From b7d950b40cc528868248d39deafb0446de3a8de5 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 13 May 2024 11:05:08 +0800 Subject: [PATCH] fix(deps): update dependency @simplewebauthn/server to v10 (#5705) * fix(deps): update dependency @simplewebauthn/server to v10 * fix(core): update code to support @simplewebauthn/server v10 --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: wangsijie --- packages/core/package.json | 2 +- .../src/routes/interaction/utils/webauthn.ts | 8 +- .../verifications/mfa-payload-verification.ts | 2 +- pnpm-lock.yaml | 111 +++--------------- 4 files changed, 22 insertions(+), 101 deletions(-) diff --git a/packages/core/package.json b/packages/core/package.json index 5f71ac05e..666590061 100644 --- a/packages/core/package.json +++ b/packages/core/package.json @@ -45,7 +45,7 @@ "@logto/shared": "workspace:^3.1.0", "@silverhand/essentials": "^2.9.0", "@silverhand/slonik": "31.0.0-beta.2", - "@simplewebauthn/server": "^9.0.0", + "@simplewebauthn/server": "^10.0.0", "@withtyped/client": "^0.8.7", "camelcase": "^8.0.0", "camelcase-keys": "^9.0.0", diff --git a/packages/core/src/routes/interaction/utils/webauthn.ts b/packages/core/src/routes/interaction/utils/webauthn.ts index ced78779a..c9f71077f 100644 --- a/packages/core/src/routes/interaction/utils/webauthn.ts +++ b/packages/core/src/routes/interaction/utils/webauthn.ts @@ -37,7 +37,7 @@ export const generateWebAuthnRegistrationOptions = async ({ const options: GenerateRegistrationOptionsOpts = { rpName: rpId, rpID: rpId, - userID: id, + userID: Uint8Array.from(Buffer.from(id)), userName: getUserDisplayName({ username, primaryEmail, primaryPhone }) ?? 'Unnamed User', timeout: 60_000, attestationType: 'none', @@ -47,7 +47,7 @@ export const generateWebAuthnRegistrationOptions = async ({ verification.type === MfaFactor.WebAuthn ) .map(({ credentialId, transports }) => ({ - id: Uint8Array.from(Buffer.from(credentialId, 'base64')), + id: credentialId, type: 'public-key', transports, })), @@ -99,7 +99,7 @@ export const generateWebAuthnAuthenticationOptions = async ({ const options: GenerateAuthenticationOptionsOpts = { timeout: 60_000, allowCredentials: webAuthnVerifications.map(({ credentialId, transports }) => ({ - id: isoBase64URL.toBuffer(credentialId), + id: credentialId, type: 'public-key', transports, })), @@ -151,7 +151,7 @@ export const verifyWebAuthnAuthentication = async ({ expectedRPID: rpId, authenticator: { credentialPublicKey: isoBase64URL.toBuffer(publicKey), - credentialID: isoBase64URL.toBuffer(credentialId), + credentialID: credentialId, counter, transports, }, diff --git a/packages/core/src/routes/interaction/verifications/mfa-payload-verification.ts b/packages/core/src/routes/interaction/verifications/mfa-payload-verification.ts index c791ccb83..4fb697516 100644 --- a/packages/core/src/routes/interaction/verifications/mfa-payload-verification.ts +++ b/packages/core/src/routes/interaction/verifications/mfa-payload-verification.ts @@ -106,7 +106,7 @@ const verifyBindWebAuthn = async ( return { type, - credentialId: isoBase64URL.fromBuffer(credentialID), + credentialId: credentialID, publicKey: isoBase64URL.fromBuffer(credentialPublicKey), counter, agent: userAgent, diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index fc22c5fcf..f59cbbe08 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -3133,8 +3133,8 @@ importers: specifier: 