = "email" in rest ? rest.email : undefined;
@@ -89,6 +91,8 @@ export default function getRecipeInterface(
timeout,
attestation,
supportedAlgorithmIds,
userVerification,
residentKey,
},
userContext
);
1 change: 0 additions & 1 deletion lib/ts/recipe/webauthn/types.ts
Original file line number Diff line number Diff line change
@@ -156,7 +156,6 @@ export type RecipeInterface = {
relyingPartyName: string;
displayName?: string;
origin: string;
requireResidentKey: boolean | undefined; // should default to false in order to allow multiple authenticators to be used; see https://auth0.com/blog/a-look-at-webauthn-resident-credentials/
// default to 'required' in order store the private key locally on the device and not on the server
residentKey: ResidentKey | undefined;
// default to 'preferred' in order to verify the user (biometrics, pin, etc) based on the device preferences
4 changes: 1 addition & 3 deletions lib/ts/recipe/webauthn/utils.ts
Original file line number Diff line number Diff line change
@@ -94,9 +94,7 @@ function validateAndNormaliseRelyingPartyIdConfig(
} else if (typeof relyingPartyIdConfig === "function") {
return relyingPartyIdConfig(props);
} else {
const urlString = normalisedAppinfo
.getOrigin({ request: props.request, userContext: props.userContext })
.getAsStringDangerous();
const urlString = normalisedAppinfo.apiDomain.getAsStringDangerous();

// should let this throw if the url is invalid
const url = new URL(urlString);
15 changes: 15 additions & 0 deletions test/webauthn/apis.test.js
Original file line number Diff line number Diff line change
@@ -132,6 +132,21 @@ describe(`apisFunctions: ${printPath("[test/webauthn/apis.test.js]")}`, function
validateEmailAddress: (email) => {
return email === "test@example.com" ? undefined : "Invalid email";
},
override: {
functions: (originalImplementation) => {
return {
...originalImplementation,
signInOptions: (input) => {
return originalImplementation.signInOptions({
...input,
timeout: 10 * 1000,
userVerification: "required",
relyingPartyId: "testId.com",
});
},
};
},
},
}),
],
});
Loading