npm - @prove-identity/prove-auth - Versions diffs - 2.13.1 → 2.15.1 - Mend

@prove-identity/prove-auth 2.13.1 → 2.15.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (39) hide show

package/build/lib/proveauth/authenticator-builder.js CHANGED Viewed

@@ -21,6 +21,7 @@ const main_authenticator_1 = __importDefault(require("./internal/main-authentica
 const logger_1 = require("./common/logger");
 const settings_1 = __importDefault(require("./internal/settings"));
 const device_context_options_1 = require("./device-context-options");
+const user_ppb_steps_1 = require("./internal/user-ppb-steps");
 var DeviceRole;
 (function (DeviceRole) {
     DeviceRole[DeviceRole["Primary"] = 0] = "Primary";
@@ -36,6 +37,7 @@ class AuthenticatorBuilder {
         this.role = DeviceRole.Primary;
         this.mobileAuthImplementation = MobileAuthImplementation.Fetch;
         this.upkEnabled = false;
+        this.ppbEnabled = false;
         this.log = logger_1.LoggerFactory.getLogger('authenticator-builder');
         if (typeof window !== 'undefined') {
             this.storage = window.localStorage;
@@ -131,6 +133,22 @@ class AuthenticatorBuilder {
         this.upkEnabled = this.userConsentStep != null;
         return this;
     }
+    withPrivacyPreservingBiometrics(startStep, finishStep) {
+        this.ppbEnabled = true;
+        if (typeof startStep === 'function') {
+            this.ppbStartStep = { execute: startStep };
+        }
+        else {
+            this.ppbStartStep = startStep;
+        }
+        if (typeof finishStep === 'function') {
+            this.ppbFinishStep = { execute: finishStep };
+        }
+        else {
+            this.ppbFinishStep = finishStep;
+        }
+        return this;
+    }
     getUrlsByBuildConfig(buildConfig) {
         switch (buildConfig) {
             case device_context_options_1.BuildConfig.US_PROD:
@@ -144,7 +162,8 @@ class AuthenticatorBuilder {
                     device_context_options_1.ProveAuthProxyEndpoint.DEFAULT_US_UAT_ENDPOINT.toString(),
                 ];
             case device_context_options_1.BuildConfig.DEV:
-                this.log.debug("Recommended for Prove's internal testing only, BuildConfig.DEV might need custom endpoint URL and custom script URL values to bypass ad blockers");
+                this.log.debug("Recommended for Prove's internal testing only, BuildConfig.DEV " +
+                    'might need custom endpoint URL and custom script URL values to bypass ad blockers');
                 return [undefined, undefined];
             default:
                 this.log.warn('Unknown BuildConfig value: ' + buildConfig);
@@ -237,8 +256,10 @@ class AuthenticatorBuilder {
                 new mobile_instant_step_1.default(this.mobileAuthImplementation, this.getDeviceIp),
                 new mobile_instantlink_step_1.default(this.instantLinkStartStep, this.instantLinkRetryStep, this.getDeviceIp),
                 new mobile_otp_step_1.default(this.otpStartStep, this.otpFinishStep),
-                new user_mobileactive_step_1.default(),
                 new scan_message_step_1.default(this.authMessageHandler),
+                new user_mobileactive_step_1.default(),
+                new user_ppb_steps_1.UserPpbEnrollStep(this.ppbEnabled, this.ppbStartStep, this.ppbFinishStep),
+                new user_ppb_steps_1.UserPpbVerifyStep(this.ppbEnabled, this.ppbStartStep, this.ppbFinishStep),
             ]);
         }
         else {
@@ -246,6 +267,8 @@ class AuthenticatorBuilder {
                 new device_passive_step_1.default(this.getDisplayName, undefined, this.role),
                 new mobile_instant_step_1.default(this.mobileAuthImplementation, this.getDeviceIp),
                 new mobile_instantlink_step_1.default(this.instantLinkStartStep, this.instantLinkRetryStep, this.getDeviceIp),
+                new user_ppb_steps_1.UserPpbEnrollStep(this.ppbEnabled, this.ppbStartStep, this.ppbFinishStep),
+                new user_ppb_steps_1.UserPpbVerifyStep(this.ppbEnabled, this.ppbStartStep, this.ppbFinishStep),
             ]);
         }
     }

package/build/lib/proveauth/external/@authid/web-component/authid-web-component.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+declare class AuthIDComponent extends HTMLElement {
+    connectedCallback(): void;
+}

package/build/lib/proveauth/external/@authid/web-component/authid-web-component.js ADDED Viewed

