@things-factory/auth-base 7.0.1-alpha.97 → 7.0.1-alpha.99

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (8) hide show
  1. package/dist-server/middlewares/webauthn-middleware.js +2 -2
  2. package/dist-server/middlewares/webauthn-middleware.js.map +1 -1
  3. package/dist-server/router/webauthn-router.js +3 -3
  4. package/dist-server/router/webauthn-router.js.map +1 -1
  5. package/dist-server/tsconfig.tsbuildinfo +1 -1
  6. package/package.json +2 -2
  7. package/server/middlewares/webauthn-middleware.ts +2 -2
  8. package/server/router/webauthn-router.ts +3 -4
package/dist-server/middlewares/webauthn-middleware.js CHANGED
@@ -10,7 +10,7 @@ const auth_error_1 = require("../errors/auth-error");
10
10
  const web_auth_credential_1 = require("../service/web-auth-credential/web-auth-credential");
11
11
  exports.store = new passport_fido2_webauthn_1.SessionChallengeStore();
12
12
  koa_passport_1.default.use(new passport_fido2_webauthn_1.Strategy({ store: exports.store }, async function verify(id, userHandle, cb) {
13
- const user = await (0, shell_1.getRepository)(user_1.User).findOne({ where: { email: userHandle.toString() } });
13
+ const user = await (0, shell_1.getRepository)(user_1.User).findOne({ where: { id: userHandle.toString() } });
14
14
  if (!user) {
15
15
  return cb(null, false, { errorCode: auth_error_1.AuthError.ERROR_CODES.USER_NOT_FOUND });
16
16
  }
@@ -22,7 +22,7 @@ koa_passport_1.default.use(new passport_fido2_webauthn_1.Strategy({ store: expor
22
22
  }
23
23
  return cb(null, user, credential.publicKey);
24
24
  }, async function register(user, id, publicKey, cb) {
25
- const userObject = await (0, shell_1.getRepository)(user_1.User).findOne({ where: { email: user.id.toString() } });
25
+ const userObject = await (0, shell_1.getRepository)(user_1.User).findOne({ where: { id: user.id.toString() } });
26
26
  const webAuthRepository = (0, shell_1.getRepository)(web_auth_credential_1.WebAuthCredential);
27
27
  const oldCredential = await webAuthRepository.findOne({
28
28
  where: { user: { id: userObject.id }, publicKey: publicKey }
package/dist-server/middlewares/webauthn-middleware.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"webauthn-middleware.js","sourceRoot":"","sources":["../../server/middlewares/webauthn-middleware.ts"],"names":[],"mappings":";;;;AAAA,wEAAmC;AACnC,qEAA6F;AAE7F,iDAAqD;AAErD,+CAA2C;AAC3C,qDAAgD;AAChD,4FAAsF;AAEzE,QAAA,KAAK,GAAG,IAAI,+CAAqB,EAAE,CAAA;AAEhD,sBAAQ,CAAC,GAAG,CACV,IAAI,kCAAgB,CAClB,EAAE,KAAK,EAAL,aAAK,EAAE,EACT,KAAK,UAAU,MAAM,CAAC,EAAU,EAAE,UAAsB,EAAE,EAAE;IAC1D,MAAM,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,UAAU,CAAC,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAA;IAC3F,IAAI,CAAC,IAAI,EAAE;QACT,OAAO,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc,EAAE,CAAC,CAAA;KAC5E;IACD,MAAM,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAC,OAAO,CAAC;QAChE,KAAK,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE;KACnD,CAAC,CAAA;IACF,IAAI,CAAC,UAAU,EAAE;QACf,OAAO,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,yBAAyB,EAAE,CAAC,CAAA;KACvF;IAED,OAAO,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,UAAU,CAAC,SAAS,CAAC,CAAA;AAC7C,CAAC,EACD,KAAK,UAAU,QAAQ,CAAC,IAAI,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE;IAC