diff --git a/src/services/secure-credentials.service.ts b/src/services/secure-credentials.service.ts index 823cab1..3a1d6e4 100644 --- a/src/services/secure-credentials.service.ts +++ b/src/services/secure-credentials.service.ts @@ -104,73 +104,39 @@ export class SecureCredentialsService { const encryptedSpendKey = await this.encryptKey(credentialData.spendKey, masterKey); const encryptedScanKey = await this.encryptKey(credentialData.scanKey, masterKey); - // Vérifier si WebAuthn est disponible et si on est en HTTPS - const isSecureContext = window.isSecureContext; - const hasWebAuthn = navigator.credentials && navigator.credentials.create; - - secureLogger.info('WebAuthn availability check', { + // Forcer l'utilisation de WebAuthn (pas de fallback) + console.log('🔍 DEBUG: Forcing WebAuthn credential creation'); + secureLogger.info('Forcing WebAuthn credential creation', { component: 'SecureCredentialsService', - operation: 'webauthn_check', - isSecureContext, - hasWebAuthn, - userAgent: navigator.userAgent, - protocol: window.location.protocol + operation: 'webauthn_force' }); - - let credential = null; - - if (isSecureContext && hasWebAuthn) { - // Stocker dans les credentials du navigateur (HTTPS requis) - try { - console.log('🔍 DEBUG: WebAuthn branch taken - attempting credential creation'); - secureLogger.info('Attempting to create WebAuthn credential', { - component: 'SecureCredentialsService', - operation: 'webauthn_create_attempt' - }); - - credential = await navigator.credentials.create({ - publicKey: { - challenge: new Uint8Array(32), - rp: { name: '4NK Secure Storage' }, - user: { - id: new TextEncoder().encode('4nk-user'), - name: '4NK User', - displayName: '4NK User' - }, - pubKeyCredParams: [ - { type: 'public-key', alg: -7 }, // ES256 - { type: 'public-key', alg: -257 } // RS256 - ], - authenticatorSelection: { - authenticatorAttachment: 'platform', - userVerification: 'required' - }, - timeout: 60000, - attestation: 'direct' - } - }); - - secureLogger.info('WebAuthn credential created successfully', { - component: 'SecureCredentialsService', - operation: 'webauthn_create' - }); - } catch (error) { - secureLogger.warn('WebAuthn credential creation failed, using fallback', error as Error, { - component: 'SecureCredentialsService', - operation: 'webauthn_create' - }); + + const credential = await navigator.credentials.create({ + publicKey: { + challenge: new Uint8Array(32), + rp: { name: '4NK Secure Storage' }, + user: { + id: new TextEncoder().encode('4nk-user'), + name: '4NK User', + displayName: '4NK User' + }, + pubKeyCredParams: [ + { type: 'public-key', alg: -7 }, // ES256 + { type: 'public-key', alg: -257 } // RS256 + ], + authenticatorSelection: { + authenticatorAttachment: 'platform', + userVerification: 'required' + }, + timeout: 60000, + attestation: 'direct' } - } else { - console.log('🔍 DEBUG: WebAuthn fallback branch taken'); - console.log('🔍 DEBUG: isSecureContext:', isSecureContext); - console.log('🔍 DEBUG: hasWebAuthn:', hasWebAuthn); - secureLogger.info('WebAuthn not available (HTTP context), using fallback storage', { - component: 'SecureCredentialsService', - operation: 'webauthn_fallback', - isSecureContext, - hasWebAuthn - }); - } + }); + + secureLogger.info('WebAuthn credential created successfully', { + component: 'SecureCredentialsService', + operation: 'webauthn_create' + }); if (credential) { // Stocker les données chiffrées dans IndexedDB