Closed bigjohnson closed 6 months ago
The /routes/webauthn.js loose the json code that save credId in jsonable format and actually if you restart the app old user cannot login.
new code db
{ "users": { "alberto": { "name": "alberto", "registered": true, "id": "bME40SEc-T7CSkCfymytlPPYeM3f-dqpg0Tprbn0KmQ", "authenticators": [ { "credId": {}, "publicKey": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEVvudYp25pHZwtSy95ss/KYOY4nxi\nYZXmpSJ19fHL8jWtZzpa96/7jPvI68mkDPyXbCfu9wgUXo61ncVD0r0PEQ==\n-----END PUBLIC KEY-----\n", "type": "public-key", "transports": [ "usb" ], "counter": 0, "created": 1707906471482 } ] } } }
correct code db:
{ "users": { "test_01": { "name": "test_01", "registered": true, "id": "4KGEPeAyuP6sMFOxgYqRrcfgLdwhBZz1vjxO1MS4x_I", "authenticators": [ { "credId": { "0": 1, "1": 12, "2": 41, "3": 100, "4": 156, "5": 105, "6": 210, "7": 194, "8": 10, "9": 29, "10": 93, "11": 233, "12": 3, "13": 8, "14": 177, "15": 99, "16": 164, "17": 9, "18": 98, "19": 82, "20": 192, "21": 243, "22": 51, "23": 183, "24": 101, "25": 59, "26": 233, "27": 76, "28": 228, "29": 120, "30": 20, "31": 70, "32": 246, "33": 133, "34": 244, "35": 164, "36": 46, "37": 232, "38": 154, "39": 227, "40": 243, "41": 108, "42": 117, "43": 48, "44": 186, "45": 250, "46": 176, "47": 245, "48": 60, "49": 176, "50": 29, "51": 28, "52": 162, "53": 50, "54": 1, "55": 75, "56": 29, "57": 235, "58": 172, "59": 202, "60": 145, "61": 63, "62": 215, "63": 216, "64": 85 }, "publicKey": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEM7qje4qFyJBb8cEmAhGX/gUajVnS\n/cGQJ4QFJofqMlxi8kILJaMFRWquUWf96F1oP42j0TGODRmlVajOk/8gKQ==\n-----END PUBLIC KEY-----\n", "type": "public-key", "counter": 0, "created": 1647307648136 } ] },
the credid in memory cannot be saved in json because it is not in jsonable data type ad need to be converted before save to file and when read from file:
diff webauthn-skeleton-main/routes/webauthn.js webauthn-skeleton-main-mio/routes/webauthn.js 11c11 < f2l = new Fido2(), --- > f2l = new Fido2(config.rpId, config.rpName, undefined, config.challengeTimeoutMs), 15,17d14 < < f2l.init(config.rpId, config.rpName, undefined, config.challengeTimeoutMs); < 79c76 < --- > 110c107 < --- > 114a112 > //challengeMakeCred.excludeCredentials = database.users[ctx.session.username].authenticators.map((e) => { return { id: base64.fromArrayBuffer(e.credId, true), type: e.type }; }); 116c114,121 < return { id: base64.fromArrayBuffer(e.credId, true), type: e.type }; --- > let scrivibile = e.credId; > let non_scrivibile = new ArrayBuffer(32); > let longInt8View = new Uint8Array(non_scrivibile); > for (let i=0; i< longInt8View.length; i++) { > longInt8View[i] = scrivibile[i]; > } > //return { id: base64url.encode(non_scrivibile, true), type: e.type }; > return { id: base64.fromArrayBuffer(non_scrivibile, true), type: e.type }; 118d122 < 153a158,166 > var scrivibile = authr.credId; > //console.log("authr"); > //console.log(authr); > var non_scrivibile = new ArrayBuffer(32); > var longInt8View = new Uint8Array(non_scrivibile); > for (var i=0; i< longInt8View.length; i++) { > longInt8View[i] = scrivibile[i]; > } > 156,157c169,171 < id: base64.fromArrayBuffer(authr.credId, true), < transports: authr.transports --- > //id: base64.fromArrayBuffer(authr.credId, true), > id: base64.fromArrayBuffer(non_scrivibile, true), > transports: ["usb", "nfc", "ble", "internal"] 183a198,199 > let scrivibile = new Uint8Array(result.authnrData.get("credId")); > 185c201,202 < credId: result.authnrData.get("credId"), --- > //credId: result.authnrData.get("credId"), > credId: scrivibile, 188d204 < transports: webauthnResp.transports, 190c206 < created: new Date().getTime(), --- > created: new Date().getTime() 192a209 > //database.users[ctx.session.username].authenticators.push(token); 217a235,242 > > let scrivibile = authr.credId; > let non_scrivibile = new ArrayBuffer(32); > let longInt8View = new Uint8Array(non_scrivibile); > for (var i=0; i< longInt8View.length; i++) { > longInt8View[i] = scrivibile[i]; > } > 226c251,252 < userHandle: authr.credId --- > //userHandle: authr.credId > userHandle: non_scrivibile
Corrected in the two pull requests.
The /routes/webauthn.js loose the json code that save credId in jsonable format and actually if you restart the app old user cannot login.
new code db
{ "users": { "alberto": { "name": "alberto", "registered": true, "id": "bME40SEc-T7CSkCfymytlPPYeM3f-dqpg0Tprbn0KmQ", "authenticators": [ { "credId": {}, "publicKey": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEVvudYp25pHZwtSy95ss/KYOY4nxi\nYZXmpSJ19fHL8jWtZzpa96/7jPvI68mkDPyXbCfu9wgUXo61ncVD0r0PEQ==\n-----END PUBLIC KEY-----\n", "type": "public-key", "transports": [ "usb" ], "counter": 0, "created": 1707906471482 } ] } } }
correct code db:
{ "users": { "test_01": { "name": "test_01", "registered": true, "id": "4KGEPeAyuP6sMFOxgYqRrcfgLdwhBZz1vjxO1MS4x_I", "authenticators": [ { "credId": { "0": 1, "1": 12, "2": 41, "3": 100, "4": 156, "5": 105, "6": 210, "7": 194, "8": 10, "9": 29, "10": 93, "11": 233, "12": 3, "13": 8, "14": 177, "15": 99, "16": 164, "17": 9, "18": 98, "19": 82, "20": 192, "21": 243, "22": 51, "23": 183, "24": 101, "25": 59, "26": 233, "27": 76, "28": 228, "29": 120, "30": 20, "31": 70, "32": 246, "33": 133, "34": 244, "35": 164, "36": 46, "37": 232, "38": 154, "39": 227, "40": 243, "41": 108, "42": 117, "43": 48, "44": 186, "45": 250, "46": 176, "47": 245, "48": 60, "49": 176, "50": 29, "51": 28, "52": 162, "53": 50, "54": 1, "55": 75, "56": 29, "57": 235, "58": 172, "59": 202, "60": 145, "61": 63, "62": 215, "63": 216, "64": 85 }, "publicKey": "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEM7qje4qFyJBb8cEmAhGX/gUajVnS\n/cGQJ4QFJofqMlxi8kILJaMFRWquUWf96F1oP42j0TGODRmlVajOk/8gKQ==\n-----END PUBLIC KEY-----\n", "type": "public-key", "counter": 0, "created": 1647307648136 } ] },
the credid in memory cannot be saved in json because it is not in jsonable data type ad need to be converted before save to file and when read from file: