@test2doc/playwright-passkey-gen 0.0.0

package/src/scripts/server.ts

@@ -0,0 +1,301 @@
+import { createServer, type ServerResponse, type IncomingMessage } from "http"
+import {
+  generateRegistrationOptions,
+  generateAuthenticationOptions,
+  verifyAuthenticationResponse,
+} from "@simplewebauthn/server"
+import { clientScript } from "./client.js"
+import { TESTPASSKEY } from "./testpasskey.js"
+
+interface StoredCredential {
+  id: string
+  publicKey: Uint8Array
+  counter: number
+  userId: string
+}
+
+interface StoredChallenge {
+  challenge: string
+  userId?: string
+}
+
+// In-memory storage for demo
+const credentials = new Map<string, StoredCredential>()
+const challenges = new Map<string, StoredChallenge>()
+
+const rpID = "localhost"
+const rpName = "Test App"
+const port = 5173
+const origin = `http://localhost:${port}`
+
+async function parseBody(req: IncomingMessage): Promise<UnknownJson> {
+  return new Promise((resolve, reject) => {
+    let body = ""
+    req.on("data", (chunk: string) => {
+      body += chunk
+    })
+    req.on("end", () => {
+      try {
+        resolve(JSON.parse(body))
+      } catch {
+        resolve({})
+      }
+    })
+    req.on("error", reject)
+  })
+}
+
+function sendJson(
+  res: ServerResponse<IncomingMessage>,
+  data: unknown,
+  status = 200,
+) {
+  res.writeHead(status, { "Content-Type": "application/json" })
+  res.end(JSON.stringify(data))
+}
+
+const server = createServer(async (req, res) => {
+  // CORS headers
+  res.setHeader("Access-Control-Allow-Origin", "*")
+  res.setHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
+  res.setHeader("Access-Control-Allow-Headers", "Content-Type")
+
+  if (req.method === "OPTIONS") {
+    res.writeHead(200)
+    res.end()
+    return
+  }
+
+  const body = await parseBody(req)
+
+  // Serve HTML client
+  if (req.url === "/" && req.method === "GET") {
+    const html = `<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>Passkey Test Client</title>
+  <style>
+    body {
+      font-family: system-ui, -apple-system, sans-serif;
+      max-width: 600px;
+      margin: 50px auto;
+      padding: 20px;
+    }
+    button {
+      padding: 10px 20px;
+      font-size: 16px;
+      cursor: pointer;
+      background: #007bff;
+      color: white;
+      border: none;
+      border-radius: 4px;
+    }
+    button:hover {
+      background: #0056b3;
+    }
+    .status {
+      margin-top: 20px;
+      padding: 10px;
+      border-radius: 4px;
+    }
+    .success {
+      background: #d4edda;
+      color: #155724;
+      border: 1px solid #c3e6cb;
+    }
+    .error {
+      background: #f8d7da;
+      color: #721c24;
+      border: 1px solid #f5c6cb;
+    }
+    .loading {
+      background: #e2e3e5;
+      color: #383d41;
+      border: 1px solid #d6d8db;
+    }
+  </style>
+</head>
+<body>
+  <h1>Passkey Authentication Test</h1>
+  
+  <button onclick="testAuthentication()">Test Login with Passkey</button>
+  
+  <div role="status" id="status"></div>
+
+  <script>
+${clientScript}
+  </script>
+</body>
+</html>`
+
+    res.writeHead(200, { "Content-Type": "text/html" })
+    res.end(html)
+    return
+  }
+
+  // Register start
+  if (
+    req.url === "/register/start" &&
+    req.method === "POST" &&
+    isRegisterStartBody(body)
+  ) {
+    const { username, userId } = body
+
+    const options = await generateRegistrationOptions({
+      rpName,
+      rpID,
+      userName: username,
+      userID: new TextEncoder().encode(userId),
+    })
+
+    challenges.set(userId, { challenge: options.challenge })
+
+    return sendJson(res, options)
+  }
+
+  // Register finish
+  if (
+    req.url === "/register/finish" &&
+    req.method === "POST" &&
+    isRegisterFinishBody(body)
+  ) {
+    const { userId, credentialId, publicKey, counter } = body
+
+    const storedChallenge = challenges.get(userId)
+    if (!storedChallenge) {
+      return sendJson(res, { error: "No challenge found" }, 400)
+    }
+
+    credentials.set(credentialId, {
+      id: credentialId,
+      publicKey: new Uint8Array(publicKey),
+      counter,
+      userId,
+    })
+
+    challenges.delete(userId)
+
+    return sendJson(res, { success: true })
+  }
+
+  // Authenticate start
+  if (req.url === "/authenticate/start" && req.method === "POST") {
+    const options = await generateAuthenticationOptions({
+      rpID,
+    })
+
+    challenges.set("auth", { challenge: options.challenge })
+
+    return sendJson(res, options)
+  }
+
+  // Authenticate finish
+  if (
+    req.url === "/authenticate/finish" &&
+    req.method === "POST" &&
+    isAuthenticateFinishBody(body)
+  ) {
+    const { credentialId, clientDataJSON, authenticatorData, signature } = body
+
+    // const storedCredential = credentials.get(credentialId)
+    // if (!storedCredential) {
+    //   return sendJson(res, { error: "Credential not found" }, 400)
+    // }
+
+    const storedChallenge = challenges.get("auth")
+    if (!storedChallenge) {
+      return sendJson(res, { error: "No challenge found" }, 400)
+    }
+
+    try {
+      const verification = await verifyAuthenticationResponse({
+        response: {
+          id: credentialId,
+          rawId: credentialId,
+          response: {
+            clientDataJSON,
+            authenticatorData,
+            signature,
+          },
+          type: "public-key",
+          clientExtensionResults: {},
+        },
+        expectedChallenge: storedChallenge.challenge,
+        expectedOrigin: origin,
+        expectedRPID: rpID,
+        credential: {
+          id: TESTPASSKEY.credentialId,
+          publicKey: Uint8Array.from(TESTPASSKEY.publicKey),
+          counter: 0,
+        },
+      })
+
+      if (!verification.verified) {
+        return sendJson(res, { error: "Authentication failed" }, 400)
+      }
+
+      challenges.delete("auth")
+
+      return sendJson(res, {
+        success: true,
+        userId: TESTPASSKEY.userId,
+      })
+    } catch (err) {
+      return sendJson(res, { error: String(err) }, 400)
+    }
+  }
+
+  sendJson(res, { error: "Not found" }, 404)
+})
+
+server.listen(port, () => {
+  console.log(`Server running on ${origin}`)
+})
+
+// Type guards
+type UnknownJson = Record<string, unknown>
+function isRegisterStartBody(
+  body: UnknownJson,
+): body is { username: string; userId: string } {
+  return (
+    typeof body === "object" &&
+    body !== null &&
+    typeof body["username"] === "string" &&
+    typeof body["userId"] === "string"
+  )
+}
+
+function isRegisterFinishBody(body: UnknownJson): body is {
+  userId: string
+  credentialId: string
+  publicKey: number[]
+  counter: number
+} {
+  return (
+    typeof body === "object" &&
+    body !== null &&
+    typeof body["userId"] === "string" &&
+    typeof body["credentialId"] === "string" &&
+    Array.isArray(body["publicKey"]) &&
+    typeof body["counter"] === "number"
+  )
+}
+
+function isAuthenticateFinishBody(body: UnknownJson): body is {
+  credentialId: string
+  clientDataJSON: string
+  authenticatorData: string
+  signature: string
+  signCount: number
+} {
+  return (
+    typeof body === "object" &&
+    body !== null &&
+    typeof body["credentialId"] === "string" &&
+    typeof body["clientDataJSON"] === "string" &&
+    typeof body["authenticatorData"] === "string" &&
+    typeof body["signature"] === "string"
+  )
+}

