feat: Améliorer la gestion WebAuthn avec détection du contexte sécurisé

- Ajouter vérification du contexte sécurisé (HTTPS) pour WebAuthn
- Implémenter fallback pour le développement HTTP local
- Améliorer les messages d'interface pour expliquer le mode WebAuthn
- Ajouter logs informatifs pour le debugging WebAuthn
- Gestion d'erreur robuste avec fallback automatique

src/services/secure-credentials.service.ts

@@ -104,8 +104,16 @@ export class SecureCredentialsService {
       const encryptedSpendKey = await this.encryptKey(credentialData.spendKey, masterKey);
       const encryptedScanKey = await this.encryptKey(credentialData.scanKey, masterKey);
 
-      // Stocker dans les credentials du navigateur
+      // Vérifier si WebAuthn est disponible et si on est en HTTPS
-      const credential = await navigator.credentials.create({
+      const isSecureContext = window.isSecureContext;
+      const hasWebAuthn = navigator.credentials && navigator.credentials.create;
+      
+      let credential = null;
+      
+      if (isSecureContext && hasWebAuthn) {
+        // Stocker dans les credentials du navigateur (HTTPS requis)
+        try {
+          credential = await navigator.credentials.create({
             publicKey: {
               challenge: new Uint8Array(32),
               rp: { name: '4NK Secure Storage' },
@@ -127,6 +135,25 @@ export class SecureCredentialsService {
             }
           });
           
+          secureLogger.info('WebAuthn credential created successfully', {
+            component: 'SecureCredentialsService',
+            operation: 'webauthn_create'
+          });
+        } catch (error) {
+          secureLogger.warn('WebAuthn credential creation failed, using fallback', error as Error, {
+            component: 'SecureCredentialsService',
+            operation: 'webauthn_create'
+          });
+        }
+      } else {
+        secureLogger.info('WebAuthn not available (HTTP context), using fallback storage', {
+          component: 'SecureCredentialsService',
+          operation: 'webauthn_fallback',
+          isSecureContext,
+          hasWebAuthn
+        });
+      }
+
       if (credential) {
         // Stocker les données chiffrées dans IndexedDB
         await this.storeEncryptedCredentials({

src/utils/sp-address.utils.ts

@@ -2703,13 +2703,23 @@ export async function prepareAndSendPairingTx(): Promise<void> {
     // Initialize secure credentials with PBKDF2 and browser credentials
     try {
       const { secureCredentialsService } = await import('../services/secure-credentials.service');
-      updateCreatorStatus('🔐 Initializing secure credentials with browser...');
       
-      // This will trigger the browser popup for WebAuthn
+      // Check if we're in a secure context (HTTPS)
+      if (window.isSecureContext) {
+        updateCreatorStatus('🔐 Initializing secure credentials with browser...');
+      } else {
+        updateCreatorStatus('🔐 Initializing secure credentials (HTTP mode - WebAuthn not available)...');
+      }
+      
+      // This will trigger the browser popup for WebAuthn (only in HTTPS)
       const credentials = await secureCredentialsService.generateSecureCredentials('4nk-pairing-password');
       console.log('✅ Secure credentials initialized with PBKDF2 and WebAuthn');
       
-      updateCreatorStatus('✅ Secure credentials ready');
+      if (window.isSecureContext) {
+        updateCreatorStatus('✅ Secure credentials ready (WebAuthn enabled)');
+      } else {
+        updateCreatorStatus('✅ Secure credentials ready (fallback mode - use HTTPS for WebAuthn)');
+      }
     } catch (error) {
       console.warn('⚠️ Secure credentials initialization failed:', error);
       updateCreatorStatus('⚠️ Using fallback credentials');