fix(auth): remove authenticator names from server
This commit is contained in:
Karol Sójko
parent
d827513b73
commit
c45653a50a
17 changed files with 14 additions and 56 deletions
|
|
@ -0,0 +1,13 @@
|
|||
import { MigrationInterface, QueryRunner } from 'typeorm'
|
||||
|
||||
export class removeAuthenticatorNamesFromServer1678340701766 implements MigrationInterface {
|
||||
name = 'removeAuthenticatorNamesFromServer1678340701766'
|
||||
|
||||
public async up(queryRunner: QueryRunner): Promise<void> {
|
||||
await queryRunner.query('ALTER TABLE `authenticators` DROP COLUMN `name`')
|
||||
}
|
||||
|
||||
public async down(): Promise<void> {
|
||||
return
|
||||
}
|
||||
}
|
||||
|
|
@ -88,7 +88,6 @@ export class AuthenticatorsController {
|
|||
): Promise<HttpResponse<VerifyAuthenticatorRegistrationResponseResponseBody>> {
|
||||
const result = await this.verifyAuthenticatorRegistrationResponse.execute({
|
||||
userUuid: params.userUuid,
|
||||
name: params.name,
|
||||
attestationResponse: params.attestationResponse,
|
||||
})
|
||||
|
||||
|
|
|
|||
|
|
@ -6,7 +6,6 @@ describe('Authenticator', () => {
|
|||
it('should create an entity', () => {
|
||||
const entityOrError = Authenticator.create({
|
||||
counter: 1,
|
||||
name: 'my-key',
|
||||
credentialBackedUp: true,
|
||||
credentialDeviceType: 'singleDevice',
|
||||
credentialId: Buffer.from('credentialId'),
|
||||
|
|
|
|||
|
|
@ -1,7 +1,6 @@
|
|||
import { Dates, Uuid } from '@standardnotes/domain-core'
|
||||
|
||||
export interface AuthenticatorProps {
|
||||
name: string
|
||||
userUuid: Uuid
|
||||
credentialId: Uint8Array
|
||||
credentialPublicKey: Uint8Array
|
||||
|
|
|
|||
|
|
@ -12,7 +12,6 @@ describe('DeleteAuthenticator', () => {
|
|||
beforeEach(() => {
|
||||
authenticator = Authenticator.create({
|
||||
counter: 1,
|
||||
name: 'my-key',
|
||||
credentialBackedUp: true,
|
||||
credentialDeviceType: 'singleDevice',
|
||||
credentialId: Buffer.from('credentialId'),
|
||||
|
|
|
|||
|
|
@ -24,7 +24,6 @@ describe('GenerateAuthenticatorAuthenticationOptions', () => {
|
|||
beforeEach(() => {
|
||||
const authenticator = Authenticator.create({
|
||||
counter: 1,
|
||||
name: 'my-key',
|
||||
credentialBackedUp: true,
|
||||
credentialDeviceType: 'singleDevice',
|
||||
credentialId: Buffer.from('credentialId'),
|
||||
|
|
|
|||
|
|
@ -21,7 +21,6 @@ describe('GenerateAuthenticatorRegistrationOptions', () => {
|
|||
beforeEach(() => {
|
||||
const authenticator = Authenticator.create({
|
||||
counter: 1,
|
||||
name: 'my-key',
|
||||
credentialBackedUp: true,
|
||||
credentialDeviceType: 'singleDevice',
|
||||
credentialId: Buffer.from('credentialId'),
|
||||
|
|
|
|||
|
|
@ -24,7 +24,6 @@ describe('VerifyAuthenticatorAuthenticationResponse', () => {
|
|||
beforeEach(() => {
|
||||
const authenticator = Authenticator.create({
|
||||
counter: 1,
|
||||
name: 'my-key',
|
||||
credentialBackedUp: true,
|
||||
credentialDeviceType: 'singleDevice',
|
||||
credentialId: Buffer.from('credentialId'),
|
||||
|
|
|
|||
|
|
@ -38,7 +38,6 @@ describe('VerifyAuthenticatorRegistrationResponse', () => {
|
|||
|
||||
const result = await useCase.execute({
|
||||
userUuid: 'invalid',
|
||||
name: 'name',
|
||||
attestationResponse: {
|
||||
id: Buffer.from('id'),
|
||||
rawId: Buffer.from('rawId'),
|
||||
|
|
@ -56,27 +55,6 @@ describe('VerifyAuthenticatorRegistrationResponse', () => {
|
|||
)
|
||||
})
|
||||
|
||||
