DEV: Refactor webauthn to support passkeys (1/3) (#23586)

This is part 1 of 3, split up of PR #23529. This PR refactors the webauthn code to support passkey authentication/registration. Passkeys aren't used yet, that is coming in PRs 2 and 3. Co-authored-by: Alan Guo Xiang Tan <gxtan1990@gmail.com>
2025-02-25 18:55:32 -06:00 · 2023-10-03 14:59:28 -04:00
parent f3c2f148c8
commit 0af6c5efdc
17 changed files with 354 additions and 102 deletions
--- a/spec/requests/session_controller_spec.rb
+++ b/spec/requests/session_controller_spec.rb
@@ -120,7 +120,7 @@ RSpec.describe SessionController do
          expect(response_body_parsed["challenge"]).to eq(
            DiscourseWebauthn.challenge(user, secure_session),
          )
-          expect(DiscourseWebauthn.rp_id).to eq(Discourse.current_hostname)
+          expect(DiscourseWebauthn.rp_id).to eq("localhost")
        end
      end
    end
@@ -2041,7 +2041,9 @@ RSpec.describe SessionController do
            expect(session[:current_user_id]).to eq(nil)
            response_body = response.parsed_body
            expect(response_body["failed"]).to eq("FAILED")
-            expect(response_body["error"]).to eq(I18n.t("login.invalid_security_key"))
+            expect(response_body["error"]).to eq(
+              I18n.t("webauthn.validation.malformed_public_key_credential_error"),
+            )
          end
        end