Closed ivixvi closed 3 months ago
We specified only RS256 as the allowed algorithm at this line, but it seems that there are terminals where it is successfully saved as a base64url string on DynamoDB.
Device: laptop PC manufactured by VAIO OS: Windows 11 Home (23H2) Passkey Store: Windows Hello
P.S. Use Library Version: v0.13.1
If it's acceptable to directly address the point of error, you may want to insert the following code to rectify the issue.
if(storedCredential.jwk.n instanceof Uint8Array) {
storedCredential.jwk.n = Buffer.from(storedCredential.jwk.n).toString('base64url');
}
if(storedCredential.jwk.e instanceof Uint8Array) {
storedCredential.jwk.e = Buffer.from(storedCredential.jwk.e).toString('base64url');
}
Hi mate!
This should have been fixed in https://github.com/aws-samples/amazon-cognito-passwordless-auth/pull/148/files
So that is since https://github.com/aws-samples/amazon-cognito-passwordless-auth/releases/tag/v0.12.2
What version are you on?
But you're right that that fix stops new cases from arising, but for existing records in the DB you'd need code similar to yours or do a one time DB fix: update records when n and e are stored as bindary and base64url them
Thank you for answering!
but for existing records in the DB you'd need code similar to yours or do a one time DB fix: update records when n and e are stored as bindary and base64url them
Certainly, the credentials mentioned in the issue may have been created at the time of v0.10.0 I also reviewed that PR, but I overlooked the impact on existing records... X(
Given the responsibilities of this repository, we believe there is no need to be overly sensitive to backward compatibility. Or should I create a PR?
If it's not necessary, I will close this issue after confirming its operation.
Ok thanks for the confirmation
Agreed, don't think a PR is necessary.
Thanks for reporting anyway!
I have confirmed the operation, so I will close this issue. Thank you again!
When attempting to sign in using the passkey stored in the AuthenticatorsTable in the following format and algorithm RS256, a TypeError occurs.
Use Library Version:
v0.13.1
(P.S. This credential is created at Library Version:v0.10.0
) and we confirm that this issue is observed in the following device:The traceback is as follows: