Add support for correct types for signup and signin endpoints

supertokens · Dec 16, 2024 · 88620b1 · 88620b1
1 parent fbb2d4b
commit 88620b1
Show file tree

Hide file tree

Showing 3 changed files with 46 additions and 18 deletions.
diff --git a/lib/ts/recipe/webauthn/api/implementation.ts b/lib/ts/recipe/webauthn/api/implementation.ts
@@ -20,7 +20,7 @@ import { getRecoverAccountLink } from "../utils";
 import { logDebugMessage } from "../../../logger";
 import { RecipeLevelUser } from "../../accountlinking/types";
 import { getUser } from "../../..";
-import { CredentialPayload, ResidentKey, UserVerification } from "../types";
+import { AuthenticationPayload, RegistrationPayload, ResidentKey, UserVerification } from "../types";
 
 export default function getAPIImplementation(): APIInterface {
     return {
@@ -195,7 +195,7 @@ export default function getAPIImplementation(): APIInterface {
             userContext,
         }: {
             webauthnGeneratedOptionsId: string;
-            credential: CredentialPayload;
+            credential: RegistrationPayload;
             tenantId: string;
             session: SessionContainerInterface | undefined;
             shouldTryLinkingWithSessionUser: boolean | undefined;
@@ -364,7 +364,7 @@ export default function getAPIImplementation(): APIInterface {
             userContext,
         }: {
             webauthnGeneratedOptionsId: string;
-            credential: CredentialPayload;
+            credential: AuthenticationPayload;
             tenantId: string;
             session?: SessionContainerInterface;
             shouldTryLinkingWithSessionUser: boolean | undefined;
@@ -846,7 +846,7 @@ export default function getAPIImplementation(): APIInterface {
         }: {
             token: string;
             webauthnGeneratedOptionsId: string;
-            credential: CredentialPayload;
+            credential: RegistrationPayload;
             tenantId: string;
             options: APIOptions;
             userContext: UserContext;

diff --git a/lib/ts/recipe/webauthn/index.ts b/lib/ts/recipe/webauthn/index.ts
@@ -24,6 +24,7 @@ import {
     UserVerification,
     ResidentKey,
     Attestation,
+    AuthenticationPayload,
 } from "./types";
 import RecipeUserId from "../../recipeUserId";
 import { DEFAULT_TENANT_ID } from "../multitenancy/constants";
@@ -312,7 +313,7 @@ export default class Wrapper {
     }: {
         tenantId?: string;
         webauthnGeneratedOptionsId: string;
-        credential: CredentialPayload;
+        credential: AuthenticationPayload;
         session?: SessionContainerInterface;
         userContext?: Record<string, any>;
     }): Promise<
@@ -345,7 +346,7 @@ export default class Wrapper {
     }: {
         tenantId?: string;
         webauthnGeneratedOptionsId: string;
-        credential: CredentialPayload;
+        credential: AuthenticationPayload;
         userContext?: Record<string, any>;
     }): Promise<{ status: "OK" } | { status: "INVALID_CREDENTIALS_ERROR" }> {
         const resp = await Recipe.getInstanceOrThrowError().recipeInterfaceImpl.verifyCredentials({

diff --git a/lib/ts/recipe/webauthn/types.ts b/lib/ts/recipe/webauthn/types.ts
@@ -238,7 +238,7 @@ export type RecipeInterface = {
 
     signUp(input: {
         webauthnGeneratedOptionsId: string;
-        credential: CredentialPayload;
+        credential: RegistrationPayload;
         session: SessionContainerInterface | undefined;
         shouldTryLinkingWithSessionUser: boolean | undefined;
         tenantId: string;
@@ -267,7 +267,7 @@ export type RecipeInterface = {
 
     signIn(input: {
         webauthnGeneratedOptionsId: string;
-        credential: CredentialPayload;
+        credential: AuthenticationPayload;
         session: SessionContainerInterface | undefined;
         shouldTryLinkingWithSessionUser: boolean | undefined;
         tenantId: string;
@@ -288,7 +288,7 @@ export type RecipeInterface = {
 