7C,MAAM,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAA;IAC9F,MAAM,iBAAiB,GAAG,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAA;IAE1D,MAAM,aAAa,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC;QACpD,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,UAAU,CAAC,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE;KAC7D,CAAC,CAAA;IAEF,0CAA0C;IAC1C,IAAI,aAAa,EAAE;QACjB,MAAM,iBAAiB,CAAC,MAAM,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;KACjD;IAED,MAAM,iBAAiB,CAAC,IAAI,CAAC;QAC3B,IAAI,EAAE,UAAU;QAChB,YAAY,EAAE,EAAE;QAChB,SAAS;QACT,OAAO,EAAE,CAAC;KACX,CAAC,CAAA;IAEF,OAAO,EAAE,CAAC,IAAI,EAAE,UAAU,CAAC,CAAA;AAC7B,CAAC,CACF,CACF,CAAA;AAEM,KAAK,UAAU,kBAAkB,CAAC,OAAO,EAAE,IAAI;IACpD,OAAO,sBAAQ,CAAC,YAAY,CAC1B,UAAU,EACV,EAAE,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,EAC5D,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;QACxB,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE;YAChB,IAAI,IAAI,CAAC,SAAS,EAAE;gBAClB,MAAM,IAAI,sBAAS,CAAC,IAAI,CAAC,CAAA;aAC1B;iBAAM;gBACL,MAAM,IAAI,sBAAS,CAAC;oBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,UAAU;oBAC3C,MAAM,EAAE,IAAI;iBACb,CAAC,CAAA;aACH;SACF;aAAM;YACL,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;YAEzB,MAAM,IAAI,EAAE,CAAA;SACb;IACH,CAAC,CACF,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AAClB,CAAC;AArBD,gDAqBC","sourcesContent":["import passport from 'koa-passport'\nimport { Strategy as WebAuthnStrategy, SessionChallengeStore } from 'passport-fido2-webauthn'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { User } from '../service/user/user'\nimport { AuthError } from '../errors/auth-error'\nimport { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential'\n\nexport const store = new SessionChallengeStore()\n\npassport.use(\n new WebAuthnStrategy(\n { store },\n async function verify(id: string, userHandle: Uint8Array, cb) {\n const user = await getRepository(User).findOne({ where: { email: userHandle.toString() } })\n if (!user) {\n return cb(null, false, { errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND })\n }\n const credential = await getRepository(WebAuthCredential).findOne({\n where: { credentialId: id, user: { id: user.id } }\n })\n if (!credential) {\n return cb(null, false, { errorCode: AuthError.ERROR_CODES.USER_CREDENTIAL_NOT_FOUND })\n }\n\n return cb(null, user, credential.publicKey)\n },\n async function register(user, id, publicKey, cb) {\n const userObject = await getRepository(User).findOne({ where: { email: user.id.toString() } })\n const webAuthRepository = getRepository(WebAuthCredential)\n\n const oldCredential = await webAuthRepository.findOne({\n where: { user: { id: userObject.id }, publicKey: publicKey }\n })\n\n /* TODO publicKey 비교로는 중복된 등록을 막을 수 없다. */\n if (oldCredential) {\n await webAuthRepository.delete(oldCredential.id)\n }\n\n await webAuthRepository.save({\n user: userObject,\n credentialId: id,\n publicKey,\n counter: 0\n })\n\n return cb(null, userObject)\n }\n )\n)\n\nexport async function webAuthnMiddleware(context, next) {\n return passport.authenticate(\n 'webauthn',\n { session: true, failureMessage: true, failWithError: true },\n async (err, user, info) => {\n if (err || !user) {\n if (info.errorCode) {\n throw new AuthError(info)\n } else {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.AUTH_ERROR,\n detail: info\n })\n }\n } else {\n context.state.user = user\n\n await next()\n }\n }\n )(context, next)\n}\n"]}