package/src/scripts/testpasskey.ts

@@ -0,0 +1,87 @@
+export const TESTPASSKEY = {
+  "username": "testuser",
+  "userId": "5ba2106d-875d-46e9-9230-72df17b5c3c3",
+  "credentialId": "jdMitWaOVL7f4YrOojmOvMd8rPsrSWHMbYkAW3w1pB8=",
+  "publicKey": [
+    165,
+    1,
+    2,
+    3,
+    38,
+    32,
+    1,
+    33,
+    88,
+    32,
+    29,
+    141,
+    100,
+    24,
+    220,
+    131,
+    163,
+    43,
+    167,
+    203,
+    187,
+    213,
+    134,
+    200,
+    151,
+    38,
+    98,
+    107,
+    39,
+    191,
+    21,
+    16,
+    139,
+    92,
+    205,
+    177,
+    222,
+    23,
+    7,
+    193,
+    78,
+    168,
+    34,
+    88,
+    32,
+    234,
+    99,
+    242,
+    234,
+    56,
+    49,
+    232,
+    146,
+    39,
+    156,
+    161,
+    184,
+    240,
+    192,
+    48,
+    63,
+    252,
+    203,
+    93,
+    253,
+    115,
+    25,
+    48,
+    71,
+    76,
+    11,
+    129,
+    16,
+    158,
+    74,
+    136,
+    201
+  ],
+  "privateKey": "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgPyrpgV3J+gBgsuPq3waX31oWxvvp+RDMtsXzYiaguhuhRANCAAQdjWQY3IOjK6fLu9WGyJcmYmsnvxUQi1zNsd4XB8FOqOpj8uo4MeiSJ5yhuPDAMD/8y139cxkwR0wLgRCeSojJ",
+  "credentialDbId": "jdMitWaOVL7f4YrOojmOvMd8rPsrSWHMbYkAW3w1pB8",
+  "signCount": 1
+}

