Merge pull request #166 from maxisch/flexible-headers-passkeys-server

Make passkeys server request headers more flexible
zerodevapp · Jul 11, 2024 · c837e01 · c837e01
2 parents 5b91e6d + 374e43a
commit c837e01
Show file tree

Hide file tree

Showing 5 changed files with 71 additions and 23 deletions.
diff --git a/plugins/modularPermission/signers/toWebAuthnPubKey.ts b/plugins/modularPermission/signers/toWebAuthnPubKey.ts
@@ -9,11 +9,13 @@ export enum WebAuthnMode {
 export const toWebAuthnPubKey = async ({
     passkeyName,
     passkeyServerUrl,
-    mode = WebAuthnMode.Login
+    mode = WebAuthnMode.Login,
+    passkeyServerHeaders = {}
 }: {
     passkeyName: string
     passkeyServerUrl: string
     mode: WebAuthnMode
+    passkeyServerHeaders: Record<string, string>
 }): Promise<WebAuthnKey> => {
     let pubKey: string | undefined
     if (mode === WebAuthnMode.Login) {
@@ -22,7 +24,10 @@ export const toWebAuthnPubKey = async ({
             `${passkeyServerUrl}/login/options`,
             {
                 method: "POST",
-                headers: { "Content-Type": "application/json" },
+                headers: {
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
+                },
                 credentials: "include"
             }
         )
@@ -37,7 +42,10 @@ export const toWebAuthnPubKey = async ({
             `${passkeyServerUrl}/login/verify`,
             {
                 method: "POST",
-                headers: { "Content-Type": "application/json" },
+                headers: {
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
+                },
                 body: JSON.stringify({ cred: loginCred }),
                 credentials: "include"
             }
@@ -65,7 +73,8 @@ export const toWebAuthnPubKey = async ({
             {
                 method: "POST",
                 headers: {
-                    "Content-Type": "application/json"
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
                 },
                 body: JSON.stringify({ username: passkeyName }),
                 credentials: "include"
@@ -89,7 +98,8 @@ export const toWebAuthnPubKey = async ({
             {
                 method: "POST",
                 headers: {
-                    "Content-Type": "application/json"
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
                 },
                 body: JSON.stringify({
                     userId: registerOptions.userId,

diff --git a/plugins/modularPermission/signers/toWebAuthnSigner.ts b/plugins/modularPermission/signers/toWebAuthnSigner.ts
@@ -36,6 +36,7 @@ export type WebAuthnModularSignerParams = ModularSignerParams & {
     passkeyServerUrl: string
     pubKey?: WebAuthnKey
     mode?: WebAuthnMode
+    passkeyServerHeaders: Record<string, string>
 }
 
 export const toWebAuthnSigner = async <
@@ -48,15 +49,17 @@ export const toWebAuthnSigner = async <
         pubKey,
         passkeyServerUrl,
         passkeyName,
-        mode = WebAuthnMode.Register
+        mode = WebAuthnMode.Register,
+        passkeyServerHeaders = {}
     }: WebAuthnModularSignerParams
 ): Promise<ModularSigner> => {
     pubKey =
         pubKey ??
         (await toWebAuthnPubKey({
             passkeyName,
             passkeyServerUrl,
-            mode
+            mode,
+            passkeyServerHeaders
         }))
     if (!pubKey) {
         throw new Error("WebAuthn public key not found")
@@ -94,7 +97,10 @@ export const toWebAuthnSigner = async <
             `${passkeyServerUrl}/sign-initiate`,
             {
                 method: "POST",
-                headers: { "Content-Type": "application/json" },
+                headers: {
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
+                },
                 body: JSON.stringify({ data: formattedMessage, userId }),
                 credentials: "include"
             }
@@ -115,7 +121,10 @@ export const toWebAuthnSigner = async <
         // verify signature from server
         const verifyResponse = await fetch(`${passkeyServerUrl}/sign-verify`, {
             method: "POST",
-            headers: { "Content-Type": "application/json" },
+            headers: {
+                "Content-Type": "application/json",
+                ...passkeyServerHeaders
+            },
             body: JSON.stringify({ cred, userId }),
             credentials: "include"
         })

diff --git a/plugins/webauthn-key/toWebAuthnKey.ts b/plugins/webauthn-key/toWebAuthnKey.ts
@@ -19,6 +19,7 @@ export type WebAuthnAccountParams = {
     webAuthnKey?: WebAuthnKey
     mode?: WebAuthnMode
     credentials?: RequestCredentials
+    passkeyServerHeaders: Record<string, string>
 }
 