1
+ {"version":3,"file":"webauthn-middleware.js","sourceRoot":"","sources":["../../server/middlewares/webauthn-middleware.ts"],"names":[],"mappings":";;;;AAAA,wEAAmC;AACnC,qEAA6F;AAE7F,iDAAqD;AAErD,+CAA2C;AAC3C,qDAAgD;AAChD,4FAAsF;AAEzE,QAAA,KAAK,GAAG,IAAI,+CAAqB,EAAE,CAAA;AAEhD,sBAAQ,CAAC,GAAG,CACV,IAAI,kCAAgB,CAClB,EAAE,KAAK,EAAL,aAAK,EAAE,EACT,KAAK,UAAU,MAAM,CAAC,EAAU,EAAE,UAAsB,EAAE,EAAE;IAC1D,MAAM,IAAI,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,UAAU,CAAC,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAA;IACxF,IAAI,CAAC,IAAI,EAAE;QACT,OAAO,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,cAAc,EAAE,CAAC,CAAA;KAC5E;IACD,MAAM,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAC,OAAO,CAAC;QAChE,KAAK,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,EAAE,EAAE;KACnD,CAAC,CAAA;IACF,IAAI,CAAC,UAAU,EAAE;QACf,OAAO,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,yBAAyB,EAAE,CAAC,CAAA;KACvF;IAED,OAAO,EAAE,CAAC,IAAI,EAAE,IAAI,EAAE,UAAU,CAAC,SAAS,CAAC,CAAA;AAC7C,CAAC,EACD,KAAK,UAAU,QAAQ,CAAC,IAAI,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE;IAC7C,MAAM,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,WAAI,CAAC,CAAC,OAAO,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,EAAE,IAAI,CAAC,EAAE,CAAC,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAA;IAC3F,MAAM,iBAAiB,GAAG,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAA;IAE1D,MAAM,aAAa,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC;QACpD,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,UAAU,CAAC,EAAE,EAAE,EAAE,SAAS,EAAE,SAAS,EAAE;KAC7D,CAAC,CAAA;IAEF,0CAA0C;IAC1C,IAAI,aAAa,EAAE;QACjB,MAAM,iBAAiB,CAAC,MAAM,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;KACjD;IAED,MAAM,iBAAiB,CAAC,IAAI,CAAC;QAC3B,IAAI,EAAE,UAAU;QAChB,YAAY,EAAE,EAAE;QAChB,SAAS;QACT,OAAO,EAAE,CAAC;KACX,CAAC,CAAA;IAEF,OAAO,EAAE,CAAC,IAAI,EAAE,UAAU,CAAC,CAAA;AAC7B,CAAC,CACF,CACF,CAAA;AAEM,KAAK,UAAU,kBAAkB,CAAC,OAAO,EAAE,IAAI;IACpD,OAAO,sBAAQ,CAAC,YAAY,CAC1B,UAAU,EACV,EAAE,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,EAC5D,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;QACxB,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE;YAChB,IAAI,IAAI,CAAC,SAAS,EAAE;gBAClB,MAAM,IAAI,sBAAS,CAAC,IAAI,CAAC,CAAA;aAC1B;iBAAM;gBACL,MAAM,IAAI,sBAAS,CAAC;oBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,UAAU;oBAC3C,MAAM,EAAE,IAAI;iBACb,CAAC,CAAA;aACH;SACF;aAAM;YACL,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;YAEzB,MAAM,IAAI,EAAE,CAAA;SACb;IACH,CAAC,CACF,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;AAClB,CAAC;AArBD,gDAqBC","sourcesContent":["import passport from 'koa-passport'\nimport { Strategy as WebAuthnStrategy, SessionChallengeStore } from 'passport-fido2-webauthn'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { User } from '../service/user/user'\nimport { AuthError } from '../errors/auth-error'\nimport { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential'\n\nexport const store = new SessionChallengeStore()\n\npassport.use(\n new WebAuthnStrategy(\n { store },\n async function verify(id: string, userHandle: Uint8Array, cb) {\n const