@oussemasahbeni/keycloakify-login-shadcn 250004.0.8 → 250004.0.10

package/keycloak-theme/public/keycloak-theme/login/js/webauthnAuthenticate.js

@@ -0,0 +1,113 @@
+/**
+ * This file has been claimed for ownership from @keycloakify/login-ui version 250004.6.5.
+ * To relinquish ownership and restore this file to its original content, run the following command:
+ * 
+ * $ npx keycloakify own --path "login/js/webauthnAuthenticate.js" --public --revert
+ */
+
+
+    
+import { base64url } from "./rfc4648.js";
+
+// singleton
+let abortController = undefined;
+
+export function signal() {
+    if (abortController) {
+        // abort the previous call
+        const abortError = new Error("Cancelling pending WebAuthn call");
+        abortError.name = "AbortError";
+        abortController.abort(abortError);
+    }
+
+    abortController = new AbortController();
+    return abortController.signal;
+}
+
+export async function authenticateByWebAuthn(input) {
+    if (!input.isUserIdentified) {
+        try {
+            const result = await doAuthenticate([], input.challenge, input.userVerification, input.rpId, input.createTimeout, input.errmsg);
+            returnSuccess(result);
+        } catch (error) {
+            returnFailure(error);
+        }
+        return;
+    }
+    checkAllowCredentials(input.challenge, input.userVerification, input.rpId, input.createTimeout, input.errmsg);
+}
+
+async function checkAllowCredentials(challenge, userVerification, rpId, createTimeout, errmsg) {
+    const allowCredentials = [];
+    const authnUse = document.forms['authn_select'].authn_use_chk;
+    if (authnUse !== undefined) {
+        if (authnUse.length === undefined) {
+            allowCredentials.push({
+                id: base64url.parse(authnUse.value, {loose: true}),
+                type: 'public-key',
+            });
+        } else {
+            authnUse.forEach((entry) =>
+                allowCredentials.push({
+                    id: base64url.parse(entry.value, {loose: true}),
+                    type: 'public-key',
+                }));
+        }
+    }
+    try {
+        const result = await doAuthenticate(allowCredentials, challenge, userVerification, rpId, createTimeout, errmsg);
+        returnSuccess(result);
+    } catch (error) {
+        returnFailure(error);
+    }
+}
+
+function doAuthenticate(allowCredentials, challenge, userVerification, rpId, createTimeout, errmsg) {
+    // Check if WebAuthn is supported by this browser
+    if (!window.PublicKeyCredential) {
+        returnFailure(errmsg);
+        return;
+    }
+
+    const publicKey = {
+        rpId : rpId,
+        challenge: base64url.parse(challenge, { loose: true })
+    };
+
+    if (createTimeout !== 0) {
+        publicKey.timeout = createTimeout * 1000;
+    }
+
+    if (allowCredentials.length) {
+        publicKey.allowCredentials = allowCredentials;
+    }
+
+    if (userVerification !== 'not specified') {
+        publicKey.userVerification = userVerification;
+    }
+
+    return navigator.credentials.get({
+        publicKey: publicKey,
+        signal: signal()
+    });
+}
+
+export function returnSuccess(result) {
+    document.getElementById("clientDataJSON").value = base64url.stringify(new Uint8Array(result.response.clientDataJSON), { pad: false });
+    document.getElementById("authenticatorData").value = base64url.stringify(new Uint8Array(result.response.authenticatorData), { pad: false });
+    document.getElementById("signature").value = base64url.stringify(new Uint8Array(result.response.signature), { pad: false });
+    document.getElementById("credentialId").value = result.id;
+    if (result.response.userHandle) {
+        document.getElementById("userHandle").value = base64url.stringify(new Uint8Array(result.response.userHandle), { pad: false });
+    }
+    document.getElementById("webauth").requestSubmit();
+}
+
+export function returnFailure(err) {
+    document.getElementById("error").value = err;
+    document.getElementById("webauth").requestSubmit();
+}
+
+    
+    
+    