@@ -0,0 +1,55 @@
+class AuthIDComponent extends HTMLElement {
+    connectedCallback() {
+        const dataUrl = this.getAttribute('data-url');
+        if (!dataUrl) {
+            throw new Error('Missing data-url configuration!');
+        }
+        let dataTarget = this.getAttribute('data-target');
+        if (!dataTarget || dataTarget === 'auto') {
+            dataTarget = /Mobi|Android/i.test(navigator.userAgent) ? 'mobile' : 'desktop';
+        }
+        const iframe = document.createElement('iframe');
+        iframe.setAttribute('allow', 'fullscreen *;camera *;encrypted-media *;');
+        iframe.setAttribute('src', dataUrl);
+        const styleNode = document.createElement('style');
+        styleNode.textContent =
+            'div, iframe {' +
+                'position: fixed;' +
+                'top: 0;' +
+                'left: 0;' +
+                'height: 100vh;' +
+                'width: 100vw;' +
+                'border: 0;' +
+                'padding: 0;' +
+                'margin: 0;' +
+                '}';
+        const shadow = this.attachShadow({ mode: 'closed' });
+        shadow.appendChild(styleNode);
+        const container = document.createElement('div');
+        shadow.appendChild(container);
+        const dataWebauth = this.getAttribute('data-webauth');
+        if (dataWebauth && dataWebauth !== 'false' && dataWebauth !== 'no') {
+            const webauthHandler = document.createElement('script');
+            webauthHandler.setAttribute('src', dataUrl.replace('/?', '/webauthhandler.js?'));
+            shadow.appendChild(webauthHandler);
+        }
+        const dataControl = this.getAttribute('data-control');
+        if (dataControl && dataControl !== 'false' && dataControl !== 'no') {
+            const controlHandler = document.createElement('script');
+            controlHandler.setAttribute('src', dataUrl.replace('/?', '/controlhandler.js?'));
+            shadow.appendChild(controlHandler);
+        }
+        shadow.appendChild(iframe);
+        iframe.addEventListener('load', () => {
+            shadow.removeChild(container);
+            shadow.dispatchEvent(new CustomEvent('load', {
+                composed: true,
+                bubbles: true,
+            }));
+        }, { capture: true, once: true });
+        if (window.getComputedStyle(this)['z-index'] === 'auto') {
+            this.style['z-index'] = 1000;
+        }
+    }
+}
+window.customElements.define('authid-component', AuthIDComponent);

package/build/lib/proveauth/instantlink.d.ts CHANGED Viewed

@@ -1,8 +1,4 @@
-import AuthError from './internal/auth-error';
 import PhoneNumberInput, { PhoneValidationError } from './internal/phone-number-input';
-export declare class InstantLinkMaxRetryError extends AuthError {
-    constructor(message?: string, code?: number);
-}
 export interface InstantLinkStartStep {
     execute: (phoneNumberNeeded: boolean, instantLinkError?: PhoneValidationError) => Promise<PhoneNumberInput | null>;
 }
@@ -12,7 +8,7 @@ export declare enum InstantLinkResultType {
     OnMobileNumberChange = 1
 }
 export interface InstantLinkRetryStep {
-    execute: (instantLinkError?: InstantLinkMaxRetryError) => Promise<InstantLinkResultType>;
+    execute: () => Promise<InstantLinkResultType>;
 }
-export type InstantLinkRetryStepFn = (instantLinkError?: InstantLinkMaxRetryError) => Promise<InstantLinkResultType>;
+export type InstantLinkRetryStepFn = () => Promise<InstantLinkResultType>;
 export type InstantLinkStartInput = PhoneNumberInput;