user = await getRepository(User).findOne({ where: { id: userHandle.toString() } })\n if (!user) {\n return cb(null, false, { errorCode: AuthError.ERROR_CODES.USER_NOT_FOUND })\n }\n const credential = await getRepository(WebAuthCredential).findOne({\n where: { credentialId: id, user: { id: user.id } }\n })\n if (!credential) {\n return cb(null, false, { errorCode: AuthError.ERROR_CODES.USER_CREDENTIAL_NOT_FOUND })\n }\n\n return cb(null, user, credential.publicKey)\n },\n async function register(user, id, publicKey, cb) {\n const userObject = await getRepository(User).findOne({ where: { id: user.id.toString() } })\n const webAuthRepository = getRepository(WebAuthCredential)\n\n const oldCredential = await webAuthRepository.findOne({\n where: { user: { id: userObject.id }, publicKey: publicKey }\n })\n\n /* TODO publicKey 비교로는 중복된 등록을 막을 수 없다. */\n if (oldCredential) {\n await webAuthRepository.delete(oldCredential.id)\n }\n\n await webAuthRepository.save({\n user: userObject,\n credentialId: id,\n publicKey,\n counter: 0\n })\n\n return cb(null, userObject)\n }\n )\n)\n\nexport async function webAuthnMiddleware(context, next) {\n return passport.authenticate(\n 'webauthn',\n { session: true, failureMessage: true, failWithError: true },\n async (err, user, info) => {\n if (err || !user) {\n if (info.errorCode) {\n throw new AuthError(info)\n } else {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.AUTH_ERROR,\n detail: info\n })\n }\n } else {\n context.state.user = user\n\n await next()\n }\n }\n )(context, next)\n}\n"]}
package/dist-server/router/webauthn-router.js CHANGED
@@ -27,15 +27,15 @@ exports.webAuthnGlobalPublicRouter.post('/auth/signin-webauthn', webauthn_middle
27
27
  });
28
28
  exports.webAuthnGlobalPrivateRouter.post('/auth/register-webauthn/challenge', async (context, next) => {
29
29
  const { user } = context.state;
30
- const { email, name } = user || {};
30
+ const { id, name } = user || {};
31
31
  const challenge = await challengeAsync(Object.assign(Object.assign({}, context.request), { session: context.session }), {
32
32
  user: {
33
- id: email
33
+ id
34
34
  }
35
35
  });
36
36
  context.body = {
37
37
  user: {
38
- id: Buffer.from(email).toString('base64'),
38
+ id: Buffer.from(id).toString('base64'),
39
39
  name: name,
40
40
  displayName: name
41
41
  },
package/dist-server/router/webauthn-router.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"webauthn-router.js","sourceRoot":"","sources":["../../server/router/webauthn-router.ts"],"names":[],"mappings":";;;;AAAA,wDAAuB;AACvB,oEAA+B;AAG/B,sEAAmE;AACnE,4EAA8E;AAEjE,QAAA,0BAA0B,GAAG,IAAI,oBAAM,EAAE,CAAA;AACzC,QAAA,2BAA2B,GAAG,IAAI,oBAAM,EAAE,CAAA;AAEvD,MAAM,cAAc,GAAG,cAAI,CAAC,SAAS,CAAC,2BAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,2BAAK,CAAC,CAAA;AAElE,kCAA0B,CAAC,IAAI,CAAC,iCAAiC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzF,MAAM,SAAS,GAAG,MAAM,cAAc,iCAAM,OAAO,CAAC,OAAO,KAAE,OAAO,EAAE,OAAO,CAAC,OAAO,IAAG,CAAA;IAExF,OAAO,CAAC,IAAI,GAAG;QACb,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;KACrD,CAAA;AACH,CAAC,CAAC,CAAA;AAEF,kCAA0B,CAAC,IAAI,CAAC,uBAAuB,EAAE,wCAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACnG,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IACtC,