npm - @micha.bigler/ui-core-micha - Versions diffs - 1.4.33 → 1.4.35 - Mend

@micha.bigler/ui-core-micha 1.4.33 → 1.4.35

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (5) hide show

package/dist/pages/LoginPage.js +1 -1
package/dist/utils/authService.js +29 -12
package/package.json +1 -1
package/src/pages/LoginPage.jsx +1 -1
package/src/utils/authService.js +37 -12

package/dist/pages/LoginPage.js CHANGED Viewed

@@ -80,7 +80,7 @@ export function LoginPage() {
         setSubmitting(true);
         try {
             // Service handles browser interaction + API calls
-            const { user } = await loginWithPasskey();
+            const user = await loginWithPasskey();
             handleLoginSuccess(user);
         }
         catch (err) {

package/dist/utils/authService.js CHANGED Viewed

@@ -2,6 +2,14 @@ import { getPasskeyRegistrationOptions, completePasskeyRegistration, getPasskeyL
 import { ensureWebAuthnSupport, serializeCredential } from '../utils/webauthn';
 import { normaliseApiError } from '../utils/auth-errors';
 import apiClient from '../auth/apiClient';
+import { HEADLESS_BASE } from '../auth/authConfig';
+// HILFSFUNKTION: Entpackt die Optionen, falls sie in 'publicKey' stecken
+function resolveWebAuthnOptions(options) {
+    if (options && options.publicKey) {
+        return options.publicKey;
+    }
+    return options;
+}
 export async function registerPasskey(name = 'Passkey') {
     ensureWebAuthnSupport();
     // 1. Get Options from Server
@@ -9,10 +17,11 @@ export async function registerPasskey(name = 'Passkey') {
     // 2. Call Browser API
     let credential;
     try {
-        // FIX: options enthält bereits die korrekte Struktur für create()
-        const options = window.PublicKeyCredential.parseCreationOptionsFromJSON(creationOptions);
-        // FIX: Kein manuelles { publicKey: ... } Wrapping mehr!
-        credential = await navigator.credentials.create(options);
+        // FIX: Erst entpacken (JSON -> JSON ohne publicKey Wrapper)
+        const optionsJson = resolveWebAuthnOptions(creationOptions);
+        // Dann parsen (JSON -> ArrayBuffer)
+        const publicKeyOptions = window.PublicKeyCredential.parseCreationOptionsFromJSON(creationOptions);
+        credential = await navigator.credentials.create({ publicKey: publicKeyOptions });
     }
     catch (err) {
         if (err.name === 'NotAllowedError') {
@@ -31,10 +40,11 @@ export async function loginWithPasskey() {
     // 2. Browser Sign
     let assertion;
     try {
-        // FIX: options enthält bereits die korrekte Struktur für get()
-        const options = window.PublicKeyCredential.parseRequestOptionsFromJSON(requestOptions);
-        // FIX: Kein manuelles { publicKey: ... } Wrapping mehr!
-        assertion = await navigator.credentials.get(options);
+        // FIX: Erst entpacken
+        const optionsJson = resolveWebAuthnOptions(requestOptions);
+        // Dann parsen
+        const publicKeyOptions = window.PublicKeyCredential.parseRequestOptionsFromJSON(optionsJson);
+        assertion = await navigator.credentials.get({ publicKey: publicKeyOptions });
     }
     catch (err) {
         if (err.name === 'NotAllowedError') {
@@ -56,7 +66,11 @@ export async function authenticateMfaWithPasskey() {
     ensureWebAuthnSupport();
     let requestOptions;
     try {
-        const res = await apiClient.get('/api/auth/browser/v1/auth/2fa/authenticate');
+        const url = typeof HEADLESS_BASE !== 'undefined'
+            ? `${HEADLESS_BASE}/auth/2fa/authenticate`
+            : '/api/auth/browser/v1/auth/2fa/authenticate';
+        const res = await apiClient.get(url);
+        // Allauth liefert oft: { data: { request_options: { publicKey: ... } } }
         const data = ((_a = res.data) === null || _a === void 0 ? void 0 : _a.data) || res.data;
         requestOptions = data.request_options || data;
     }
@@ -69,9 +83,12 @@ export async function authenticateMfaWithPasskey() {
     // 2. Browser Sign
     let assertion;
     try {
-        const options = window.PublicKeyCredential.parseRequestOptionsFromJSON(requestOptions);
-        // FIX: Kein manuelles Wrapping
-        assertion = await navigator.credentials.get(options);
+        // FIX: Erst entpacken
+        const optionsJson = resolveWebAuthnOptions(requestOptions);
+        // Dann parsen
+        const publicKeyOptions = window.PublicKeyCredential.parseRequestOptionsFromJSON(optionsJson);
+        // Dann wrappen
+        assertion = await navigator.credentials.get({ publicKey: publicKeyOptions });
     }
     catch (err) {
         if (err.name === 'NotAllowedError') {

