@things-factory/auth-base 7.0.1-rc.10 → 7.0.1-rc.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist-server/middlewares/webauthn-middleware.js +36 -31
  2. package/dist-server/middlewares/webauthn-middleware.js.map +1 -1
  3. package/dist-server/tsconfig.tsbuildinfo +1 -1
  4. package/package.json +4 -4
  5. package/server/middlewares/webauthn-middleware.ts +45 -41
package/dist-server/middlewares/webauthn-middleware.js CHANGED
@@ -40,39 +40,44 @@ koa_passport_1.default.use('webauthn-register', new passport_custom_1.Strategy(a
40
40
  }
41
41
  }));
42
42
  koa_passport_1.default.use('webauthn-login', new passport_custom_1.Strategy(async (context, done) => {
43
- const { body, session, origin, hostname } = context;
44
- const challenge = session.challenge;
45
- const assertionResponse = body;
46
- const credential = await (0, shell_1.getRepository)(web_auth_credential_1.WebAuthCredential).findOne({
47
- where: {
48
- credentialId: assertionResponse.id
49
- },
50
- relations: ['user']
51
- });
52
- if (!credential) {
53
- return done(null, false);
54
- }
55
- const verification = await (0, server_1.verifyAuthenticationResponse)({
56
- response: body,
57
- expectedChallenge: challenge,
58
- expectedOrigin: origin,
59
- expectedRPID: hostname,
60
- requireUserVerification: false,
61
- authenticator: {
62
- credentialID: credential.credentialId,
63
- credentialPublicKey: new Uint8Array(Buffer.from(credential.publicKey, 'base64')),
64
- counter: credential.counter
43
+ try {
44
+ const { body, session, origin, hostname } = context;
45
+ const challenge = session.challenge;
46
+ const assertionResponse = body;
47
+ const credential = await (0, shell_1.getRepository)(web_auth_credential_1.WebAuthCredential).findOne({
48
+ where: {
49
+ credentialId: assertionResponse.id
50
+ },
51
+ relations: ['user']
52
+ });
53
+ if (!credential) {
54
+ return done(null, false);
55
+ }
56
+ const verification = await (0, server_1.verifyAuthenticationResponse)({
57
+ response: body,
58
+ expectedChallenge: challenge,
59
+ expectedOrigin: origin,
60
+ expectedRPID: hostname,
61
+ requireUserVerification: false,
62
+ authenticator: {
63
+ credentialID: credential.credentialId,
64
+ credentialPublicKey: new Uint8Array(Buffer.from(credential.publicKey, 'base64')),
65
+ counter: credential.counter
66
+ }
67
+ });
68
+ if (verification.verified) {
69
+ const { authenticationInfo } = verification;
70
+ credential.counter = authenticationInfo.newCounter;
71
+ await (0, shell_1.getRepository)(web_auth_credential_1.WebAuthCredential).save(credential);
72
+ const user = credential.user;
73
+ return done(null, user);
74
+ }
75
+ else {
76
+ return done(verification, false);
65
77
  }
66
- });
67
- if (verification.verified) {
68
- const { authenticationInfo } = verification;
69
- credential.counter = authenticationInfo.newCounter;
70
- await (0, shell_1.getRepository)(web_auth_credential_1.WebAuthCredential).save(credential);
71
- const user = credential.user;
72
- return done(null, user);
73
78
  }
74
- else {
75
- return done(verification, false);
79
+ catch (error) {
80
+ return done(error, false);
76
81
  }
77
82
  }));
78
83
  function createWebAuthnMiddleware(strategy) {
package/dist-server/middlewares/webauthn-middleware.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"webauthn-middleware.js","sourceRoot":"","sources":["../../server/middlewares/webauthn-middleware.ts"],"names":[],"mappings":";;AAqGA,4DAqBC;;AA1HD,wEAAmC;AACnC,qDAA4D;AAE5D,iDAAqD;AAGrD,qDAAgD;AAEhD,4FAAsF;AACtF,mDAAiG;AAIjG,sBAAQ,CAAC,GAAG,CACV,mBAAmB,EACnB,IAAI,0BAAc,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAc,CAAA;IAEhE,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAEnC,MAAM,YAAY,GAAG,MAAM,IAAA,mCAA0B,EAAC;QACpD,QAAQ,EAAE,IAAI;QACd,iBAAiB,EAAE,SAAS;QAC5B,cAAc,EAAE,MAAM;QACtB,YAAY,EAAE,QAAQ;QACtB,YAAY,EAAE,iBAAiB;QAC/B,uBAAuB,EAAE,KAAK;KAC/B,CAAC,CAAA;IAEF,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;QAC1B,MAAM,EAAE,gBAAgB,EAAE,GAAG,YAAY,CAAA;QACzC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QAEtF,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