it('should return error if name is invalid', async () => {
|
||||
const useCase = createUseCase()
|
||||
|
||||
const result = await useCase.execute({
|
||||
userUuid: '00000000-0000-0000-0000-000000000000',
|
||||
name: '',
|
||||
attestationResponse: {
|
||||
id: Buffer.from('id'),
|
||||
rawId: Buffer.from('rawId'),
|
||||
response: {
|
||||
attestationObject: Buffer.from('attestationObject'),
|
||||
clientDataJSON: Buffer.from('clientDataJSON'),
|
||||
},
|
||||
type: 'type',
|
||||
},
|
||||
})
|
||||
|
||||
expect(result.isFailed()).toBeTruthy()
|
||||
expect(result.getError()).toEqual('Could not verify authenticator registration response: Given value is empty: ')
|
||||
})
|
||||
|
||||
it('should return error if challenge is not found', async () => {
|
||||
authenticatorChallengeRepository.findByUserUuid = jest.fn().mockReturnValue(null)
|
||||
|
||||
|
|
@ -84,7 +62,6 @@ describe('VerifyAuthenticatorRegistrationResponse', () => {
|
|||
|
||||
const result = await useCase.execute({
|
||||
userUuid: '00000000-0000-0000-0000-000000000000',
|
||||
name: 'name',
|
||||
attestationResponse: {
|
||||
id: Buffer.from('id'),
|
||||
rawId: Buffer.from('rawId'),
|
||||
|
|
@ -125,7 +102,6 @@ describe('VerifyAuthenticatorRegistrationResponse', () => {
|
|||
|
||||
const result = await useCase.execute({
|
||||
userUuid: '00000000-0000-0000-0000-000000000000',
|
||||
name: 'name',
|
||||
attestationResponse: {
|
||||
id: Buffer.from('id'),
|
||||
rawId: Buffer.from('rawId'),
|
||||
|
|
@ -159,7 +135,6 @@ describe('VerifyAuthenticatorRegistrationResponse', () => {
|
|||
|
||||
const result = await useCase.execute({
|
||||
userUuid: '00000000-0000-0000-0000-000000000000',
|
||||
name: 'name',
|
||||
attestationResponse: {
|
||||
id: Buffer.from('id'),
|
||||
rawId: Buffer.from('rawId'),
|
||||
|
|
@ -195,7 +170,6 @@ describe('VerifyAuthenticatorRegistrationResponse', () => {
|
|||
|
||||
const result = await useCase.execute({
|
||||
userUuid: '00000000-0000-0000-0000-000000000000',
|
||||
name: 'name',
|
||||
attestationResponse: {
|
||||
id: Buffer.from('id'),
|
||||
rawId: Buffer.from('rawId'),
|
||||
|
|
@ -245,7 +219,6 @@ describe('VerifyAuthenticatorRegistrationResponse', () => {
|
|||
|
||||
const result = await useCase.execute({
|
||||
userUuid: '00000000-0000-0000-0000-000000000000',
|
||||
name: 'name',
|
||||
attestationResponse: {
|
||||
id: Buffer.from('id'),
|
||||
rawId: Buffer.from('rawId'),
|
||||
|
|
@ -289,7 +262,6 @@ describe('VerifyAuthenticatorRegistrationResponse', () => {
|
|||
|
||||
const result = await useCase.execute({
|
||||
userUuid: '00000000-0000-0000-0000-000000000000',
|
||||
name: 'name',
|
||||
attestationResponse: {
|
||||
id: Buffer.from('id'),
|
||||
rawId: Buffer.from('rawId'),
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
import { Dates, Result, UseCaseInterface, Uuid, Validator } from '@standardnotes/domain-core'
|
||||
import { Dates, Result, UseCaseInterface, Uuid } from '@standardnotes/domain-core'
|
||||
import { VerifiedRegistrationResponse, verifyRegistrationResponse } from '@simplewebauthn/server'
|
||||
|
||||
import { AuthenticatorChallengeRepositoryInterface } from '../../Authenticator/AuthenticatorChallengeRepositoryInterface'
|
||||
|
|
@ -22,11 +22,6 @@ export class VerifyAuthenticatorRegistrationResponse implements UseCaseInterface
|
|||
}
|
||||
const userUuid = userUuidOrError.getValue()
|
||||
|
||||