package/build/lib/proveauth/instantlink.js CHANGED Viewed

@@ -1,16 +1,6 @@
 "use strict";
-var __importDefault = (this && this.__importDefault) || function (mod) {
-    return (mod && mod.__esModule) ? mod : { "default": mod };
-};
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.InstantLinkResultType = exports.InstantLinkMaxRetryError = void 0;
-const auth_error_1 = __importDefault(require("./internal/auth-error"));
-class InstantLinkMaxRetryError extends auth_error_1.default {
-    constructor(message, code) {
-        super(message, code);
-    }
-}
-exports.InstantLinkMaxRetryError = InstantLinkMaxRetryError;
+exports.InstantLinkResultType = void 0;
 var InstantLinkResultType;
 (function (InstantLinkResultType) {
     InstantLinkResultType[InstantLinkResultType["OnResend"] = 0] = "OnResend";

package/build/lib/proveauth/internal/auth-request.d.ts CHANGED Viewed

@@ -1,6 +1,6 @@
 import { MobileAuthImplementation } from '../authenticator-builder';
 import { AuthResponseStatus } from './auth-response-status';
-export type AuthRequest = V1ClientDeviceFido2RegisterStart | V1ClientDeviceFido2RegisterFinish | V1ClientDeviceFido2VerifyStart | V1ClientDeviceFido2VerifyFinish | V1ClientDevicePassiveRegister | V1ClientDevicePassiveVerify | V1ClientUserResponse | V1ClientAnyError | V1ClientChallenge | V1ClientMobileInstantLinkStart | V1ClientMobileInstantStart | V1ClientMobileInstantFinish | V1ClientOtpStart | V1ClientOtpFinish;
+export type AuthRequest = V1ClientDeviceFido2RegisterStart | V1ClientDeviceFido2RegisterFinish | V1ClientDeviceFido2VerifyStart | V1ClientDeviceFido2VerifyFinish | V1ClientDevicePassiveRegister | V1ClientDevicePassiveVerify | V1ClientUserResponse | V1ClientAnyError | V1ClientChallenge | V1ClientMobileInstantLinkStart | V1ClientMobileInstantStart | V1ClientMobileInstantFinish | V1ClientOtpStart | V1ClientOtpFinish | V1ClientPpbFinish;
 export type AuthRegistration = PassiveRegistration | Fido2Registration;
 export interface PublicKey {
     id: string;
@@ -33,7 +33,6 @@ export interface V1ClientDeviceFido2RegisterFinish {
     deviceName: string;
     deviceCapabilities: string[];
     registrations: AuthRegistration[];
-    signals?: Signals;
 }
 export interface V1ClientDeviceFido2VerifyStart {
     deviceId: string;
@@ -52,7 +51,6 @@ export interface WebAuthnAssertion {
 }
 export interface V1ClientDeviceFido2VerifyFinish {
     webAuthnAssertion: WebAuthnAssertion;
-    signals?: Signals;
 }
 export interface V1ClientDevicePassiveRegister {
     deviceName: string;
@@ -100,3 +98,7 @@ export interface Signal {
     results?: string;
     error?: string;
 }
+export interface V1ClientPpbFinish {
+    requestId: string;
+    operationId: string;
+}

