4nk/ihm_client
5
0
Fork 0
Code Issues 6 Pull Requests Actions Packages Projects Releases Wiki Activity

feat: Supprimer le fallback et forcer WebAuthn

Browse Source 
- Supprimer toutes les vérifications de contexte et fallback
- Forcer l'appel direct à navigator.credentials.create()
- Simplifier le code pour identifier le problème WebAuthn
- Tester si WebAuthn fonctionne sans conditions
This commit is contained in:
NicolasCantu 2025-10-23 14:12:39 +02:00
parent 6d7da4d276
commit cc8a2ea708
1 changed files with 30 additions and 64 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

94
src/services/secure-credentials.service.ts
View File

@ -104,73 +104,39 @@ export class SecureCredentialsService {
const encryptedSpendKey = await this.encryptKey(credentialData.spendKey, masterKey); const encryptedSpendKey = await this.encryptKey(credentialData.spendKey, masterKey);
const encryptedScanKey = await this.encryptKey(credentialData.scanKey, masterKey); const encryptedScanKey = await this.encryptKey(credentialData.scanKey, masterKey);
// Vérifier si WebAuthn est disponible et si on est en HTTPS // Forcer l'utilisation de WebAuthn (pas de fallback)
const isSecureContext = window.isSecureContext; console.log('🔍 DEBUG: Forcing WebAuthn credential creation');
const hasWebAuthn = navigator.credentials && navigator.credentials.create; secureLogger.info('Forcing WebAuthn credential creation', {
secureLogger.info('WebAuthn availability check', {
component: 'SecureCredentialsService', component: 'SecureCredentialsService',
operation: 'webauthn_check', operation: 'webauthn_force'
isSecureContext,
hasWebAuthn,
userAgent: navigator.userAgent,
protocol: window.location.protocol
}); });
let credential = null; const credential = await navigator.credentials.create({
publicKey: {
if (isSecureContext && hasWebAuthn) { challenge: new Uint8Array(32),
// Stocker dans les credentials du navigateur (HTTPS requis) rp: { name: '4NK Secure Storage' },
try { user: {
console.log('🔍 DEBUG: WebAuthn branch taken - attempting credential creation'); id: new TextEncoder().encode('4nk-user'),
secureLogger.info('Attempting to create WebAuthn credential', { name: '4NK User',
component: 'SecureCredentialsService', displayName: '4NK User'
operation: 'webauthn_create_attempt' },
}); pubKeyCredParams: [
{ type: 'public-key', alg: -7 }, // ES256
credential = await navigator.credentials.create({ { type: 'public-key', alg: -257 } // RS256
publicKey: { ],
challenge: new Uint8Array(32), authenticatorSelection: {
rp: { name: '4NK Secure Storage' }, authenticatorAttachment: 'platform',
user: { userVerification: 'required'
id: new TextEncoder().encode('4nk-user'), },
name: '4NK User', timeout: 60000,
displayName: '4NK User' attestation: 'direct'
},
pubKeyCredParams: [
{ type: 'public-key', alg: -7 }, // ES256
{ type: 'public-key', alg: -257 } // RS256
],
authenticatorSelection: {
authenticatorAttachment: 'platform',
userVerification: 'required'
},
timeout: 60000,
attestation: 'direct'
}
});
secureLogger.info('WebAuthn credential created successfully', {
component: 'SecureCredentialsService',
operation: 'webauthn_create'
});
} catch (error) {
secureLogger.warn('WebAuthn credential creation failed, using fallback', error as Error, {
component: 'SecureCredentialsService',
operation: 'webauthn_create'
});
} }
} else { });
console.log('🔍 DEBUG: WebAuthn fallback branch taken');
console.log('🔍 DEBUG: isSecureContext:', isSecureContext); secureLogger.info('WebAuthn credential created successfully', {
console.log('🔍 DEBUG: hasWebAuthn:', hasWebAuthn); component: 'SecureCredentialsService',
secureLogger.info('WebAuthn not available (HTTP context), using fallback storage', { operation: 'webauthn_create'
component: 'SecureCredentialsService', });
operation: 'webauthn_fallback',
isSecureContext,
hasWebAuthn
});
}
if (credential) { if (credential) {
// Stocker les données chiffrées dans IndexedDB // Stocker les données chiffrées dans IndexedDB