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@micha.bigler/ui-core-micha",
-  "version": "1.4.33",
+  "version": "1.4.35",
   "main": "dist/index.js",
   "module": "dist/index.js",
   "private": false,

package/src/pages/LoginPage.jsx CHANGED Viewed

@@ -92,7 +92,7 @@ export function LoginPage() {
     setSubmitting(true);
     try {
       // Service handles browser interaction + API calls
-      const { user } = await loginWithPasskey();
+      const user = await loginWithPasskey();
       handleLoginSuccess(user);
     } catch (err) {
       // 'Auth.PASSKEY_CANCELLED' is generic, maybe ignore visually or show specific hint

package/src/utils/authService.js CHANGED Viewed

@@ -13,6 +13,15 @@ import {
 } from '../utils/webauthn';
 import { normaliseApiError } from '../utils/auth-errors';
 import apiClient from '../auth/apiClient';
+import { HEADLESS_BASE } from '../auth/authConfig';
+// HILFSFUNKTION: Entpackt die Optionen, falls sie in 'publicKey' stecken
+function resolveWebAuthnOptions(options) {
+    if (options && options.publicKey) {
+        return options.publicKey;
+    }
+    return options;
+}
 export async function registerPasskey(name = 'Passkey') {
   ensureWebAuthnSupport();
@@ -23,10 +32,13 @@ export async function registerPasskey(name = 'Passkey') {
   // 2. Call Browser API
   let credential;
   try {
-      // FIX: options enthält bereits die korrekte Struktur für create()
-      const options = window.PublicKeyCredential.parseCreationOptionsFromJSON(creationOptions);
-      // FIX: Kein manuelles { publicKey: ... } Wrapping mehr!
-      credential = await navigator.credentials.create(options);
+      // FIX: Erst entpacken (JSON -> JSON ohne publicKey Wrapper)
+      const optionsJson = resolveWebAuthnOptions(creationOptions);
+      // Dann parsen (JSON -> ArrayBuffer)
+      const publicKeyOptions =
+        window.PublicKeyCredential.parseCreationOptionsFromJSON(creationOptions);
+      credential = await navigator.credentials.create({ publicKey: publicKeyOptions });
   } catch (err) {
       if (err.name === 'NotAllowedError') {
           throw normaliseApiError(new Error('Auth.PASSKEY_CANCELLED'), 'Auth.PASSKEY_CANCELLED');
@@ -48,10 +60,13 @@ export async function loginWithPasskey() {
     // 2. Browser Sign
     let assertion;
     try {
-        // FIX: options enthält bereits die korrekte Struktur für get()
-        const options = window.PublicKeyCredential.parseRequestOptionsFromJSON(requestOptions);
-        // FIX: Kein manuelles { publicKey: ... } Wrapping mehr!
-        assertion = await navigator.credentials.get(options);
+        // FIX: Erst entpacken
+        const optionsJson = resolveWebAuthnOptions(requestOptions);
+        // Dann parsen
+        const publicKeyOptions =
+          window.PublicKeyCredential.parseRequestOptionsFromJSON(optionsJson);
+        assertion = await navigator.credentials.get({ publicKey: publicKeyOptions });
     } catch (err) {
          if (err.name === 'NotAllowedError') {
             throw normaliseApiError(new Error('Auth.PASSKEY_CANCELLED'), 'Auth.PASSKEY_CANCELLED');
@@ -75,7 +90,12 @@ export async function authenticateMfaWithPasskey() {
     let requestOptions;
     try {
-        const res = await apiClient.get('/api/auth/browser/v1/auth/2fa/authenticate');
+        const url = typeof HEADLESS_BASE !== 'undefined'
+            ? `${HEADLESS_BASE}/auth/2fa/authenticate`
+            : '/api/auth/browser/v1/auth/2fa/authenticate';
+        const res = await apiClient.get(url);
+        // Allauth liefert oft: { data: { request_options: { publicKey: ... } } }
         const data = res.data?.data || res.data;
         requestOptions = data.request_options || data;
     } catch (err) {
@@ -89,9 +109,14 @@ export async function authenticateMfaWithPasskey() {
     // 2. Browser Sign
     let assertion;
     try {
-        const options = window.PublicKeyCredential.parseRequestOptionsFromJSON(requestOptions);
-        // FIX: Kein manuelles Wrapping
-        assertion = await navigator.credentials.get(options);
+        // FIX: Erst entpacken
+        const optionsJson = resolveWebAuthnOptions(requestOptions);
+        // Dann parsen
+        const publicKeyOptions = window.PublicKeyCredential.parseRequestOptionsFromJSON(optionsJson);
+        // Dann wrappen
+        assertion = await navigator.credentials.get({ publicKey: publicKeyOptions });
     } catch (err) {
          if (err.name === 'NotAllowedError') {
             throw normaliseApiError(new Error('Auth.PASSKEY_CANCELLED'), 'Auth.PASSKEY_CANCELLED');