package/build/lib/proveauth/internal/auth-response.d.ts CHANGED Viewed

@@ -1,66 +1,62 @@
 import AuthMessage from './auth-message';
 export default interface AuthResponse {
     next: string;
+    data?: ResponseData;
     error?: AuthFailure;
     refreshDeviceTrust?: boolean;
 }
+export interface ResponseData {
+}
 export interface AuthFailure {
     message: string;
     code: number;
 }
+export type RegisterStartAuthResponse = AuthResponse;
+export type RegisterFinishAuthResponse = AuthResponse;
+export type DeviceRegisterAuthResponse = AuthResponse;
+export type VerifyStartAuthResponse = AuthResponse;
+export type VerifyFinishAuthResponse = AuthResponse;
+export type MobileStartAuthResponse = AuthResponse;
+export type OtpStartResponse = AuthResponse;
+export type OtpFinishResponse = AuthResponse;
+export type InstantLinkStartResponse = AuthResponse;
+export type PpbStartResponse = AuthResponse;
+export type PpbFinishResponse = AuthResponse;
 export interface RegisterStartAuthResponseData {
     credCreateOptions?: PublicKeyCredentialCreationOptions;
     credRequestOptions?: PublicKeyCredentialRequestOptions;
 }
-export interface RegisterStartAuthResponse extends AuthResponse {
-    data: RegisterStartAuthResponseData;
-}
-export interface RegisterFinishAuthResponseData {
+export interface RegisterFinishAuthResponseData extends ResponseData {
     deviceId: string;
     passkey: boolean;
     scanMessage?: AuthMessage;
 }
-export interface RegisterFinishAuthResponse extends AuthResponse {
-    data: RegisterFinishAuthResponseData;
-}
-export type DeviceRegisterAuthResponse = RegisterFinishAuthResponse;
 export interface VerifyStartAuthResponseData {
     credRequestOptions: PublicKeyCredentialRequestOptions;
 }
-export interface VerifyStartAuthResponse extends AuthResponse {
-    data: VerifyStartAuthResponseData;
-}
-export interface VerifyFinishAuthResponseData {
+export interface VerifyFinishAuthResponseData extends ResponseData {
     scanMessage?: AuthMessage;
     deviceId?: string;
     passkey?: boolean;
 }
-export interface VerifyFinishAuthResponse extends AuthResponse {
-    data?: VerifyFinishAuthResponseData;
-}
 export interface ChallengeResponse extends AuthResponse {
     deviceId?: string;
     challenge?: string;
     ttl?: number;
     receivedAt?: number;
 }
-export interface MobileStartAuthResponseData {
+export interface MobileStartAuthResponseData extends ResponseData {
     redirectUrl?: string;
 }
-export interface MobileStartAuthResponse extends AuthResponse {
-    data?: MobileStartAuthResponseData;
-}
-export interface OtpStartResponse extends AuthResponse {
-    data?: OtpResponseData;
-}
-export interface OtpFinishResponse extends AuthResponse {
-    data?: OtpResponseData;
-}
 export interface OtpResponseData {
     code?: number;
     message?: string;
 }
-export interface InstantLinkStartResponse extends AuthResponse {
-    data?: InstantLinkResponseData;
-}
 export type InstantLinkResponseData = OtpResponseData;
+export interface PpbOperation {
+    operationId: string;
+    oneTimeSecret: string;
+}
+export interface PpbResponseData extends ResponseData {
+    ppb?: PpbOperation;
+}

package/build/lib/proveauth/internal/auth-session.d.ts CHANGED Viewed

@@ -1,7 +1,7 @@
 /// <reference types="webappsec-credential-management" />
 import AuthMessage from './auth-message';
 import { AuthRequest, Signal } from './auth-request';
-import AuthResponse from './auth-response';
+import AuthResponse, { ResponseData } from './auth-response';
 import AuthTokenClaims, { UserVerificationLevel } from './auth-token-claims';
 import { DeviceRegistration } from './device-auth';
 import Platform, { AuthSessionIntegration, MessageChannel, RequestSigner } from './platform';
@@ -16,6 +16,7 @@ export default class AuthSession implements AuthSessionIntegration {
     readonly channels: Set<MessageChannel>;
     private readonly log;
     lastStep?: string;
+    lastData?: ResponseData;
     credential?: CredentialType;
     authMessage?: AuthMessage;
     uvLevel?: UserVerificationLevel;
@@ -32,7 +33,11 @@ export default class AuthSession implements AuthSessionIntegration {
     closeAllMessageChannels(): void;
     getDeviceRegistration(): Promise<DeviceRegistration | null>;
     embedFpResultToDeviceRegistration(registration: DeviceRegistration): Promise<DeviceRegistration>;
+    private getCurrentTimestampInSeconds;
+    markNewFptts(ts?: number): void;
+    resetFptts(): void;
     getFingerprintData(): Promise<Signal | undefined>;
     shouldCollectFP(): boolean;
+    shouldRefreshFpSignal(currentTimestamp: number): boolean;
     private parseJwt;
 }

