Pass the package explicitly

web/apps/accounts/src/pages/passkeys/verify.tsx

@@ -46,11 +46,16 @@ const PasskeysFlow = () => {
             return;
         }
 
-        let clientPackage = clientPackageName["photos"];
-        if (redirectURL.protocol === "enteauth:") {
-            clientPackage = clientPackageName["auth"];
-        } else if (redirectURL.hostname.startsWith("accounts")) {
-            clientPackage = clientPackageName["accounts"];
+        let clientPackage = nullToUndefined(searchParams.get("client"));
+        // Mobile apps don't pass the client header, deduce their client package
+        // name from the redirect URL that they provide. TODO-PK: Pass?
+        if (!clientPackage) {
+            clientPackage = clientPackageName["photos"];
+            if (redirectURL.protocol === "enteauth:") {
+                clientPackage = clientPackageName["auth"];
+            } else if (redirectURL.hostname.startsWith("accounts")) {
+                clientPackage = clientPackageName["accounts"];
+            }
         }
 
         localStorage.setItem("clientPackage", clientPackage);

web/packages/accounts/pages/credentials.tsx

@@ -167,7 +167,10 @@ const Page: React.FC<PageProps> = ({ appContext }) => {
                         isTwoFactorPasskeysEnabled: true,
                     });
                     InMemoryStore.set(MS_KEYS.REDIRECT_URL, PAGES.ROOT);
-                    redirectUserToPasskeyVerificationFlow(passkeySessionID);
+                    redirectUserToPasskeyVerificationFlow(
+                        appName,
+                        passkeySessionID,
+                    );
                     throw Error(CustomError.TWO_FACTOR_ENABLED);
                 } else if (twoFactorSessionID) {
                     const sessionKeyAttributes =

web/packages/accounts/pages/verify.tsx

@@ -85,7 +85,10 @@ const Page: React.FC<PageProps> = ({ appContext }) => {
                     isTwoFactorPasskeysEnabled: true,
                 });
                 setIsFirstLogin(true);
-                redirectUserToPasskeyVerificationFlow(passkeySessionID);
+                redirectUserToPasskeyVerificationFlow(
+                    appName,
+                    passkeySessionID,
+                );
             } else if (twoFactorSessionID) {
                 setData(LS_KEYS.USER, {
                     email,

web/packages/accounts/services/passkey.ts

@@ -19,14 +19,18 @@ import { getToken } from "@ente/shared/storage/localStorage/helpers";
  * On successful verification, the accounts app will redirect back to our
  * `/passkeys/finish` page.
  *
+ * @param appName The {@link AppName} of the app which is calling this function.
+ *
  * @param passkeySessionID An identifier provided by museum for this passkey
  * verification session.
  */
 export const redirectUserToPasskeyVerificationFlow = (
+    appName: AppName,
     passkeySessionID: string,
 ) => {
+    const client = clientPackageName[appName];
     const redirect = `${window.location.origin}/passkeys/finish`;
-    const params = new URLSearchParams({ passkeySessionID, redirect });
+    const params = new URLSearchParams({ client, passkeySessionID, redirect });
     window.location.href = `${accountsAppURL()}/passkeys/verify?${params.toString()}`;
 };