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAC3B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAEjC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE,CAAC,CAAA;IAC/D,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IAEpC,IAAI,WAAW,GAAG,gBAAgB,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,kBAAkB,CAAC,OAAO,CAAC,UAAU,IAAI,GAAG,CAAC,EAAE,CAAA;IAErI,yGAAyG;IACzG,OAAO,CAAC,IAAI,GAAG,EAAE,WAAW,EAAE,CAAA;AAChC,CAAC,CAAC,CAAA;AAEF,mCAA2B,CAAC,IAAI,CAAC,mCAAmC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5F,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,IAAI,IAAI,EAAE,CAAA;IAElC,MAAM,SAAS,GAAG,MAAM,cAAc,iCAC/B,OAAO,CAAC,OAAO,KAAE,OAAO,EAAE,OAAO,CAAC,OAAO,KAC9C;QACE,IAAI,EAAE;YACJ,EAAE,EAAE,KAAK;SACV;KACF,CACF,CAAA;IAED,OAAO,CAAC,IAAI,GAAG;QACb,IAAI,EAAE;YACJ,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;YACzC,IAAI,EAAE,IAAI;YACV,WAAW,EAAE,IAAI;SAClB;QACD,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;KACrD,CAAA;AACH,CAAC,CAAC,CAAA","sourcesContent":["import util from 'util'\nimport Router from 'koa-router'\n\nimport { accepts } from '../utils/accepts'\nimport { setAccessTokenCookie } from '../utils/access-token-cookie'\nimport { store, webAuthnMiddleware } from '../middlewares/webauthn-middleware'\n\nexport const webAuthnGlobalPublicRouter = new Router()\nexport const webAuthnGlobalPrivateRouter = new Router()\n\nconst challengeAsync = util.promisify(store.challenge).bind(store)\n\nwebAuthnGlobalPublicRouter.post('/auth/signin-webauthn/challenge', async (context, next) => {\n const challenge = await challengeAsync({ ...context.request, session: context.session })\n\n context.body = {\n challenge: Buffer.from(challenge).toString('base64')\n }\n})\n\nwebAuthnGlobalPublicRouter.post('/auth/signin-webauthn', webAuthnMiddleware, async (context, next) => {\n const { domain, user } = context.state\n const { request } = context\n const { body: reqBody } = request\n\n const token = await user.sign({ subdomain: domain?.subdomain })\n setAccessTokenCookie(context, token)\n\n var redirectURL = `/auth/checkin${domain ? '/' + domain.subdomain : ''}?redirect_to=${encodeURIComponent(reqBody.redirectTo || '/')}`\n\n /* 2단계 인터렉션 때문에 브라우저에서 fetch(...)로 진행될 것이므로, redirect(3xx) 응답으로 처리할 수 없다. 따라서, 데이타로 redirectURL를 응답한다. */\n context.body = { redirectURL }\n})\n\nwebAuthnGlobalPrivateRouter.post('/auth/register-webauthn/challenge', async (context, next) => {\n const { user } = context.state\n const { email, name } = user || {}\n\n const challenge = await challengeAsync(\n { ...context.request, session: context.session },\n {\n user: {\n id: email\n }\n }\n )\n\n context.body = {\n user: {\n id: Buffer.from(email).toString('base64'),\n name: name,\n displayName: name\n },\n challenge: Buffer.from(challenge).toString('base64')\n }\n})\n"]}
1
