Can authenticate using security key

2025-06-20 00:25:19 +00:00 · 2021-05-14 12:18:29 +02:00
parent 34c07bfac8
commit d01aa9272c
2 changed files with 89 additions and 7 deletions
--- a/src/helpers/AccountHelper.ts
+++ b/src/helpers/AccountHelper.ts
@ -180,12 +180,72 @@ export class AccountHelper {
 			},
 		};

-		console.info(cred);
-		console.info(res);
-
 		await serverRequest("accounts/register_key", {
 			name: name,
 			key: JSON.stringify(res),
 		});
 	}
+
+	/**
+	 * First step of security key authentication
+	 *
+	 * @param mail Target admin account email address
+	 * @param key The key to use to authentifcate
+	 */
+	static async GetAuthenticationChallenge(
+		mail: string,
+		key: AuthKey
+	): Promise<any> {
+		const res = await serverRequest("accounts/challenge_auth_with_key", {
+			mail: mail,
+			key_id: key.id,
+		});
+
+		res.publicKey.challenge = base64NoPaddingToUint8Array(
+			res.publicKey.challenge
+		);
+
+		for (let cred of res.publicKey.allowCredentials) {
+			cred.id = base64NoPaddingToUint8Array(cred.id);
+		}
+
+		return res;
+	}
+
+	/**
+	 * Attempt to sign in using security key
+	 *
+	 * @param mail Target admin account email address
+	 * @param key Key used to authenticate
+	 * @param cred Response to authentication
+	 */
+	static async AuthenticateWithKey(
+		mail: string,
+		key: AuthKey,
+		cred: any
+	): Promise<any> {
+		const creds = {
+			id: cred.id,
+			rawId: ArrayBufferToBase64(cred.rawId),
+			type: cred.type,
+			response: {
+				authenticatorData: ArrayBufferToBase64(
+					cred.response.authenticatorData
+				),
+				clientDataJSON: ArrayBufferToBase64(
+					cred.response.clientDataJSON
+				),
+				signature: ArrayBufferToBase64(cred.response.signature),
+				userHandle: cred.response.userHandle,
+			},
+		};
+
+		const res = await serverRequest("accounts/auth_with_key", {
+			mail: mail,
+			key_id: key.id,
+			credential: JSON.stringify(creds),
+		});
+
+		sessionStorage.setItem(SESSION_STORAGE_TOKEN, res.token);
+	}
 }