31.0.0-beta.2 version: 31.0.0-beta.2 '@simplewebauthn/server': - specifier: ^9.0.0 - version: 9.0.1 + specifier: ^10.0.0 + version: 10.0.0 '@withtyped/client': specifier: ^0.8.7 version: 0.8.7(zod@3.22.4) @@ -4615,36 +4615,6 @@ packages: '@bcoe/v8-coverage@0.2.3': resolution: {integrity: sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==} - '@cbor-extract/cbor-extract-darwin-arm64@2.2.0': - resolution: {integrity: sha512-P7swiOAdF7aSi0H+tHtHtr6zrpF3aAq/W9FXx5HektRvLTM2O89xCyXF3pk7pLc7QpaY7AoaE8UowVf9QBdh3w==} - cpu: [arm64] - os: [darwin] - - '@cbor-extract/cbor-extract-darwin-x64@2.2.0': - resolution: {integrity: sha512-1liF6fgowph0JxBbYnAS7ZlqNYLf000Qnj4KjqPNW4GViKrEql2MgZnAsExhY9LSy8dnvA4C0qHEBgPrll0z0w==} - cpu: [x64] - os: [darwin] - - '@cbor-extract/cbor-extract-linux-arm64@2.2.0': - resolution: {integrity: sha512-rQvhNmDuhjTVXSPFLolmQ47/ydGOFXtbR7+wgkSY0bdOxCFept1hvg59uiLPT2fVDuJFuEy16EImo5tE2x3RsQ==} - cpu: [arm64] - os: [linux] - - '@cbor-extract/cbor-extract-linux-arm@2.2.0': - resolution: {integrity: sha512-QeBcBXk964zOytiedMPQNZr7sg0TNavZeuUCD6ON4vEOU/25+pLhNN6EDIKJ9VLTKaZ7K7EaAriyYQ1NQ05s/Q==} - cpu: [arm] - os: [linux] - - '@cbor-extract/cbor-extract-linux-x64@2.2.0': - resolution: {integrity: sha512-cWLAWtT3kNLHSvP4RKDzSTX9o0wvQEEAj4SKvhWuOVZxiDAeQazr9A+PSiRILK1VYMLeDml89ohxCnUNQNQNCw==} - cpu: [x64] - os: [linux] - - '@cbor-extract/cbor-extract-win32-x64@2.2.0': - resolution: {integrity: sha512-l2M+Z8DO2vbvADOBNLbbh9y5ST1RY5sqkWOg/58GkUPBYou/cuNZ68SGQ644f1CvZ8kcOxyZtw06+dxWHIoN/w==} - cpu: [x64] - os: [win32] - '@changesets/apply-release-plan@6.1.4': resolution: {integrity: sha512-FMpKF1fRlJyCZVYHr3CbinpZZ+6MwvOtWUuO8uo+svcATEoc1zRDcj23pAurJ2TZ/uVz1wFHH6K3NlACy0PLew==} @@ -5157,6 +5127,9 @@ packages: resolution: {integrity: sha512-ribfPYfHb+Uw3b27Eiw6NPqjhIhTpVFzEWLwyc/1Xp+DCdwRRyIlAUODX+9bPARF6aQtUu1+/PHzdNvRzcs/+Q==} engines: {node: '>= 12'} + '@levischuck/tiny-cbor@0.2.2': + resolution: {integrity: sha512-f5CnPw997Y2GQ8FAvtuVVC19FX8mwNNC+1XJcIi16n/LTJifKO6QBgGLgN3YEmqtGMk17SKSuoWES3imJVxAVw==} + '@lezer/common@0.15.12': resolution: {integrity: sha512-edfwCxNLnzq5pBA/yaIhwJ3U3Kz8VAUOTRg0hhxaizaI1N+qxV7EXDv/kLCkLeq2RzSFvxexlaj5Mzfn2kY0Ig==} @@ -5937,9 +5910,12 @@ packages: '@simplewebauthn/browser@10.0.0': resolution: {integrity: sha512-hG0JMZD+LiLUbpQcAjS4d+t4gbprE/dLYop/CkE01ugU/9sKXflxV5s0DRjdz3uNMFecatRfb4ZLG3XvF8m5zg==} - '@simplewebauthn/server@9.0.1': - resolution: {integrity: sha512-XnilMoBygy2BOZjIHPxby+7ENx5ChN2wXfhd14mOgO/XitYMqdphTo/kwgxEI4/Je3lELK1h/eLDJqM2fIKS1w==} - engines: {node: '>=16.0.0'} + '@simplewebauthn/server@10.0.0': + resolution: {integrity: sha512-w5eIoiF7ltg1sgggjY5Tx654j+DBuyEx2B3869jjmPp0xl2Z4BUP4kJ3yJ6DnZIv+ZYYntT3E6nZXNjPOQbrtw==} + engines: {node: '>=20.0.0'} + + '@simplewebauthn/types@10.0.0': + resolution: {integrity: sha512-SFXke7xkgPRowY2E+8djKbdEznTVnD5R6GO7GPTthpHrokLvNKw8C3lFZypTxLI7KkCfGPfhtqB3d7OVGGa9jQ==} '@simplewebauthn/types@10.0.0': resolution: {integrity: sha512-SFXke7xkgPRowY2E+8djKbdEznTVnD5R6GO7GPTthpHrokLvNKw8C3lFZypTxLI7KkCfGPfhtqB3d7OVGGa9jQ==} @@ -7272,13 +7248,6 @@ packages: caniuse-lite@1.0.30001610: resolution: {integrity: sha512-QFutAY4NgaelojVMjY63o6XlZyORPaLfyMnsl3HgnWdJUcX6K0oaJymHjH8PT5Gk7sTm8rvC/c5COUQKXqmOMA==} - cbor-extract@2.2.0: - resolution: {integrity: sha512-Ig1zM66BjLfTXpNgKpvBePq271BPOvu8MR0Jl080yG7Jsl+wAZunfrwiwA+9ruzm/WEdIV5QF/bjDZTqyAIVHA==} - hasBin: true - - cbor-x@1.5.4: - resolution: {integrity: sha512-PVKILDn+Rf6MRhhcyzGXi5eizn1i0i3F8Fe6UMMxXBnWkalq9+C5+VTmlIjAYM4iF2IYF2N+zToqAfYOp+3rfw==} - ccount@1.1.0: resolution: {integrity: sha512-vlNK021QdI7PNeiUh/lKkC/mNHHfV0m/Ad5JoI0TYtlBnJAslM/JIkm/tGC88bkLIwO6OQ5uV6ztS6kVAtCDlg==} @@ -7862,10 +7831,6 @@ packages: engines: {node: '>=0.10'} hasBin: true - detect-libc@2.0.2: - resolution: {integrity: sha512-UX6sGumvvqSaXgdKGUsgZWqcUyIXZ/vZTrlRT/iobiKhGL0zL4d3osHj3uqllWJK+i+sixDS/3COVEOFbupFyw==} - engines: {node: '>=8'} - detect-newline@3.1.0: resolution: {integrity: sha512-TLz+x/vEXm/Y7P7wn1EJFNLxYpUD4TgMosxY6fAVJUnJMbupHBOncxyWUG9OpTaH9EBD7uFI5LfEgmMOc54DsA==} engines: {node: '>=8'} @@ -10488,10 +10453,6 @@ packages: resolution: {integrity: sha512-YlCCc6Wffkx0kHkmam79GKvDQ6x+QZkMjFGrIMxgFNILFvGSbCp2fCBC55pGTT9gVaz8Na5CLmxt/urtzRv36w==} hasBin: true - node-gyp-build-optional-packages@5.1.1: - resolution: {integrity: sha512-+P72GAjVAbTxjjwUmwjVrqrdZROD4nf8KgpBoDxqXXTiYZZt/ud60dE5yvCSr9lRO8e8yv6kgJIC0K0PfZFVQw==} - hasBin: true - node-gyp-build@4.5.0: resolution: {integrity: sha512-2iGbaQBV+ITgCz76ZEjmhUKAKVf7xfY1sRl4UiKQspfZMH2h06SyhNsnSVy50cwkFQDGLyif6m/6uFXHkOZ6rg==} hasBin: true @@ -13937,24 +13898,6 @@ snapshots: '@bcoe/v8-coverage@0.2.3': {} - '@cbor-extract/cbor-extract-darwin-arm64@2.2.0': - optional: true - - '@cbor-extract/cbor-extract-darwin-x64@2.2.0': - optional: true - - '@cbor-extract/cbor-extract-linux-arm64@2.2.0': - optional: true - - '@cbor-extract/cbor-extract-linux-arm@2.2.0': - optional: true - - '@cbor-extract/cbor-extract-linux-x64@2.2.0': - optional: true - - '@cbor-extract/cbor-extract-win32-x64@2.2.0': - optional: true - '@changesets/apply-release-plan@6.1.4': dependencies: '@babel/runtime': 7.21.0 @@ -14723,6 +14666,8 @@ snapshots: transitivePeerDependencies: - supports-color + '@levischuck/tiny-cbor@0.2.2': {} + '@lezer/common@0.15.12': {} '@lezer/lr@0.15.8': @@ -15894,16 +15839,16 @@ snapshots: dependencies: '@simplewebauthn/types': 10.0.0 - '@simplewebauthn/server@9.0.1': + '@simplewebauthn/server@10.0.0': dependencies: '@hexagon/base64': 1.1.28 + '@levischuck/tiny-cbor': 0.2.2 '@peculiar/asn1-android': 2.3.10 '@peculiar/asn1-ecc': 2.3.8 '@peculiar/asn1-rsa': 2.3.8 '@peculiar/asn1-schema': 2.3.8 '@peculiar/asn1-x509': 2.3.8 - '@simplewebauthn/types': 9.0.1 - cbor-x: 1.5.4 + '@simplewebauthn/types': 10.0.0 cross-fetch: 4.0.0 transitivePeerDependencies: - encoding @@ -17567,22 +17512,6 @@ snapshots: caniuse-lite@1.0.30001610: {} - cbor-extract@2.2.0: - dependencies: - node-gyp-build-optional-packages: 5.1.1 - optionalDependencies: - '@cbor-extract/cbor-extract-darwin-arm64': 2.2.0 - '@cbor-extract/cbor-extract-darwin-x64': 2.2.0 - '@cbor-extract/cbor-extract-linux-arm': 2.2.0 - '@cbor-extract/cbor-extract-linux-arm64': 2.2.0 - '@cbor-extract/cbor-extract-linux-x64': 2.2.0 - '@cbor-extract/cbor-extract-win32-x64': 2.2.0 - optional: true - - cbor-x@1.5.4: - optionalDependencies: - cbor-extract: 2.2.0 - ccount@1.1.0: {} ccount@2.0.1: {} @@ -18156,9 +18085,6 @@ snapshots: detect-libc@1.0.3: {} - detect-libc@2.0.2: - optional: true - detect-newline@3.1.0: {} devlop@1.1.0: @@ -21594,11 +21520,6 @@ snapshots: node-gyp-build-optional-packages@5.0.7: optional: true - node-gyp-build-optional-packages@5.1.1: - dependencies: - detect-libc: 2.0.2 - optional: true - node-gyp-build@4.5.0: {} node-int64@0.4.0: {}