package/keycloak-theme/public/keycloak-theme/login/js/webauthnRegister.js

@@ -0,0 +1,153 @@
+/**
+ * This file has been claimed for ownership from @keycloakify/login-ui version 250004.6.5.
+ * To relinquish ownership and restore this file to its original content, run the following command:
+ * 
+ * $ npx keycloakify own --path "login/js/webauthnRegister.js" --public --revert
+ */
+
+
+
+import { base64url } from "./rfc4648.js";
+
+export async function registerByWebAuthn(input) {
+
+    // Check if WebAuthn is supported by this browser
+    if (!window.PublicKeyCredential) {
+        returnFailure(input.errmsg);
+        return;
+    }
+
+    const publicKey = {
+        challenge: base64url.parse(input.challenge, {loose: true}),
+        rp: {id: input.rpId, name: input.rpEntityName},
+        user: {
+            id: base64url.parse(input.userid, {loose: true}),
+            name: input.username,
+            displayName: input.username
+        },
+        pubKeyCredParams: getPubKeyCredParams(input.signatureAlgorithms),
+    };
+
+    if (input.attestationConveyancePreference !== 'not specified') {
+        publicKey.attestation = input.attestationConveyancePreference;
+    }
+
+    const authenticatorSelection = {};
+    let isAuthenticatorSelectionSpecified = false;
+
+    if (input.authenticatorAttachment !== 'not specified') {
+        authenticatorSelection.authenticatorAttachment = input.authenticatorAttachment;
+        isAuthenticatorSelectionSpecified = true;
+    }
+
+    if (input.requireResidentKey !== 'not specified') {
+        if (input.requireResidentKey === 'Yes') {
+            authenticatorSelection.requireResidentKey = true;
+        } else {
+            authenticatorSelection.requireResidentKey = false;
+        }
+        isAuthenticatorSelectionSpecified = true;
+    }
+
+    if (input.userVerificationRequirement !== 'not specified') {
+        authenticatorSelection.userVerification = input.userVerificationRequirement;
+        isAuthenticatorSelectionSpecified = true;
+    }
+
+    if (isAuthenticatorSelectionSpecified) {
+        publicKey.authenticatorSelection = authenticatorSelection;
+    }
+
+    if (input.createTimeout !== 0) {
+        publicKey.timeout = input.createTimeout * 1000;
+    }
+
+    const excludeCredentials = getExcludeCredentials(input.excludeCredentialIds);
+    if (excludeCredentials.length > 0) {
+        publicKey.excludeCredentials = excludeCredentials;
+    }
+
+    try {
+        const result = await doRegister(publicKey);
+        returnSuccess(result, input.initLabel, input.initLabelPrompt);
+    } catch (error) {
+        returnFailure(error);
+    }
+}
+
+function doRegister(publicKey) {
+    return navigator.credentials.create({publicKey});
+}
+
+function getPubKeyCredParams(signatureAlgorithmsList) {
+    const pubKeyCredParams = [];
+    if (signatureAlgorithmsList.length === 0) {
+        pubKeyCredParams.push({type: "public-key", alg: -7});
+        return pubKeyCredParams;
+    }
+
+    for (const entry of signatureAlgorithmsList) {
+        pubKeyCredParams.push({
+            type: "public-key",
+            alg: entry
+        });
+    }
+
+    return pubKeyCredParams;
+}
+
+function getExcludeCredentials(excludeCredentialIds) {
+    const excludeCredentials = [];
+    if (excludeCredentialIds === "") {
+        return excludeCredentials;
+    }
+
+    for (const entry of excludeCredentialIds.split(',')) {
+        excludeCredentials.push({
+            type: "public-key",
+            id: base64url.parse(entry, {loose: true})
+        });
+    }
+
+    return excludeCredentials;
+}
+
+function getTransportsAsString(transportsList) {
+    if (!Array.isArray(transportsList)) {
+        return "";
+    }
+
+    return transportsList.join();
+}
+
+function returnSuccess(result, initLabel, initLabelPrompt) {
+    document.getElementById("clientDataJSON").value = base64url.stringify(new Uint8Array(result.response.clientDataJSON), {pad: false});
+    document.getElementById("attestationObject").value = base64url.stringify(new Uint8Array(result.response.attestationObject), {pad: false});
+    document.getElementById("publicKeyCredentialId").value = base64url.stringify(new Uint8Array(result.rawId), {pad: false});
+
+    if (typeof result.response.getTransports === "function") {
+        const transports = result.response.getTransports();
+        if (transports) {
+            document.getElementById("transports").value = getTransportsAsString(transports);
+        }
+    } else {
+        console.log("Your browser is not able to recognize supported transport media for the authenticator.");
+    }
+
+    let labelResult = window.prompt(initLabelPrompt, initLabel);
+    if (labelResult === null) {
+        labelResult = initLabel;
+    }
+    document.getElementById("authenticatorLabel").value = labelResult;
+
+    document.getElementById("register").requestSubmit();
+}
+
+function returnFailure(err) {
+    document.getElementById("error").value = err;
+    document.getElementById("register").requestSubmit();
+}
+
+
+    
+    

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@oussemasahbeni/keycloakify-login-shadcn",
-  "version": "250004.0.8",
+  "version": "250004.0.10",
   "description": "Keycloakify Shadcn Theme extensions",
   "license": "MIT",
   "repository": {