@micha.bigler/ui-core-micha 1.4.33 → 1.4.34

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/utils/authService.js +16 -12
  2. package/package.json +1 -1
  3. package/src/utils/authService.js +17 -12
package/dist/utils/authService.js CHANGED
@@ -2,6 +2,8 @@ import { getPasskeyRegistrationOptions, completePasskeyRegistration, getPasskeyL
2
2
  import { ensureWebAuthnSupport, serializeCredential } from '../utils/webauthn';
3
3
  import { normaliseApiError } from '../utils/auth-errors';
4
4
  import apiClient from '../auth/apiClient';
5
+ // Falls du die Konstanten importieren möchtest, um Hardcoding zu vermeiden:
6
+ import { HEADLESS_BASE } from '../auth/authConfig';
5
7
  export async function registerPasskey(name = 'Passkey') {
6
8
  ensureWebAuthnSupport();
7
9
  // 1. Get Options from Server
@@ -9,10 +11,9 @@ export async function registerPasskey(name = 'Passkey') {
9
11
  // 2. Call Browser API
10
12
  let credential;
11
13
  try {
12
- // FIX: options enthält bereits die korrekte Struktur für create()
13
- const options = window.PublicKeyCredential.parseCreationOptionsFromJSON(creationOptions);
14
- // FIX: Kein manuelles { publicKey: ... } Wrapping mehr!
15
- credential = await navigator.credentials.create(options);
14
+ const publicKeyOptions = window.PublicKeyCredential.parseCreationOptionsFromJSON(creationOptions);
15
+ // KORREKTUR: Wir MÜSSEN { publicKey: ... } wrappen!
16
+ credential = await navigator.credentials.create({ publicKey: publicKeyOptions });
16
17
  }
17
18
  catch (err) {
18
19
  if (err.name === 'NotAllowedError') {
@@ -31,10 +32,9 @@ export async function loginWithPasskey() {
31
32
  // 2. Browser Sign
32
33
  let assertion;
33
34
  try {
34
- // FIX: options enthält bereits die korrekte Struktur für get()
35
- const options = window.PublicKeyCredential.parseRequestOptionsFromJSON(requestOptions);
36
- // FIX: Kein manuelles { publicKey: ... } Wrapping mehr!
37
- assertion = await navigator.credentials.get(options);
35
+ const publicKeyOptions = window.PublicKeyCredential.parseRequestOptionsFromJSON(requestOptions);
36
+ // KORREKTUR: Wir MÜSSEN { publicKey: ... } wrappen!
37
+ assertion = await navigator.credentials.get({ publicKey: publicKeyOptions });
38
38
  }
39
39
  catch (err) {
40
40
  if (err.name === 'NotAllowedError') {
@@ -56,7 +56,11 @@ export async function authenticateMfaWithPasskey() {
56
56
  ensureWebAuthnSupport();
57
57
  let requestOptions;
58
58
  try {
59
- const res = await apiClient.get('/api/auth/browser/v1/auth/2fa/authenticate');
59
+ // Nutze HEADLESS_BASE falls verfügbar, sonst den Pfad
60
+ const url = typeof HEADLESS_BASE !== 'undefined'
61
+ ? `${HEADLESS_BASE}/auth/2fa/authenticate`
62
+ : '/api/auth/browser/v1/auth/2fa/authenticate';
63
+ const res = await apiClient.get(url);
60
64
  const data = ((_a = res.data) === null || _a === void 0 ? void 0 : _a.data) || res.data;
61
65
  requestOptions = data.request_options || data;
62
66
  }
@@ -69,9 +73,9 @@ export async function authenticateMfaWithPasskey() {
69
73
  // 2. Browser Sign
70
74
  let assertion;
71
75
  try {
72
- const options = window.PublicKeyCredential.parseRequestOptionsFromJSON(requestOptions);
73
- // FIX: Kein manuelles Wrapping
74
- assertion = await navigator.credentials.get(options);
76
+ const publicKeyOptions = window.PublicKeyCredential.parseRequestOptionsFromJSON(requestOptions);
77
+ // KORREKTUR: Wir MÜSSEN { publicKey: ... } wrappen!
78
+ assertion = await navigator.credentials.get({ publicKey: publicKeyOptions });
75
79
  }
76
80
  catch (err) {
77
81
  if (err.name === 'NotAllowedError') {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@micha.bigler/ui-core-micha",
3
- "version": "1.4.33",
3
+ "version": "1.4.34",
4
4
  "main": "dist/index.js",
5
5
  "module": "dist/index.js",
6
6
  "private": false,
package/src/utils/authService.js CHANGED
@@ -13,6 +13,8 @@ import {
13
13
  } from '../utils/webauthn';
14
14
  import { normaliseApiError } from '../utils/auth-errors';
15
15
  import apiClient from '../auth/apiClient';
16
+ // Falls du die Konstanten importieren möchtest, um Hardcoding zu vermeiden:
17
+ import { HEADLESS_BASE } from '../auth/authConfig';
16
18
 