package/build/lib/proveauth/internal/auth-session.js CHANGED Viewed

@@ -5,6 +5,7 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
 Object.defineProperty(exports, "__esModule", { value: true });
 const logger_1 = require("../common/logger");
 const version_1 = require("../version");
+const auth_error_1 = __importDefault(require("./auth-error"));
 const auth_token_claims_1 = require("./auth-token-claims");
 const error_code_1 = __importDefault(require("./error-code"));
 const web_socket_close_reasons_1 = require("./web-socket-close-reasons");
@@ -84,6 +85,7 @@ class AuthSession {
                             this.platform.deviceAuth.reset();
                         }
                     }
+                    this.lastData = response.data;
                     resolve(response);
                 })
                     .catch(reject);
@@ -164,8 +166,7 @@ class AuthSession {
             onClose(reason, code);
         });
         channel.addEventListener('error', (event) => {
-            this.log.debug('Message channel encountered an error');
-            this.log.debug(event);
+            this.log.debug('Message channel encountered an error', event);
         });
         channel.addEventListener('message', (event) => {
             this.log.trace('Message channel received a message');
@@ -227,17 +228,28 @@ class AuthSession {
                 resolve(registration);
             })
                 .catch((error) => {
-                const errorMsg = `Unexpected error happened during Fingerprint data collection: ${error.toString}`;
-                this.log.warn(errorMsg);
+                const errorMsg = `Unexpected error happened during Fingerprint data collection: ${auth_error_1.default.extractMessage(error)}`;
+                this.log.warn(error);
                 registration.setFpSignal({ error: errorMsg });
             });
         });
     }
+    getCurrentTimestampInSeconds() {
+        const currentTimestampMs = Date.now();
+        const currentTimestampSeconds = Math.floor(currentTimestampMs / 1000);
+        return currentTimestampSeconds;
+    }
+    markNewFptts(ts) {
+        this.settings.fingerPrintTimestamp = ts ? ts : this.getCurrentTimestampInSeconds();
+    }
+    resetFptts() {
+        this.settings.fingerPrintTimestamp = null;
+    }
     getFingerprintData() {
         return new Promise((resolve) => {
             var fpPromise = this.platform.getFpPromise();
             if (!this.shouldCollectFP()) {
-                this.log.debug('Fingerprint is not enabled from AuthToken');
+                this.log.trace('Fingerprint is not enabled from AuthToken');
                 resolve(undefined);
             }
             else if (!fpPromise) {
@@ -245,7 +257,12 @@ class AuthSession {
                 this.log.warn(msg);
                 resolve({ error: msg });
             }
+            else if (!this.shouldRefreshFpSignal(this.getCurrentTimestampInSeconds())) {
+                this.log.trace('Existing FP signal is not yet expired, skip new collection');
+                resolve(undefined);
+            }
             else {
+                this.log.trace('Collect new FP signal');
                 fpPromise
                     .then((fp) => fp.get())
                     .then((result) => {
@@ -260,8 +277,8 @@ class AuthSession {
                     }
                 })
                     .catch((error) => {
-                    const msg = `Error in collecting Fingerprint data: ${error.toString}`;
-                    this.log.warn(msg);
+                    const msg = `Error in collecting Fingerprint data: ${auth_error_1.default.extractMessage(error)}`;
+                    this.log.warn(error);
                     resolve({ error: msg });
                 });
             }
@@ -274,6 +291,16 @@ class AuthSession {
         }
         return false;
     }
+    shouldRefreshFpSignal(currentTimestamp) {
+        var _a, _b, _c, _d;
+        if (!this.settings.deviceId || !this.settings.fingerPrintTimestamp) {
+            this.resetFptts();
+            return true;
+        }
+        const refreshRate = (_d = (_c = (_b = (_a = this.claims) === null || _a === void 0 ? void 0 : _a.auth.subs.dev) === null || _b === void 0 ? void 0 : _b.sgnls) === null || _c === void 0 ? void 0 : _c.fptrr) !== null && _d !== void 0 ? _d : 0;
+        const interval = currentTimestamp - this.settings.fingerPrintTimestamp;
+        return interval >= refreshRate;
+    }
     parseJwt(token) {
         return JSON.parse(atob(token.split('.')[1]));
     }

