From 06ee928aac32474ceffcb8a837ab0669dea6515e Mon Sep 17 00:00:00 2001 From: Manav Rathi Date: Fri, 7 Jun 2024 15:06:01 +0530 Subject: [PATCH] Acknowledge that we're not taking care of excludedCredentials currently --- web/apps/accounts/src/services/passkey.ts | 19 ++++++++++++++++--- 1 file changed, 16 insertions(+), 3 deletions(-) diff --git a/web/apps/accounts/src/services/passkey.ts b/web/apps/accounts/src/services/passkey.ts index f3b4f7aae8..f1a04afc62 100644 --- a/web/apps/accounts/src/services/passkey.ts +++ b/web/apps/accounts/src/services/passkey.ts @@ -163,10 +163,23 @@ const beginPasskeyRegistration = async () => { // one that has `PublicKeyCredentialCreationOptions`. // // 2. Convert the two binary data fields that are expected to be in the - // response from URLEncodedBase64 strings to Uint8Arrays. + // response from URLEncodedBase64 strings to Uint8Arrays. There is a + // third possibility, excludedCredentials[].id, but that we don't + // currently use. // - // To further complicate things, the libdom.ts typings included with the - // current TypeScript version (5.4) indicate these binary types as a + // The web.dev guide calls this out too: + // + // > ArrayBuffer values transferred from the server such as `challenge`, + // > `user.id` and credential `id` for `excludeCredentials` need to be + // > encoded on transmission. Don't forget to decode them on the frontend + // > before passing to the WebAuthn API call. We recommend using Base64URL + // > encode. + // > + // > https://web.dev/articles/passkey-registration + // + // So that's that. But to further complicate things, the libdom.ts typings + // included with the current TypeScript version (5.4) indicate these binary + // types as a: // // type BufferSource = ArrayBufferView | ArrayBuffer //