package/test-passkey.js

@@ -0,0 +1,87 @@
+export const TESTPASSKEY = {
+  "username": "testuser",
+  "userId": "c5348c9f-9c67-471e-b129-9fdc478d37c5",
+  "credentialId": "e+700BnFW4TyYj1lQ6na6vVXYNNGyZCKgrg80dznnrU=",
+  "publicKey": [
+    165,
+    1,
+    2,
+    3,
+    38,
+    32,
+    1,
+    33,
+    88,
+    32,
+    11,
+    229,
+    191,
+    89,
+    168,
+    16,
+    62,
+    193,
+    63,
+    58,
+    8,
+    204,
+    115,
+    175,
+    44,
+    47,
+    255,
+    171,
+    41,
+    246,
+    125,
+    125,
+    74,
+    244,
+    149,
+    228,
+    201,
+    104,
+    183,
+    132,
+    115,
+    43,
+    34,
+    88,
+    32,
+    69,
+    201,
+    239,
+    184,
+    155,
+    115,
+    219,
+    46,
+    159,
+    194,
+    32,
+    122,
+    149,
+    235,
+    189,
+    219,
+    5,
+    76,
+    123,
+    13,
+    76,
+    120,
+    53,
+    222,
+    15,
+    236,
+    5,
+    44,
+    151,
+    93,
+    237,
+    31
+  ],
+  "privateKey": "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgLc8nJ8DKp0mr2f7dNc0m1s0f+dpkRw5WUh8ceELq8xqhRANCAAQL5b9ZqBA+wT86CMxzrywv/6sp9n19SvSV5Mlot4RzK0XJ77ibc9sun8IgepXrvdsFTHsNTHg13g/sBSyXXe0f",
+  "credentialDbId": "e-700BnFW4TyYj1lQ6na6vVXYNNGyZCKgrg80dznnrU",
+  "signCount": 1
+}

package/test-passkey.ts

@@ -0,0 +1,87 @@
+export const TESTPASSKEY = {
+  "username": "testuser",
+  "userId": "6273c61b-2947-4b6d-b713-ca0a366f88ae",
+  "credentialId": "9no4Mc2LnqVXpLtBeZlQgidBnnAC2GYrDdho7CRXZSg=",
+  "publicKey": [
+    165,
+    1,
+    2,
+    3,
+    38,
+    32,
+    1,
+    33,
+    88,
+    32,
+    159,
+    234,
+    226,
+    78,
+    12,
+    226,
+    49,
+    223,
+    194,
+    88,
+    59,
+    157,
+    194,
+    204,
+    149,
+    9,
+    141,
+    183,
+    47,
+    151,
+    203,
+    187,
+    33,
+    227,
+    215,
+    208,
+    88,
+    100,
+    221,
+    187,
+    9,
+    185,
+    34,
+    88,
+    32,
+    112,
+    147,
+    130,
+    189,
+    166,
+    43,
+    126,
+    124,
+    232,
+    48,
+    242,
+    148,
+    47,
+    144,
+    179,
+    100,
+    239,
+    118,
+    136,
+    123,
+    28,
+    216,
+    154,
+    5,
+    60,
+    173,
+    137,
+    15,
+    54,
+    40,
+    160,
+    18
+  ],
+  "privateKey": "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgfm5Shc4ds68wEoSJX8vpfuQBUsT96Sp0Z5S1B9xAwzWhRANCAASf6uJODOIx38JYO53CzJUJjbcvl8u7IePX0Fhk3bsJuXCTgr2mK3586DDylC+Qs2Tvdoh7HNiaBTytiQ82KKAS",
+  "credentialDbId": "9no4Mc2LnqVXpLtBeZlQgidBnnAC2GYrDdho7CRXZSg",
+  "signCount": 1
+}