package/build/lib/proveauth/internal/auth-token-claims.d.ts CHANGED Viewed

@@ -9,6 +9,8 @@ export interface PassiveAuthenticator {
 }
 export interface InstantAuthenticator {
 }
+export interface PresentAuthenticator {
+}
 export interface InstantLinkAuthenticator {
     mnp: boolean;
     amnrp?: boolean;
@@ -21,27 +23,44 @@ export interface UniversalAuthenticator {
     endp: string;
     ftu: string;
 }
-export interface Authenticators {
+export interface PpbAuthenticator {
+    endp: string;
+}
+export interface DeviceAuthenticators {
+    pasv?: PassiveAuthenticator;
+    unvsl?: UniversalAuthenticator;
+}
+export interface MobileAuthenticators {
     pasv?: PassiveAuthenticator;
     inst?: InstantAuthenticator;
     inln?: InstantLinkAuthenticator;
     otp?: OtpAuthenticator;
     unvsl?: UniversalAuthenticator;
 }
+export interface UserAuthenticators {
+    pasv?: PassiveAuthenticator;
+    prst?: PresentAuthenticator;
+    ppb?: PpbAuthenticator;
+}
 export interface Signals {
     fpt?: boolean;
+    fptrr?: number;
     dwn?: boolean;
 }
 export interface DeviceAuthSubjectClaim {
-    auths: Authenticators;
+    auths: DeviceAuthenticators;
     sgnls?: Signals;
 }
 export interface MobileAuthSubjectClaim {
-    auths: Authenticators;
+    auths: MobileAuthenticators;
+}
+export interface UserAuthSubjectClaim {
+    auths: UserAuthenticators;
 }
 export interface AuthSubjectsClaim {
     dev?: DeviceAuthSubjectClaim;
     mob?: MobileAuthSubjectClaim;
+    usr?: UserAuthSubjectClaim;
 }
 export interface AuthClaim {
     id: string;

package/build/lib/proveauth/internal/device-passive-register-step.js CHANGED Viewed

@@ -23,11 +23,9 @@ class DevicePassiveRegisterStep {
                     .getDeviceRegistration()
                     .then((devRegistration) => {
                     if (devRegistration) {
-                        session.embedFpResultToDeviceRegistration(devRegistration).then((devRegistration) => {
-                            this.finishRegistration(session, [this.getFido2Registration(session)], devRegistration.getSignals())
-                                .then(resolve)
-                                .catch(reject);
-                        });
+                        this.finishRegistration(session, [this.getFido2Registration(session)])
+                            .then(resolve)
+                            .catch(reject);
                     }
                     else {
                         session.platform.deviceAuth
@@ -35,11 +33,13 @@ class DevicePassiveRegisterStep {
                             namespace: session.namespace,
                             endpoint: session.backendOrigin,
                         })
-                            .then((devRegistration) => session.embedFpResultToDeviceRegistration(devRegistration))
                             .then((devRegistration) => {
                             devRegistration
                                 .getAuthRegistration(session.challenge)
-                                .then((authRegistration) => this.finishRegistration(session, [this.getFido2Registration(session), authRegistration], devRegistration.getSignals()))
+                                .then((authRegistration) => this.finishRegistration(session, [
+                                this.getFido2Registration(session),
+                                authRegistration,
+                            ]))
                                 .then((next) => {
                                 devRegistration.deviceId = session.settings.deviceId;
                                 session.platform.deviceAuth
@@ -61,14 +61,13 @@ class DevicePassiveRegisterStep {
         const assertion = credential.response;
         return assertion && 'authenticatorData' in assertion && 'signature' in assertion;
     }
-    finishRegistration(session, registrations, signals) {
+    finishRegistration(session, registrations) {
         return new Promise((resolve, reject) => {
             session
                 .fetchFromBackend('/v1/client/device/fido2/register/finish', {
                 deviceName: session.platform.getPlatformName(),
                 deviceCapabilities: session.platform.getDeviceCapabilities(),
                 registrations: registrations,
-                signals: signals,
             })
                 .then((response) => {
                 if (response.error) {

package/build/lib/proveauth/internal/device-passive-silent-step.js CHANGED Viewed