,iBAAiB,GAAG,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAA;YAC1D,MAAM,iBAAiB,CAAC,IAAI,CAAC;gBAC3B,IAAI;gBACJ,YAAY,EAAE,gBAAgB,CAAC,YAAY;gBAC3C,SAAS;gBACT,OAAO,EAAE,gBAAgB,CAAC,OAAO;gBACjC,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,IAAI;aACd,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;IACzB,CAAC;SAAM,CAAC;QACN,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;IAC1B,CAAC;AACH,CAAC,CAAC,CACH,CAAA;AAED,sBAAQ,CAAC,GAAG,CACV,gBAAgB,EAChB,IAAI,0BAAc,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAc,CAAA;IAE1D,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAEnC,MAAM,iBAAiB,GAAG,IAGzB,CAAA;IAED,MAAM,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAC,OAAO,CAAC;QAChE,KAAK,EAAE;YACL,YAAY,EAAE,iBAAiB,CAAC,EAAE;SACnC;QACD,SAAS,EAAE,CAAC,MAAM,CAAC;KACpB,CAAC,CAAA;IAEF,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;IAC1B,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,IAAA,qCAA4B,EAAC;QACtD,QAAQ,EAAE,IAAI;QACd,iBAAiB,EAAE,SAAS;QAC5B,cAAc,EAAE,MAAM;QACtB,YAAY,EAAE,QAAQ;QACtB,uBAAuB,EAAE,KAAK;QAC9B,aAAa,EAAE;YACb,YAAY,EAAE,UAAU,CAAC,YAAY;YACrC,mBAAmB,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;YAChF,OAAO,EAAE,UAAU,CAAC,OAAO;SAC5B;KACF,CAAC,CAAA;IAEF,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;QAC1B,MAAM,EAAE,kBAAkB,EAAE,GAAG,YAAY,CAAA;QAC3C,UAAU,CAAC,OAAO,GAAG,kBAAkB,CAAC,UAAU,CAAA;QAClD,MAAM,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;QAEvD,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAA;QAC5B,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;IACzB,CAAC;SAAM,CAAC;QACN,OAAO,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAA;IAClC,CAAC;AACH,CAAC,CAAC,CACH,CAAA;AAED,SAAgB,wBAAwB,CAAC,QAAgD;IACvF,OAAO,KAAK,UAAU,kBAAkB,CAAC,OAAO,EAAE,IAAI;QACpD,OAAO,sBAAQ,CAAC,YAAY,CAC1B,QAAQ,EACR,EAAE,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,EAC5D,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YAClB,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,IAAI,sBAAS,CAAC;oBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,yBAAyB;oBAC1D,MAAM,EAAE,GAAG;iBACZ,CAAC,CAAA;YACJ,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;gBAEzB,OAAO,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAA;YACzC,CAAC;YAED,MAAM,IAAI,EAAE,CAAA;QACd,CAAC,CACF,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;IAClB,CAAC,CAAA;AACH,CAAC","sourcesContent":["import passport from 'koa-passport'\nimport { Strategy as CustomStrategy } from 'passport-custom'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { User } from '../service/user/user'\nimport { AuthError } from '../errors/auth-error'\n\nimport { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential'\nimport { verifyRegistrationResponse, verifyAuthenticationResponse } from '@simplewebauthn/server'\n\nimport { AuthenticatorAssertionResponse } from '@simplewebauthn/types'\n\npassport.use(\n 'webauthn-register',\n new CustomStrategy(async (context, done) => {\n const { body, session, user, hostname, origin } = context as any\n\n const challenge = session.challenge\n\n const verification = await verifyRegistrationResponse({\n response: body,\n expectedChallenge: challenge,\n expectedOrigin: origin,\n expectedRPID: hostname,\n expectedType: 'webauthn.create',\n requireUserVerification: false\n })\n\n if (verification.verified) {\n const { registrationInfo } = verification\n const publicKey = Buffer.from(registrationInfo.credentialPublicKey).toString('base64')\n\n if (user) {\n const webAuthRepository = getRepository(WebAuthCredential)\n await webAuthRepository.save({\n user,\n credentialId: registrationInfo.credentialID,\n publicKey,\n counter: registrationInfo.counter,\n creator: user,\n updater: user\n })\n }\n\n return done(null, user)\n } else {\n return done(null, false)\n }\n })\n)\n\npassport.use(\n 'webauthn-login',\n new CustomStrategy(async (context, done) => {\n const { body, session, origin, hostname } = context as any\n\n const challenge = session.challenge\n\n const assertionResponse = body as {\n id: string\n response: AuthenticatorAssertionResponse\n }\n\n const credential = await getRepository(WebAuthCredential).findOne({\n where: {\n credentialId: assertionResponse.id\n },\n relations: ['user']\n })\n\n if (!credential) {\n return done(null, false)\n }\n\n const verification = await verifyAuthenticationResponse({\n response: body,\n expectedChallenge: challenge,\n expectedOrigin: origin,\n expectedRPID: hostname,\n requireUserVerification: false,\n authenticator: {\n credentialID: credential.credentialId,\n credentialPublicKey: new Uint8Array(Buffer.from(credential.publicKey, 'base64')),\n counter: credential.counter\n }\n })\n\n if (verification.verified) {\n const { authenticationInfo } = verification\n credential.counter = authenticationInfo.newCounter\n await getRepository(WebAuthCredential).save(credential)\n\n const user = credential.user\n return done(null, user)\n } else {\n return done(verification, false)\n }\n })\n)\n\nexport function createWebAuthnMiddleware(strategy: 'webauthn-register' | 'webauthn-login') {\n return async function webAuthnMiddleware(context, next) {\n return passport.authenticate(\n strategy,\n { session: true, failureMessage: true, failWithError: true },\n async (err, user) => {\n if (err || !user) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.AUTHN_VERIFICATION_FAILED,\n detail: err\n })\n } else {\n context.state.user = user\n\n context.body = { user, verified: true }\n }\n\n await next()\n }\n )(context, next)\n }\n}\n"]}
1
+ {"version":3,"file":"webauthn-middleware.js","sourceRoot":"","sources":["../../server/middlewares/webauthn-middleware.ts"],"names":[],"mappings":";;AAyGA,4DAqBC;;AA9HD,wEAAmC;AACnC,qDAA4D;AAE5D,iDAAqD;AAGrD,qDAAgD;AAEhD,4FAAsF;AACtF,mDAAiG;AAIjG,sBAAQ,CAAC,GAAG,CACV,mBAAmB,EACnB,IAAI,0BAAc,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzC,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAc,CAAA;IAEhE,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;IAEnC,MAAM,YAAY,GAAG,MAAM,IAAA,mCAA0B,EAAC;QACpD,QAAQ,EAAE,IAAI;QACd,iBAAiB,EAAE,SAAS;QAC5B,cAAc,EAAE,MAAM;QACtB,YAAY,EAAE,QAAQ;QACtB,YAAY,EAAE,iBAAiB;QAC/B,uBAAuB,EAAE,KAAK;KAC/B,CAAC,CAAA;IAEF,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;QAC1B,MAAM,EAAE,gBAAgB,EAAE,GAAG,YAAY,CAAA;QACzC,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAA;QAEtF,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,iBAAiB,GAAG,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAA;YAC1D,MAAM,iBAAiB,CAAC,IAAI,CAAC;gBAC3B,IAAI;gBACJ,YAAY,EAAE,gBAAgB,CAAC,YAAY;gBAC3C,SAAS;gBACT,OAAO,EAAE,gBAAgB,CAAC,OAAO;gBACjC,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,IAAI;aACd,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;IACzB,CAAC;SAAM,CAAC;QACN,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;IAC1B,CAAC;AACH,CAAC,CAAC,CACH,CAAA;AAED,sBAAQ,CAAC,GAAG,CACV,gBAAgB,EAChB,IAAI,0BAAc,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,EAAE,EAAE;IACzC,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,OAAc,CAAA;QAE1D,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAA;QAEnC,MAAM,iBAAiB,GAAG,IAGzB,CAAA;QAED,MAAM,UAAU,GAAG,MAAM,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAC,OAAO,CAAC;YAChE,KAAK,EAAE;gBACL,YAAY,EAAE,iBAAiB,CAAC,EAAE;aACnC;YACD,SAAS,EAAE,CAAC,MAAM,CAAC;SACpB,CAAC,CAAA;QAEF,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,OAAO,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC1B,CAAC;QAED,MAAM,YAAY,GAAG,MAAM,IAAA,qCAA4B,EAAC;YACtD,QAAQ,EAAE,IAAI;YACd,iBAAiB,EAAE,SAAS;YAC5B,cAAc,EAAE,MAAM;YACtB,YAAY,EAAE,QAAQ;YACtB,uBAAuB,EAAE,KAAK;YAC9B,aAAa,EAAE;gBACb,YAAY,EAAE,UAAU,CAAC,YAAY;gBACrC,mBAAmB,EAAE,IAAI,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;gBAChF,OAAO,EAAE,UAAU,CAAC,OAAO;aAC5B;SACF,CAAC,CAAA;QAEF,IAAI,YAAY,CAAC,QAAQ,EAAE,CAAC;YAC1B,MAAM,EAAE,kBAAkB,EAAE,GAAG,YAAY,CAAA;YAC3C,UAAU,CAAC,OAAO,GAAG,kBAAkB,CAAC,UAAU,CAAA;YAClD,MAAM,IAAA,qBAAa,EAAC,uCAAiB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAA;YAEvD,MAAM,IAAI,GAAG,UAAU,CAAC,IAAI,CAAA;YAC5B,OAAO,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,CAAA;QACzB,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAA;QAClC