package/test-results/.last-run.json

@@ -0,0 +1,4 @@
+{
+  "status": "passed",
+  "failedTests": []
+}

package/tests/passkey.spec.ts

@@ -0,0 +1,29 @@
+import { test, expect } from "@playwright/test"
+import { TESTPASSKEY } from "../src/scripts/testpasskey.js"
+import {
+  enableVirtualAuthenticator,
+  addPasskeyCredential,
+  simulateSuccessfulPasskeyInput,
+} from "@test2doc/playwright-passkey"
+
+test.describe("Passkey Authentication", () => {
+  test("should authenticate using passkey", async ({ page }) => {
+    await page.goto("http://localhost:5173/")
+    const passkeyAuthenticator = await enableVirtualAuthenticator(page)
+    await addPasskeyCredential(passkeyAuthenticator, TESTPASSKEY)
+
+    await expect(page.getByRole("status")).toHaveText("")
+
+    // Click the "Test Login with Passkey" button
+    await simulateSuccessfulPasskeyInput(passkeyAuthenticator, async () => {
+      await page
+        .getByRole("button", { name: "Test Login with Passkey" })
+        .click()
+    })
+
+    // Wait for the success message
+    await expect(page.getByRole("status")).toContainText(
+      `Authentication successful! User ID: ${TESTPASSKEY.userId}`,
+    )
+  })
+})

package/tsconfig.json

@@ -0,0 +1,52 @@
+{
+  "compilerOptions": {
+    /* Project Options */
+    "target": "es2024" /* Specify ECMAScript target version for emitted JavaScript. */,
+    "lib": [
+      "esnext",
+      "DOM"
+    ] /* Specify a list of library files to be included in the compilation. */,
+    "types": ["node"],
+    "sourceMap": true /* Generates corresponding .map file. */,
+
+    /* Strictness & Type Checking Options */
+    "strict": true /* Enable all strict type-checking options. Highly recommended. */,
+    "noImplicitAny": true /* Raise error on expressions and declarations with an implied 'any' type. */,
+    "strictNullChecks": true /* Enable strict null checks. */,
+    "strictFunctionTypes": true /* Enable strict checking of function types. */,
+    "strictBindCallApply": true /* Enable strict 'bind', 'call', and 'apply' methods on functions. */,
+    "strictPropertyInitialization": true /* Ensure non-null class properties are initialized. */,
+    "noImplicitThis": true /* Raise error on 'this' expressions with an implied 'any' type. */,
+    "useUnknownInCatchVariables": true /* Type catch clause variables as 'unknown' instead of 'any'. */,
+    "alwaysStrict": true /* Parse in strict mode and emit "use strict" for each source file. */,
+    "noUnusedLocals": true /* Report errors on unused locals. */,
+    "noUnusedParameters": true /* Report errors on unused parameters. */,
+    "exactOptionalPropertyTypes": true /* Report errors for extra properties in object literals. */,
+    "noImplicitReturns": true /* Report error when not all code paths in function return a value. */,
+    "noFallthroughCasesInSwitch": true /* Report errors for fallthrough cases in switch statement. */,
+    "noUncheckedIndexedAccess": true /* Include 'undefined' in the type of indexed access. */,
+    "noPropertyAccessFromIndexSignature": true /* Disallow dot-accessing properties with string index signatures. */,
+    "assumeChangesOnlyAffectDirectDependencies": false /* More accurate incremental builds. */,
+
+    /* Module Resolution Options */
+    "esModuleInterop": true /* Enables emit interoperability between CommonJS and ES Modules via creation of namespace objects for all imports. Implies 'allowSyntheticDefaultImports'. */,
+    "allowSyntheticDefaultImports": true /* Allow default imports from modules with no default export. This does not affect code emit, just typechecking. */,
+    "forceConsistentCasingInFileNames": true /* Ensure that casing is correct in imports. */,
+
+    /* Other Options */
+    "skipLibCheck": true /* Skip type checking all .d.ts files. Improves compilation speed. */,
+    "pretty": true /* Enable color and context in error messages. */,
+    "newLine": "lf" /* Use LF for line endings. */,
+    "module": "nodenext", // Emit ES Modules (for Node.js's dual module system)
+    "moduleResolution": "nodenext",
+    "outDir": "./dist", // Output to an 'esm' subdirectory
+    "declaration": true, // Still generate declarations
+    "declarationMap": true, // Still generate declaration maps
+    "composite": true // Keep composite if you use project references
+  },
+  "include": ["src/**/*"],
+  "exclude": [
+    "node_modules",
+    "dist",
+  ]
+}