@@ -70,23 +70,26 @@ class DevicePassiveSilentStep {
                     signals: registration.getSignals(),
                 })
                     .then((response) => {
+                    var _a;
                     if (response.error) {
                         reject(new auth_error_1.default(response.error.message, response.error.code, response.next, false));
                     }
                     else {
-                        const deviceRegisterAuthResp = response;
-                        const deviceId = deviceRegisterAuthResp.data.deviceId;
+                        if ((_a = registration.getSignals().fingerprint) === null || _a === void 0 ? void 0 : _a.results) {
+                            session.markNewFptts();
+                        }
+                        const data = response.data;
+                        const deviceId = data === null || data === void 0 ? void 0 : data.deviceId;
                         if (!deviceId) {
                             reject(new auth_error_1.default('Failed to register device, returned deviceId is null or empty', 0, response.next));
                         }
                         session.settings.deviceId = deviceId;
-                        if (deviceRegisterAuthResp.data.passkey != null) {
-                            session.settings.fidoPasskeyRegistered = deviceRegisterAuthResp.data.passkey;
+                        if (data.passkey != null) {
+                            session.settings.fidoPasskeyRegistered = data.passkey;
                         }
                         registration.deviceId = deviceId;
                         this.log.debug('Device ID: ' + deviceId);
-                        const data = response.data;
-                        if (data && data.scanMessage) {
+                        if (data.scanMessage) {
                             session.authMessage = data.scanMessage;
                         }
                         session.platform.deviceAuth
@@ -113,10 +116,14 @@ class DevicePassiveSilentStep {
                         signals: registration.getSignals(),
                     })
                         .then((response) => {
+                        var _a;
                         if (response.error) {
                             reject(new auth_error_1.default(response.error.message, response.error.code, response.next, false));
                         }
                         else {
+                            if ((_a = registration.getSignals().fingerprint) === null || _a === void 0 ? void 0 : _a.results) {
+                                session.markNewFptts();
+                            }
                             resolve(response.next);
                         }
                     })

package/build/lib/proveauth/internal/device-passive-step.js CHANGED Viewed

@@ -30,13 +30,17 @@ class DevicePassiveActions extends auth_status_actions_1.AuthStatusActions {
                 signals: signals,
             })
                 .then((response) => {
-                var _a, _b;
+                var _a;
                 if (response.error) {
                     reject(new auth_error_1.default(response.error.message, response.error.code, response.next, false));
                 }
                 else {
-                    const creationOptions = (_a = response.data) === null || _a === void 0 ? void 0 : _a.credCreateOptions;
-                    const requestOptions = (_b = response.data) === null || _b === void 0 ? void 0 : _b.credRequestOptions;
+                    if ((_a = signals === null || signals === void 0 ? void 0 : signals.fingerprint) === null || _a === void 0 ? void 0 : _a.results) {
+                        session.markNewFptts();
+                    }
+                    const data = response.data;
+                    const creationOptions = data === null || data === void 0 ? void 0 : data.credCreateOptions;
+                    const requestOptions = data === null || data === void 0 ? void 0 : data.credRequestOptions;
                     if (creationOptions) {
                         this.createCredentials(session, displayName, creationOptions, response)
                             .then(resolve)
@@ -67,7 +71,8 @@ class DevicePassiveActions extends auth_status_actions_1.AuthStatusActions {
                         reject(new auth_error_1.default(response.error.message, response.error.code, response.next, false));
                     }
                     else {
-                        const options = response.data.credRequestOptions;
+                        const data = response.data;
+                        const options = data === null || data === void 0 ? void 0 : data.credRequestOptions;
                         this.getCredentials(session, options, response).then(resolve).catch(reject);
                     }
                 })
@@ -141,7 +146,7 @@ class DevicePassiveActions extends auth_status_actions_1.AuthStatusActions {
     parseCredRequestOptions(response, session) {
         return new Promise((resolve, reject) => {
             const data = response.data;
-            if (data.credRequestOptions) {
+            if (data === null || data === void 0 ? void 0 : data.credRequestOptions) {
                 const requestOptions = data.credRequestOptions;
                 this.getCredentials(session, requestOptions, response).then(resolve).catch(reject);
             }

package/build/lib/proveauth/internal/device-passive-stepup-step.js CHANGED Viewed

@@ -19,25 +19,7 @@ class DevicePassiveStepupStep extends device_passive_step_1.DevicePassiveActions
             return Promise.reject(new Error('FIDO2 Passkey is already registered'));
         }
         return new Promise((resolve, reject) => {
-            session
-                .getFingerprintData()
-                .then((signal) => {
-                const signals = {
-                    fingerprint: signal,
-                };
-                this.register(session, signals).then(resolve).catch(reject);
-            })
-                .catch((error) => {
-                const errorMsg = `Unexpected error happened during Fingerprint data collection: ${error.message}`;
-                this.log.warn(errorMsg);
-                this.log.warn(error);
-                const signals = {
-                    fingerprint: {
-                        error: errorMsg,
-                    },
-                };
-                this.register(session, signals).then(resolve).catch(reject);
-            });
+            this.register(session).then(resolve).catch(reject);
         });
     }
 }