 export const encodeWebAuthnPubKey = (pubKey: WebAuthnKey) => {
@@ -34,7 +35,8 @@ export const toWebAuthnKey = async ({
     passkeyServerUrl,
     webAuthnKey,
     mode = WebAuthnMode.Register,
-    credentials = "include"
+    credentials = "include",
+    passkeyServerHeaders = {}
 }: WebAuthnAccountParams): Promise<WebAuthnKey> => {
     if (webAuthnKey) {
         return webAuthnKey
@@ -47,7 +49,10 @@ export const toWebAuthnKey = async ({
             `${passkeyServerUrl}/login/options`,
             {
                 method: "POST",
-                headers: { "Content-Type": "application/json" },
+                headers: {
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
+                },
                 credentials
             }
         )
@@ -64,7 +69,10 @@ export const toWebAuthnKey = async ({
             `${passkeyServerUrl}/login/verify`,
             {
                 method: "POST",
-                headers: { "Content-Type": "application/json" },
+                headers: {
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
+                },
                 body: JSON.stringify({ cred: loginCred }),
                 credentials
             }
@@ -84,7 +92,8 @@ export const toWebAuthnKey = async ({
             {
                 method: "POST",
                 headers: {
-                    "Content-Type": "application/json"
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
                 },
                 body: JSON.stringify({ username: passkeyName }),
                 credentials
@@ -104,7 +113,8 @@ export const toWebAuthnKey = async ({
             {
                 method: "POST",
                 headers: {
-                    "Content-Type": "application/json"
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
                 },
                 body: JSON.stringify({
                     userId: registerOptions.userId,

diff --git a/plugins/weighted-r1-k1/signers/toWebAuthnPubKey.ts b/plugins/weighted-r1-k1/signers/toWebAuthnPubKey.ts
@@ -11,11 +11,13 @@ export enum WebAuthnMode {
 export const toWebAuthnPubKey = async ({
     passkeyName,
     passkeyServerUrl,
-    mode = WebAuthnMode.Login
+    mode = WebAuthnMode.Login,
+    passkeyServerHeaders = {}
 }: {
     passkeyName: string
     passkeyServerUrl: string
     mode: WebAuthnMode
+    passkeyServerHeaders: Record<string, string>
 }): Promise<WebAuthnKey> => {
     let pubKey: string | undefined
     let authenticatorIdHash: Hex
@@ -25,7 +27,10 @@ export const toWebAuthnPubKey = async ({
             `${passkeyServerUrl}/login/options`,
             {
                 method: "POST",
-                headers: { "Content-Type": "application/json" },
+                headers: {
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
+                },
                 credentials: "include"
             }
         )
@@ -45,7 +50,10 @@ export const toWebAuthnPubKey = async ({
             `${passkeyServerUrl}/login/verify`,
             {
                 method: "POST",
-                headers: { "Content-Type": "application/json" },
+                headers: {
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
+                },
                 body: JSON.stringify({ cred: loginCred }),
                 credentials: "include"
             }
@@ -73,7 +81,8 @@ export const toWebAuthnPubKey = async ({
             {
                 method: "POST",
                 headers: {
-                    "Content-Type": "application/json"
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
                 },
                 body: JSON.stringify({ username: passkeyName }),
                 credentials: "include"
@@ -102,7 +111,8 @@ export const toWebAuthnPubKey = async ({
             {
                 method: "POST",
                 headers: {
-                    "Content-Type": "application/json"
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
                 },
                 body: JSON.stringify({
                     userId: registerOptions.userId,

diff --git a/plugins/weighted-r1-k1/signers/toWebAuthnSigner.ts b/plugins/weighted-r1-k1/signers/toWebAuthnSigner.ts
@@ -39,6 +39,7 @@ export type WebAuthnModularSignerParams = {
     passkeyServerUrl: string
     pubKey?: WebAuthnKey
     mode?: WebAuthnMode
+    passkeyServerHeaders: Record<string, string>
 }
 
 export const toWebAuthnSigner = async <
@@ -50,15 +51,17 @@ export const toWebAuthnSigner = async <
         pubKey,
         passkeyServerUrl,
         passkeyName,
-        mode = WebAuthnMode.Register
+        mode = WebAuthnMode.Register,
+        passkeyServerHeaders = {}
     }: WebAuthnModularSignerParams
 ): Promise<WeightedSigner> => {
     pubKey =
         pubKey ??
         (await toWebAuthnPubKey({
             passkeyName,
             passkeyServerUrl,
-            mode
+            mode,
+            passkeyServerHeaders
         }))
     if (!pubKey) {
         throw new Error("WebAuthn public key not found")
@@ -96,7 +99,10 @@ export const toWebAuthnSigner = async <
             `${passkeyServerUrl}/sign-initiate`,
             {
                 method: "POST",
-                headers: { "Content-Type": "application/json" },
+                headers: {
+                    "Content-Type": "application/json",
+                    ...passkeyServerHeaders
+                },
                 body: JSON.stringify({ data: formattedMessage, userId }),
                 credentials: "include"
             }
@@ -118,7 +124,10 @@ export const toWebAuthnSigner = async <
         // verify signature from server
         const verifyResponse = await fetch(`${passkeyServerUrl}/sign-verify`, {
             method: "POST",
-            headers: { "Content-Type": "application/json" },
+            headers: {
+                "Content-Type": "application/json",
+                ...passkeyServerHeaders
+            },
             body: JSON.stringify({ cred, userId }),
             credentials: "include"
         })