,CAAC;IACH,CAAC;IAAC,OAAM,KAAK,EAAE,CAAC;QACd,OAAO,IAAI,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;IAC3B,CAAC;AACH,CAAC,CAAC,CACH,CAAA;AAED,SAAgB,wBAAwB,CAAC,QAAgD;IACvF,OAAO,KAAK,UAAU,kBAAkB,CAAC,OAAO,EAAE,IAAI;QACpD,OAAO,sBAAQ,CAAC,YAAY,CAC1B,QAAQ,EACR,EAAE,OAAO,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,EAC5D,KAAK,EAAE,GAAG,EAAE,IAAI,EAAE,EAAE;YAClB,IAAI,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;gBACjB,MAAM,IAAI,sBAAS,CAAC;oBAClB,SAAS,EAAE,sBAAS,CAAC,WAAW,CAAC,yBAAyB;oBAC1D,MAAM,EAAE,GAAG;iBACZ,CAAC,CAAA;YACJ,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAA;gBAEzB,OAAO,CAAC,IAAI,GAAG,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAA;YACzC,CAAC;YAED,MAAM,IAAI,EAAE,CAAA;QACd,CAAC,CACF,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;IAClB,CAAC,CAAA;AACH,CAAC","sourcesContent":["import passport from 'koa-passport'\nimport { Strategy as CustomStrategy } from 'passport-custom'\n\nimport { getRepository } from '@things-factory/shell'\n\nimport { User } from '../service/user/user'\nimport { AuthError } from '../errors/auth-error'\n\nimport { WebAuthCredential } from '../service/web-auth-credential/web-auth-credential'\nimport { verifyRegistrationResponse, verifyAuthenticationResponse } from '@simplewebauthn/server'\n\nimport { AuthenticatorAssertionResponse } from '@simplewebauthn/types'\n\npassport.use(\n 'webauthn-register',\n new CustomStrategy(async (context, done) => {\n const { body, session, user, hostname, origin } = context as any\n\n const challenge = session.challenge\n\n const verification = await verifyRegistrationResponse({\n response: body,\n expectedChallenge: challenge,\n expectedOrigin: origin,\n expectedRPID: hostname,\n expectedType: 'webauthn.create',\n requireUserVerification: false\n })\n\n if (verification.verified) {\n const { registrationInfo } = verification\n const publicKey = Buffer.from(registrationInfo.credentialPublicKey).toString('base64')\n\n if (user) {\n const webAuthRepository = getRepository(WebAuthCredential)\n await webAuthRepository.save({\n user,\n credentialId: registrationInfo.credentialID,\n publicKey,\n counter: registrationInfo.counter,\n creator: user,\n updater: user\n })\n }\n\n return done(null, user)\n } else {\n return done(null, false)\n }\n })\n)\n\npassport.use(\n 'webauthn-login',\n new CustomStrategy(async (context, done) => {\n try {\n const { body, session, origin, hostname } = context as any\n\n const challenge = session.challenge\n \n const assertionResponse = body as {\n id: string\n response: AuthenticatorAssertionResponse\n }\n \n const credential = await getRepository(WebAuthCredential).findOne({\n where: {\n credentialId: assertionResponse.id\n },\n relations: ['user']\n })\n \n if (!credential) {\n return done(null, false)\n }\n \n const verification = await verifyAuthenticationResponse({\n response: body,\n expectedChallenge: challenge,\n expectedOrigin: origin,\n expectedRPID: hostname,\n requireUserVerification: false,\n authenticator: {\n credentialID: credential.credentialId,\n credentialPublicKey: new Uint8Array(Buffer.from(credential.publicKey, 'base64')),\n counter: credential.counter\n }\n })\n \n if (verification.verified) {\n const { authenticationInfo } = verification\n credential.counter = authenticationInfo.newCounter\n await getRepository(WebAuthCredential).save(credential)\n \n const user = credential.user\n return done(null, user)\n } else {\n return done(verification, false)\n }\n } catch(error) {\n return done(error, false)\n }\n })\n)\n\nexport function createWebAuthnMiddleware(strategy: 'webauthn-register' | 'webauthn-login') {\n return async function webAuthnMiddleware(context, next) {\n return passport.authenticate(\n strategy,\n { session: true, failureMessage: true, failWithError: true },\n async (err, user) => {\n if (err || !user) {\n throw new AuthError({\n errorCode: AuthError.ERROR_CODES.AUTHN_VERIFICATION_FAILED,\n detail: err\n })\n } else {\n context.state.user = user\n\n context.body = { user, verified: true }\n }\n\n await next()\n }\n )(context, next)\n }\n}\n"]}