17
19
  export async function registerPasskey(name = 'Passkey') {
18
20
  ensureWebAuthnSupport();
@@ -23,10 +25,9 @@ export async function registerPasskey(name = 'Passkey') {
23
25
  // 2. Call Browser API
24
26
  let credential;
25
27
  try {
26
- // FIX: options enthält bereits die korrekte Struktur für create()
27
- const options = window.PublicKeyCredential.parseCreationOptionsFromJSON(creationOptions);
28
- // FIX: Kein manuelles { publicKey: ... } Wrapping mehr!
29
- credential = await navigator.credentials.create(options);
28
+ const publicKeyOptions = window.PublicKeyCredential.parseCreationOptionsFromJSON(creationOptions);
29
+ // KORREKTUR: Wir MÜSSEN { publicKey: ... } wrappen!
30
+ credential = await navigator.credentials.create({ publicKey: publicKeyOptions });
30
31
  } catch (err) {
31
32
  if (err.name === 'NotAllowedError') {
32
33
  throw normaliseApiError(new Error('Auth.PASSKEY_CANCELLED'), 'Auth.PASSKEY_CANCELLED');
@@ -48,10 +49,9 @@ export async function loginWithPasskey() {
48
49
  // 2. Browser Sign
49
50
  let assertion;
50
51
  try {
51
- // FIX: options enthält bereits die korrekte Struktur für get()
52
- const options = window.PublicKeyCredential.parseRequestOptionsFromJSON(requestOptions);
53
- // FIX: Kein manuelles { publicKey: ... } Wrapping mehr!
54
- assertion = await navigator.credentials.get(options);
52
+ const publicKeyOptions = window.PublicKeyCredential.parseRequestOptionsFromJSON(requestOptions);
53
+ // KORREKTUR: Wir MÜSSEN { publicKey: ... } wrappen!
54
+ assertion = await navigator.credentials.get({ publicKey: publicKeyOptions });
55
55
  } catch (err) {
56
56
  if (err.name === 'NotAllowedError') {
57
57
  throw normaliseApiError(new Error('Auth.PASSKEY_CANCELLED'), 'Auth.PASSKEY_CANCELLED');
@@ -75,7 +75,12 @@ export async function authenticateMfaWithPasskey() {
75
75
 
76
76
  let requestOptions;
77
77
  try {
78
- const res = await apiClient.get('/api/auth/browser/v1/auth/2fa/authenticate');
78
+ // Nutze HEADLESS_BASE falls verfügbar, sonst den Pfad
79
+ const url = typeof HEADLESS_BASE !== 'undefined'
80
+ ? `${HEADLESS_BASE}/auth/2fa/authenticate`
81
+ : '/api/auth/browser/v1/auth/2fa/authenticate';
82
+
83
+ const res = await apiClient.get(url);
79
84
  const data = res.data?.data || res.data;
80
85
  requestOptions = data.request_options || data;
81
86
  } catch (err) {
@@ -89,9 +94,9 @@ export async function authenticateMfaWithPasskey() {
89
94
  // 2. Browser Sign
90
95
  let assertion;
91
96
  try {
92
- const options = window.PublicKeyCredential.parseRequestOptionsFromJSON(requestOptions);
93
- // FIX: Kein manuelles Wrapping
94
- assertion = await navigator.credentials.get(options);
97
+ const publicKeyOptions = window.PublicKeyCredential.parseRequestOptionsFromJSON(requestOptions);
98
+ // KORREKTUR: Wir MÜSSEN { publicKey: ... } wrappen!
99
+ assertion = await navigator.credentials.get({ publicKey: publicKeyOptions });
95
100
  } catch (err) {
96
101
  if (err.name === 'NotAllowedError') {
97
102
  throw normaliseApiError(new Error('Auth.PASSKEY_CANCELLED'), 'Auth.PASSKEY_CANCELLED');