Fix bugs

Author: mrrosoff

api/endpoints/admin/passkeyAuth.ts

@@ -27,7 +27,7 @@ export const handler = async (event: APIGatewayEvent): Promise<APIGatewayProxyRe
 
     const currentTime = Math.floor(Date.now() / 1000);
     if (challengeRecord.expiresAt < currentTime) {
-        await deleteItem(PASSKEY_CHALLENGES_TABLE, challengeRecord.challenge);
+        await deleteItem(PASSKEY_CHALLENGES_TABLE, challengeRecord.id);
         return buildErrorResponse(event, HttpResponseStatus.BAD_REQUEST, "Challenge expired");
     }
 
@@ -50,7 +50,7 @@ export const handler = async (event: APIGatewayEvent): Promise<APIGatewayProxyRe
 
         const verification = await verifyAuthenticationResponse({
             response: body.response,
-            expectedChallenge: challengeRecord.challenge,
+            expectedChallenge: challengeRecord.id,
             expectedOrigin: RP_ORIGIN,
             expectedRPID: RP_ID,
             credential: webAuthnCredential
@@ -65,7 +65,7 @@ export const handler = async (event: APIGatewayEvent): Promise<APIGatewayProxyRe
             counter: verification.authenticationInfo.newCounter
         });
 
-        await deleteItem(PASSKEY_CHALLENGES_TABLE, challengeRecord.challenge);
+        await deleteItem(PASSKEY_CHALLENGES_TABLE, challengeRecord.id);
 
         const token = await generateToken("admin", GrantType.AUTH);
 

api/endpoints/admin/passkeyAuthOptions.ts

@@ -19,7 +19,7 @@ export const handler = async (event: APIGatewayEvent): Promise<APIGatewayProxyRe
         })),
     });
     await putItem(PASSKEY_CHALLENGES_TABLE, {
-        ...options,
+        id: options.challenge,
         type: "authentication",
         expiresAt: Math.floor(Date.now() / 1000) + 300 // 5 minutes from now
     });

api/endpoints/admin/passkeyRegister.ts

@@ -34,14 +34,14 @@ export const handler = async (event: APIGatewayEvent): Promise<APIGatewayProxyRe
 
     const currentTime = Math.floor(Date.now() / 1000);
     if (challengeRecord.expiresAt < currentTime) {
-        await deleteItem(PASSKEY_CHALLENGES_TABLE, challengeRecord.challenge);
+        await deleteItem(PASSKEY_CHALLENGES_TABLE, challengeRecord.id);
         return buildErrorResponse(event, HttpResponseStatus.BAD_REQUEST, "Challenge expired");
     }
 
     try {
         const verification = await verifyRegistrationResponse({
             response: body.response,
-            expectedChallenge: challengeRecord.challenge,
+            expectedChallenge: challengeRecord.id,
             expectedOrigin: RP_ORIGIN,
             expectedRPID: RP_ID
         });
@@ -63,7 +63,7 @@ export const handler = async (event: APIGatewayEvent): Promise<APIGatewayProxyRe
             counter: credential.counter,
             transports: body.response.response.transports
         });
-        await deleteItem(PASSKEY_CHALLENGES_TABLE, challengeRecord.challenge);
+        await deleteItem(PASSKEY_CHALLENGES_TABLE, challengeRecord.id);
 
         return buildResponse(event, HttpResponseStatus.OK, {
             verified: true,

api/endpoints/admin/passkeyRegisterOptions.ts

@@ -17,7 +17,7 @@ export const handler = async (event: APIGatewayEvent): Promise<APIGatewayProxyRe
     });
 
     await putItem(PASSKEY_CHALLENGES_TABLE, {
-        challenge: options.challenge,
+        id: options.challenge,
         type: "registration",
         expiresAt: Math.floor(Date.now() / 1000) + 300 // 5 minutes
     });

api/types.ts

@@ -29,7 +29,7 @@ export type PasskeyCredential = {
 };
 
 export type PasskeyChallenge = {
-    challenge: string;
+    id: string;
     expiresAt: number;
     type: "registration" | "authentication";
 };