Skip to content

Commit

Permalink
Fix issue with passkey userId decoding
Browse files Browse the repository at this point in the history
  • Loading branch information
@shilgapira
shilgapira committed Feb 9, 2025
1 parent a9a2169 commit d5a75b0
Showing 1 changed file with 11 additions and 2 deletions.
13 changes: 11 additions & 2 deletions src/internal/routes/Passkey.swift
View file
Original file line number Diff line number Diff line change
Expand Up @@ -168,9 +168,10 @@ private struct RegisterOptions {
init(from options: String) throws {
guard let root = try? JSONDecoder().decode(Root.self, from: Data(options.utf8)) else { throw DescopeError.decodeError.with(message: "Invalid passkey register options") }
guard let challengeData = Data(base64URLEncoded: root.publicKey.challenge) else { throw DescopeError.decodeError.with(message: "Invalid passkey challenge") }
guard let userId = Data(base64URLEncoded: root.publicKey.user.id) else { throw DescopeError.decodeError.with(message: "Invalid passkey user id") }
challenge = challengeData
rpId = root.publicKey.rp.id
user = (id: Data(root.publicKey.user.id.utf8), name: root.publicKey.user.name, displayName: root.publicKey.user.displayName)
user = (id: userId, name: root.publicKey.user.name, displayName: root.publicKey.user.displayName)
}

private struct Root: Codable {
Expand Down Expand Up @@ -272,7 +273,7 @@ private struct AssertionFinish: Codable {
let credentialId = assertion.credentialID.base64URLEncodedString()
let authenticatorData = assertion.rawAuthenticatorData.base64URLEncodedString()
let clientDataJSON = assertion.rawClientDataJSON.base64URLEncodedString()
guard let userHandle = String(bytes: assertion.userID, encoding: .utf8) else { throw DescopeError.passkeyFailed.with(message: "Invalid user handle") }
let userHandle = try parseUserHandle(assertion.userID)
let signature = assertion.signature.base64URLEncodedString()

let response = Response(authenticatorData: authenticatorData, clientDataJSON: clientDataJSON, signature: signature, userHandle: userHandle)
Expand All @@ -281,4 +282,12 @@ private struct AssertionFinish: Codable {
guard let encodedObject = try? JSONEncoder().encode(object), let encoded = String(bytes: encodedObject, encoding: .utf8) else { throw DescopeError.encodeError.with(message: "Invalid assertion finish object") }
return encoded
}

static func parseUserHandle(_ value: Data) throws -> String {
guard let stringValue = String(bytes: value, encoding: .utf8) else { throw DescopeError.passkeyFailed.with(message: "Invalid user handle") }
if stringValue.count >= 30, stringValue.hasPrefix("V") {
return stringValue
}
return value.base64URLEncodedString()
}
}

0 comments on commit d5a75b0

Please sign in to comment.