const nameValidation = Validator.isNotEmpty(dto.name)
|
||||
if (nameValidation.isFailed()) {
|
||||
return Result.fail(`Could not verify authenticator registration response: ${nameValidation.getError()}`)
|
||||
}
|
||||
|
||||
const authenticatorChallenge = await this.authenticatorChallengeRepository.findByUserUuid(userUuid)
|
||||
if (!authenticatorChallenge) {
|
||||
return Result.fail('Could not verify authenticator registration response: challenge not found')
|
||||
|
|
@ -55,7 +50,6 @@ export class VerifyAuthenticatorRegistrationResponse implements UseCaseInterface
|
|||
|
||||
const authenticatorOrError = Authenticator.create({
|
||||
userUuid,
|
||||
name: dto.name,
|
||||
counter: verification.registrationInfo.counter,
|
||||
credentialBackedUp: verification.registrationInfo.credentialBackedUp,
|
||||
credentialDeviceType: verification.registrationInfo.credentialDeviceType,
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
export interface VerifyAuthenticatorRegistrationResponseDTO {
|
||||
userUuid: string
|
||||
name: string
|
||||
attestationResponse: Record<string, unknown>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,4 +1,3 @@
|
|||
export interface AuthenticatorHttpProjection {
|
||||
id: string
|
||||
name: string
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,5 +1,4 @@
|
|||
export interface VerifyAuthenticatorRegistrationResponseRequestParams {
|
||||
userUuid: string
|
||||
name: string
|
||||
attestationResponse: Record<string, unknown>
|
||||
}
|
||||
|
|
|
|||
|
|
@ -52,7 +52,6 @@ export class InversifyExpressAuthenticatorsController extends BaseHttpController
|
|||
const result = await this.authenticatorsController.verifyRegistrationResponse({
|
||||
userUuid: response.locals.user.uuid,
|
||||
attestationResponse: request.body.attestationResponse,
|
||||
name: request.body.name,
|
||||
})
|
||||
|
||||
return this.json(result.data, result.status)
|
||||
|
|
|
|||
|
|
@ -11,13 +11,6 @@ export class TypeORMAuthenticator {
|
|||
})
|
||||
declare userUuid: string
|
||||
|
||||
@Column({
|
||||
name: 'name',
|
||||
type: 'varchar',
|
||||
length: 255,
|
||||
})
|
||||
declare name: string
|
||||
|
||||
@Column({
|
||||
name: 'credential_id',
|
||||
type: 'text',
|
||||
|
|
|
|||
|
|
@ -11,7 +11,6 @@ export class AuthenticatorHttpMapper implements MapperInterface<Authenticator, A
|
|||
toProjection(domain: Authenticator): AuthenticatorHttpProjection {
|
||||
return {
|
||||
id: domain.id.toString(),
|
||||
name: domain.props.name,
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@ export class AuthenticatorPersistenceMapper implements MapperInterface<Authentic
|
|||
const authenticatorOrError = Authenticator.create(
|
||||
{
|
||||
userUuid,
|
||||
name: projection.name,
|
||||
counter: projection.counter,
|
||||
credentialBackedUp: projection.credentialBackedUp,
|
||||
credentialDeviceType: projection.credentialDeviceType,
|
||||
|
|
@ -43,7 +42,6 @@ export class AuthenticatorPersistenceMapper implements MapperInterface<Authentic
|
|||
const typeorm = new TypeORMAuthenticator()
|
||||
|
||||
typeorm.uuid = domain.id.toString()
|
||||
typeorm.name = domain.props.name
|
||||
typeorm.userUuid = domain.props.userUuid.value
|
||||
typeorm.credentialId = Buffer.from(domain.props.credentialId).toString('base64url')
|
||||
typeorm.credentialPublicKey = Buffer.from(domain.props.credentialPublicKey.buffer)
|
||||
|
|
|
|||
Loading…
Reference in a new issue