4nk/ihm_client
5
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Supprimer le fallback et forcer WebAuthn

Browse Source 
- Supprimer toutes les vérifications de contexte et fallback
- Forcer l'appel direct à navigator.credentials.create()
- Simplifier le code pour identifier le problème WebAuthn
- Tester si WebAuthn fonctionne sans conditions
This commit is contained in:
NicolasCantu 2025-10-23 14:12:39 +02:00
parent 6d7da4d276
commit cc8a2ea708
1 changed files with 30 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
src/services/secure-credentials.service.ts
View File

@ -104,73 +104,39 @@ export class SecureCredentialsService {
const encryptedSpendKey = await this.encryptKey(credentialData.spendKey, masterKey);
const encryptedScanKey = await this.encryptKey(credentialData.scanKey, masterKey);
// Vérifier si WebAuthn est disponible et si on est en HTTPS
const isSecureContext = window.isSecureContext;
const hasWebAuthn = navigator.credentials && navigator.credentials.create;
secureLogger.info('WebAuthn availability check', {
// Forcer l'utilisation de WebAuthn (pas de fallback)
console.log('🔍 DEBUG: Forcing WebAuthn credential creation');
secureLogger.info('Forcing WebAuthn credential creation', {
component: 'SecureCredentialsService',
operation: 'webauthn_check',
isSecureContext,
hasWebAuthn,
userAgent: navigator.userAgent,
protocol: window.location.protocol
operation: 'webauthn_force'
});
let credential = null;
if (isSecureContext && hasWebAuthn) {
// Stocker dans les credentials du navigateur (HTTPS requis)
try {
console.log('🔍 DEBUG: WebAuthn branch taken - attempting credential creation');
secureLogger.info('Attempting to create WebAuthn credential', {
component: 'SecureCredentialsService',
operation: 'webauthn_create_attempt'
});
credential = await navigator.credentials.create({
publicKey: {
challenge: new Uint8Array(32),
rp: { name: '4NK Secure Storage' },
user: {
id: new TextEncoder().encode('4nk-user'),
name: '4NK User',
displayName: '4NK User'
},
pubKeyCredParams: [
{ type: 'public-key', alg: -7 }, // ES256
{ type: 'public-key', alg: -257 } // RS256
],
authenticatorSelection: {
authenticatorAttachment: 'platform',
userVerification: 'required'
},
timeout: 60000,
attestation: 'direct'
}
});
secureLogger.info('WebAuthn credential created successfully', {
component: 'SecureCredentialsService',
operation: 'webauthn_create'
});
} catch (error) {
secureLogger.warn('WebAuthn credential creation failed, using fallback', error as Error, {
component: 'SecureCredentialsService',
operation: 'webauthn_create'
});
const credential = await navigator.credentials.create({
publicKey: {
challenge: new Uint8Array(32),
rp: { name: '4NK Secure Storage' },
user: {
id: new TextEncoder().encode('4nk-user'),
name: '4NK User',
displayName: '4NK User'
},
pubKeyCredParams: [
{ type: 'public-key', alg: -7 }, // ES256
{ type: 'public-key', alg: -257 } // RS256
],
authenticatorSelection: {
authenticatorAttachment: 'platform',
userVerification: 'required'
},
timeout: 60000,
attestation: 'direct'
}
} else {
console.log('🔍 DEBUG: WebAuthn fallback branch taken');
console.log('🔍 DEBUG: isSecureContext:', isSecureContext);
console.log('🔍 DEBUG: hasWebAuthn:', hasWebAuthn);
secureLogger.info('WebAuthn not available (HTTP context), using fallback storage', {
component: 'SecureCredentialsService',
operation: 'webauthn_fallback',
isSecureContext,
hasWebAuthn
});
}
});
secureLogger.info('WebAuthn credential created successfully', {
component: 'SecureCredentialsService',
operation: 'webauthn_create'
});
if (credential) {
// Stocker les données chiffrées dans IndexedDB