From 6ce92cb3482b4f316664ca1571bd7c8ba9f9fded Mon Sep 17 00:00:00 2001 From: Arnaud Brousseau Date: Tue, 28 Nov 2023 12:11:04 -0600 Subject: [PATCH 1/2] Switch sha256 to be synchronous in webauthn stamper --- .../src/pages/index.tsx | 24 ++++++++++++------- packages/webauthn-stamper/package.json | 3 ++- packages/webauthn-stamper/src/index.ts | 7 +++--- pnpm-lock.yaml | 3 +++ 4 files changed, 24 insertions(+), 13 deletions(-) diff --git a/examples/with-federated-passkeys/src/pages/index.tsx b/examples/with-federated-passkeys/src/pages/index.tsx index 3eea49dd3..ad87b1f38 100644 --- a/examples/with-federated-passkeys/src/pages/index.tsx +++ b/examples/with-federated-passkeys/src/pages/index.tsx @@ -184,15 +184,21 @@ export default function Home() { ); const login = async () => { - // We use the parent org ID, which we know at all times, - const res = await turnkeyClient.getWhoami({ - organizationId: process.env.NEXT_PUBLIC_ORGANIZATION_ID!, - }); - // to get the sub-org ID, which we don't know at this point because we don't - // have a DB. Note that we are able to perform this lookup by using the - // credential ID from the users WebAuthn stamp. - setSubOrgId(res.organizationId); - await getWallet(res.organizationId); + // We use the parent org ID, which we know at all times... + try { + const res = await turnkeyClient.getWhoami({ + organizationId: process.env.NEXT_PUBLIC_ORGANIZATION_ID!, + }); + // ...to get the sub-org ID, which we don't know at this point because we don't + // have a DB. Note that we are able to perform this lookup by using the + // credential ID from the users WebAuthn stamp. + setSubOrgId(res.organizationId); + await getWallet(res.organizationId); + } catch (e: any) { + const message = `Error caught during login: ${e.toString()}`; + console.error(message); + alert(message); + } }; return ( diff --git a/packages/webauthn-stamper/package.json b/packages/webauthn-stamper/package.json index 004da5cbc..d1a370011 100644 --- a/packages/webauthn-stamper/package.json +++ b/packages/webauthn-stamper/package.json @@ -50,6 +50,7 @@ "node": ">=16.0.0" }, "dependencies": { - "buffer": "^6.0.3" + "buffer": "^6.0.3", + "@noble/hashes": "^1.3.2" } } diff --git a/packages/webauthn-stamper/src/index.ts b/packages/webauthn-stamper/src/index.ts index 016671663..710f53056 100644 --- a/packages/webauthn-stamper/src/index.ts +++ b/packages/webauthn-stamper/src/index.ts @@ -1,6 +1,7 @@ /// import { get as webauthnCredentialGet } from "./webauthn-json"; import { buffer as Buffer } from "./universal"; +import { sha256 } from "@noble/hashes/sha256"; // Header name for a webauthn stamp const stampHeaderName = "X-Stamp-Webauthn"; @@ -38,7 +39,7 @@ export class WebauthnStamper { } async stamp(payload: string) { - const challenge = await getChallengeFromPayload(payload); + const challenge = getChallengeFromPayload(payload); const signingOptions: CredentialRequestOptions = { publicKey: { @@ -67,9 +68,9 @@ export class WebauthnStamper { } } -async function getChallengeFromPayload(payload: string): Promise { +function getChallengeFromPayload(payload: string): Uint8Array { const messageBuffer = new TextEncoder().encode(payload); - const hashBuffer = await crypto.subtle.digest("SHA-256", messageBuffer); + const hashBuffer = sha256(messageBuffer); const hexString = Buffer.from(hashBuffer).toString("hex"); const hexBuffer = Buffer.from(hexString, "utf8"); return new Uint8Array(hexBuffer); diff --git a/pnpm-lock.yaml b/pnpm-lock.yaml index f0f7a7253..1d59aaf05 100644 --- a/pnpm-lock.yaml +++ b/pnpm-lock.yaml @@ -624,6 +624,9 @@ importers: packages/webauthn-stamper: dependencies: + '@noble/hashes': + specifier: ^1.3.2 + version: 1.3.2 buffer: specifier: ^6.0.3 version: 6.0.3 From a03e3854fb8bc496eae6194e43ef1a1a61758d37 Mon Sep 17 00:00:00 2001 From: Arnaud Brousseau Date: Tue, 28 Nov 2023 14:40:41 -0600 Subject: [PATCH 2/2] Add changeset --- .changeset/breezy-kangaroos-pay.md | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 .changeset/breezy-kangaroos-pay.md diff --git a/.changeset/breezy-kangaroos-pay.md b/.changeset/breezy-kangaroos-pay.md new file mode 100644 index 000000000..156a7437c --- /dev/null +++ b/.changeset/breezy-kangaroos-pay.md @@ -0,0 +1,5 @@ +--- +"@turnkey/webauthn-stamper": patch +--- + +Make sha256 computation synchronous to resolve ios passkey prompt issues