d2114523a5
* fix: passkeys behind TLS reverse proxy Add passkeyPublicOrigin and wire it through passkey routes so origin/rpId match the browser when dev runs behind nginx. Expose dev-only /_emdash/api/dev/passkey-url, add admin messaging for insecure WebAuthn contexts, nginx repro under demos/simple, and direct kysely dependency for the simple demo Node adapter bundle. Made-with: Cursor * docs: add passkeyPublicOrigin to configuration reference Adds the new passkeyPublicOrigin option and reverse proxy guidance to the public-facing configuration docs as requested in PR review. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com> * update tests and more docs * fix: add missing refresh-server-pat fixture and restore docs heading --------- Co-authored-by: Joseph Eftekhari <jdeftekhari@gmail.com> Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
34 lines
911 B
TypeScript
34 lines
911 B
TypeScript
/**
|
|
* Chrome DevTools virtual WebAuthn authenticator for passkey e2e.
|
|
* Chromium-only (CDP). See https://developer.chrome.com/docs/devtools/webauthn/
|
|
*/
|
|
import type { Page } from "@playwright/test";
|
|
|
|
export async function addVirtualWebAuthnAuthenticator(page: Page): Promise<() => Promise<void>> {
|
|
const session = await page.context().newCDPSession(page);
|
|
await session.send("WebAuthn.enable");
|
|
const { authenticatorId } = await session.send("WebAuthn.addVirtualAuthenticator", {
|
|
options: {
|
|
protocol: "ctap2",
|
|
transport: "internal",
|
|
hasResidentKey: true,
|
|
hasUserVerification: true,
|
|
isUserVerified: true,
|
|
automaticPresenceSimulation: true,
|
|
},
|
|
});
|
|
|
|
return async () => {
|
|
try {
|
|
await session.send("WebAuthn.removeVirtualAuthenticator", { authenticatorId });
|
|
} catch {
|
|
// session may already be closed
|
|
}
|
|
try {
|
|
await session.detach();
|
|
} catch {
|
|
// ignore
|
|
}
|
|
};
|
|
}
|