     verifyCredentials(input: {
         webauthnGeneratedOptionsId: string;
-        credential: CredentialPayload;
+        credential: AuthenticationPayload;
         tenantId: string;
         userContext: UserContext;
     }): Promise<
@@ -303,7 +303,7 @@ export type RecipeInterface = {
     // called during operations like creating a user during password reset flow.
     createNewRecipeUser(input: {
         webauthnGeneratedOptionsId: string;
-        credential: CredentialPayload;
+        credential: RegistrationPayload;
         tenantId: string;
         userContext: UserContext;
     }): Promise<
@@ -357,7 +357,7 @@ export type RecipeInterface = {
     // (in consumeRecoverAccountToken invalidating the token and in registerOptions for storing the email in the generated options)
     registerCredential(input: {
         webauthnGeneratedOptionsId: string;
-        credential: CredentialPayload;
+        credential: RegistrationPayload;
         userContext: UserContext;
         recipeUserId: RecipeUserId;
     }): Promise<
@@ -636,7 +636,7 @@ export type APIInterface = {
         | undefined
         | ((input: {
               webauthnGeneratedOptionsId: string;
-              credential: CredentialPayload;
+              credential: RegistrationPayload;
               tenantId: string;
               session: SessionContainerInterface | undefined;
               shouldTryLinkingWithSessionUser: boolean | undefined;
@@ -666,7 +666,7 @@ export type APIInterface = {
         | undefined
         | ((input: {
               webauthnGeneratedOptionsId: string;
-              credential: CredentialPayload;
+              credential: AuthenticationPayload;
               tenantId: string;
               session: SessionContainerInterface | undefined;
               shouldTryLinkingWithSessionUser: boolean | undefined;
@@ -711,7 +711,7 @@ export type APIInterface = {
         | ((input: {
               token: string;
               webauthnGeneratedOptionsId: string;
-              credential: CredentialPayload;
+              credential: RegistrationPayload;
               tenantId: string;
               options: APIOptions;
               userContext: UserContext;
@@ -760,16 +760,43 @@ export type TypeWebauthnRecoverAccountEmailDeliveryInput = {
 
 export type TypeWebauthnEmailDeliveryInput = TypeWebauthnRecoverAccountEmailDeliveryInput;
 
-export type CredentialPayload = {
+export type CredentialPayloadBase = {
     id: string;
     rawId: string;
+    authenticatorAttachment?: "platform" | "cross-platform";
+    clientExtensionResults: Record<string, unknown>;
+    type: "public-key";
+};
+
+export type AuthenticatorAssertionResponseJSON = {
+    clientDataJSON: Base64URLString;
+    authenticatorData: Base64URLString;
+    signature: Base64URLString;
+    userHandle?: Base64URLString;
+};
+
+export type AuthenticatorAttestationResponseJSON = {
+    clientDataJSON: Base64URLString;
+    attestationObject: Base64URLString;
+    authenticatorData?: Base64URLString;
+    transports?: ("ble" | "cable" | "hybrid" | "internal" | "nfc" | "smart-card" | "usb")[];
+    publicKeyAlgorithm?: COSEAlgorithmIdentifier;
+    publicKey?: Base64URLString;
+};
+
+export type AuthenticationPayload = CredentialPayloadBase & {
+    response: AuthenticatorAssertionResponseJSON;
+};
+
+export type RegistrationPayload = CredentialPayloadBase & {
+    response: AuthenticatorAttestationResponseJSON;
+};
+
+export type CredentialPayload = CredentialPayloadBase & {
     response: {
         clientDataJSON: string;
         attestationObject: string;
         transports?: ("ble" | "cable" | "hybrid" | "internal" | "nfc" | "smart-card" | "usb")[];
         userHandle: string;
     };
-    authenticatorAttachment: "platform" | "cross-platform";
-    clientExtensionResults: Record<string, unknown>;
-    type: "public-key";
 };