update deps (#13624)

* update deps

* Update package.json

* update deps

* build: pass --strip-leading-paths to restore 0.2.x behavior (#13684)

* :v:

* :v:

* pureimageの代わりに@napi-rs/canvasを使う (#13748)

* pureimageの代わりに@napi-rs/canvasを使う

* remove writestream

* remove createtemp

* wip

* Update ClientServerService.ts

* update pnpm to 9.x

* update deps

* re: update pnpm to 9.x

* update node

* :v:

---------

Co-authored-by: anatawa12 <anatawa12@icloud.com>
Co-authored-by: tamaina <tamaina@hotmail.co.jp>

1 files changed, 11 insertions, 11 deletions

diff --git a/packages/backend/src/core/WebAuthnService.ts b/packages/backend/src/core/WebAuthnService.ts
index 42fbed2110..ec9f4484a4 100644
--- a/packages/backend/src/core/WebAuthnService.ts
+++ b/packages/backend/src/core/WebAuthnService.ts
@@ -10,7 +10,7 @@ import {
 	generateRegistrationOptions, verifyAuthenticationResponse,
 	verifyRegistrationResponse,
 } from '@simplewebauthn/server';
-import { AttestationFormat, isoCBOR } from '@simplewebauthn/server/helpers';
+import { AttestationFormat, isoCBOR, isoUint8Array } from '@simplewebauthn/server/helpers';
 import { DI } from '@/di-symbols.js';
 import type { UserSecurityKeysRepository } from '@/models/_.js';
 import type { Config } from '@/config.js';
@@ -49,7 +49,7 @@ export class WebAuthnService {
 		const instance = await this.metaService.fetch();
 		return {
 			origin: this.config.url,
-			rpId: this.config.host,
+			rpId: this.config.hostname,
 			rpName: instance.name ?? this.config.host,
 			rpIcon: instance.iconUrl ?? undefined,
 		};
@@ -65,13 +65,12 @@ export class WebAuthnService {
 		const registrationOptions = await generateRegistrationOptions({
 			rpName: relyingParty.rpName,
 			rpID: relyingParty.rpId,
-			userID: userId,
+			userID: isoUint8Array.fromUTF8String(userId),
 			userName: userName,
 			userDisplayName: userDisplayName,
 			attestationType: 'indirect',
-			excludeCredentials: keys.map(key => (<PublicKeyCredentialDescriptorFuture>{
-				id: Buffer.from(key.id, 'base64url'),
-				type: 'public-key',
+			excludeCredentials: keys.map(key => (<{ id: string; transports?: AuthenticatorTransportFuture[]; }>{
+				id: key.id,
 				transports: key.transports ?? undefined,
 			})),
 			authenticatorSelection: {
@@ -87,7 +86,7 @@ export class WebAuthnService {
 
 	@bindThis
 	public async verifyRegistration(userId: MiUser['id'], response: RegistrationResponseJSON): Promise<{
-		credentialID: Uint8Array;
+		credentialID: string;
 		credentialPublicKey: Uint8Array;
 		attestationObject: Uint8Array;
 		fmt: AttestationFormat;
@@ -144,6 +143,7 @@ export class WebAuthnService {
 
 	@bindThis
 	public async initiateAuthentication(userId: MiUser['id']): Promise<PublicKeyCredentialRequestOptionsJSON> {
+		const relyingParty = await this.getRelyingParty();
 		const keys = await this.userSecurityKeysRepository.findBy({
 			userId: userId,
 		});
@@ -153,9 +153,9 @@ export class WebAuthnService {
 		}
 
 		const authenticationOptions = await generateAuthenticationOptions({
-			allowCredentials: keys.map(key => (<PublicKeyCredentialDescriptorFuture>{
-				id: Buffer.from(key.id, 'base64url'),
-				type: 'public-key',
+			rpID: relyingParty.rpId,
+			allowCredentials: keys.map(key => (<{ id: string; transports?: AuthenticatorTransportFuture[]; }>{
+				id: key.id,
 				transports: key.transports ?? undefined,
 			})),
 			userVerification: 'preferred',
@@ -219,7 +219,7 @@ export class WebAuthnService {
 				expectedOrigin: relyingParty.origin,
 				expectedRPID: relyingParty.rpId,
 				authenticator: {
-					credentialID: Buffer.from(key.id, 'base64url'),
+					credentialID: key.id,
 					credentialPublicKey: Buffer.from(key.publicKey, 'base64url'),
 					counter: key.counter,
 					transports: key.transports ? key.transports as AuthenticatorTransportFuture[] : undefined,