+ {"version":3,"file":"webauthn-router.js","sourceRoot":"","sources":["../../server/router/webauthn-router.ts"],"names":[],"mappings":";;;;AAAA,wDAAuB;AACvB,oEAA+B;AAE/B,sEAAmE;AACnE,4EAA8E;AAEjE,QAAA,0BAA0B,GAAG,IAAI,oBAAM,EAAE,CAAA;AACzC,QAAA,2BAA2B,GAAG,IAAI,oBAAM,EAAE,CAAA;AAEvD,MAAM,cAAc,GAAG,cAAI,CAAC,SAAS,CAAC,2BAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,2BAAK,CAAC,CAAA;AAElE,kCAA0B,CAAC,IAAI,CAAC,iCAAiC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzF,MAAM,SAAS,GAAG,MAAM,cAAc,iCAAM,OAAO,CAAC,OAAO,KAAE,OAAO,EAAE,OAAO,CAAC,OAAO,IAAG,CAAA;IAExF,OAAO,CAAC,IAAI,GAAG;QACb,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;KACrD,CAAA;AACH,CAAC,CAAC,CAAA;AAEF,kCAA0B,CAAC,IAAI,CAAC,uBAAuB,EAAE,wCAAkB,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACnG,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IACtC,MAAM,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAC3B,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,OAAO,CAAA;IAEjC,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,MAAM,aAAN,MAAM,uBAAN,MAAM,CAAE,SAAS,EAAE,CAAC,CAAA;IAC/D,IAAA,0CAAoB,EAAC,OAAO,EAAE,KAAK,CAAC,CAAA;IAEpC,IAAI,WAAW,GAAG,gBAAgB,MAAM,CAAC,CAAC,CAAC,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,gBAAgB,kBAAkB,CAAC,OAAO,CAAC,UAAU,IAAI,GAAG,CAAC,EAAE,CAAA;IAErI,yGAAyG;IACzG,OAAO,CAAC,IAAI,GAAG,EAAE,WAAW,EAAE,CAAA;AAChC,CAAC,CAAC,CAAA;AAEF,mCAA2B,CAAC,IAAI,CAAC,mCAAmC,EAAE,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IAC5F,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,KAAK,CAAA;IAC9B,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,IAAI,IAAI,EAAE,CAAA;IAE/B,MAAM,SAAS,GAAG,MAAM,cAAc,iCAC/B,OAAO,CAAC,OAAO,KAAE,OAAO,EAAE,OAAO,CAAC,OAAO,KAC9C;QACE,IAAI,EAAE;YACJ,EAAE;SACH;KACF,CACF,CAAA;IAED,OAAO,CAAC,IAAI,GAAG;QACb,IAAI,EAAE;YACJ,EAAE,EAAE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;YACtC,IAAI,EAAE,IAAI;YACV,WAAW,EAAE,IAAI;SAClB;QACD,SAAS,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC;KACrD,CAAA;AACH,CAAC,CAAC,CAAA","sourcesContent":["import util from 'util'\nimport Router from 'koa-router'\n\nimport { setAccessTokenCookie } from '../utils/access-token-cookie'\nimport { store, webAuthnMiddleware } from '../middlewares/webauthn-middleware'\n\nexport const webAuthnGlobalPublicRouter = new Router()\nexport const webAuthnGlobalPrivateRouter = new Router()\n\nconst challengeAsync = util.promisify(store.challenge).bind(store)\n\nwebAuthnGlobalPublicRouter.post('/auth/signin-webauthn/challenge', async (context, next) => {\n const challenge = await challengeAsync({ ...context.request, session: context.session })\n\n context.body = {\n challenge: Buffer.from(challenge).toString('base64')\n }\n})\n\nwebAuthnGlobalPublicRouter.post('/auth/signin-webauthn', webAuthnMiddleware, async (context, next) => {\n const { domain, user } = context.state\n const { request } = context\n const { body: reqBody } = request\n\n const token = await user.sign({ subdomain: domain?.subdomain })\n setAccessTokenCookie(context, token)\n\n var redirectURL = `/auth/checkin${domain ? '/' + domain.subdomain : ''}?redirect_to=${encodeURIComponent(reqBody.redirectTo || '/')}`\n\n /* 2단계 인터렉션 때문에 브라우저에서 fetch(...)로 진행될 것이므로, redirect(3xx) 응답으로 처리할 수 없다. 따라서, 데이타로 redirectURL를 응답한다. */\n context.body = { redirectURL }\n})\n\nwebAuthnGlobalPrivateRouter.post('/auth/register-webauthn/challenge', async (context, next) => {\n const { user } = context.state\n const { id, name } = user || {}\n\n const challenge = await challengeAsync(\n { ...context.request, session: context.session },\n {\n user: {\n id\n }\n }\n )\n\n context.body = {\n user: {\n id: Buffer.from(id).toString('base64'),\n name: name,\n displayName: name\n },\n challenge: Buffer.from(challenge).toString('base64')\n }\n})\n"]}