Add Webauthn methods to Auth class

Author: yunakim714

packages/commerce-sdk-react/src/auth/index.ts

@@ -1315,6 +1315,19 @@ class Auth {
         return token
     }
 
+    /**
+     * Get Basic auth header for private client requests.
+     * Returns undefined if not using a private client.
+     */
+    private getBasicAuthHeader(client: ShopperLogin<ApiClientConfigParams>): string | undefined {
+        if (!this.clientSecret) {
+            return undefined
+        }
+        return `Basic ${stringToBase64(
+            `${client.clientConfig.parameters.clientId}:${this.clientSecret}`
+        )}`
+    }
+
     /**
      * A wrapper method for the SLAS endpoint: getPasswordResetToken.
      *
@@ -1340,10 +1353,9 @@ class Auth {
         }
 
         // Only set authorization header if using private client
-        if (this.clientSecret) {
-            options.headers.Authorization = `Basic ${stringToBase64(
-                `${slasClient.clientConfig.parameters.clientId}:${this.clientSecret}`
-            )}`
+        const authHeader = this.getBasicAuthHeader(slasClient)
+        if (authHeader) {
+            options.headers.Authorization = authHeader
         }
 
         const res = await slasClient.getPasswordResetToken(options)
@@ -1371,10 +1383,9 @@ class Auth {
         }
 
         // Only set authorization header if using private client
-        if (this.clientSecret) {
-            options.headers.Authorization = `Basic ${stringToBase64(
-                `${slasClient.clientConfig.parameters.clientId}:${this.clientSecret}`
-            )}`
+        const authHeader = this.getBasicAuthHeader(slasClient)
+        if (authHeader) {
+            options.headers.Authorization = authHeader
         }
         // TODO: no code verifier needed with the fix blair has made, delete this when the fix has been merged to production
         // eslint-disable-next-line @typescript-eslint/ban-ts-comment
@@ -1424,19 +1435,148 @@ class Auth {
         }
     }
 
-    async startWebauthnRegistration() {
+    /**
+     * A wrapper method for the SLAS endpoint: authorizeWebauthnRegistration.
+     */
+    async authorizeWebauthnRegistration(parameters: ShopperLoginTypes.authorizeWebauthnRegistrationBodyType) {
+        const slasClient = this.client
+
+        const options = {
+            headers: {
+                Authorization: ''
+            },
+            body: {
+                // Required params
+                user_id: parameters.user_id,
+                mode: parameters.mode,
+                channel_id: parameters.channel_id || slasClient.clientConfig.parameters.siteId,
+            }
+        }
+
+        const authHeader = this.getBasicAuthHeader(slasClient)
+        if (authHeader) {
+            options.headers.Authorization = authHeader
+        }
+
+        const res = await slasClient.authorizeWebauthnRegistration(options)
+
+        return res
     }
 
-    async finishWebauthnRegistration() {
+    /**
+     * A wrapper method for the SLAS endpoint: startWebauthnUserRegistration.
+     */
+    async startWebauthnUserRegistration(parameters: ShopperLoginTypes.startWebauthnUserRegistrationBodyType) {
+        const slasClient = this.client
+
+        const options ={
+            headers: {
+                Authorization: ''
+            },
+            body: {
+                display_name: parameters.display_name,
+                nick_name: parameters.nick_name,
+                client_id: parameters.client_id || slasClient.clientConfig.parameters.clientId,
+                // Required params
+                channel_id: parameters.channel_id || slasClient.    clientConfig.parameters.siteId,
+                pwd_action_token: parameters.pwd_action_token,
+                user_id: parameters.user_id
+            }
+        }
+
+        const authHeader = this.getBasicAuthHeader(slasClient)
+        if (authHeader) {
+            options.headers.Authorization = authHeader
+        }
+
+        const res = await slasClient.startWebauthnUserRegistration(options)
+        return res
     }
 
-    async authorizeWebauthnRegistration() {
+    /**
+     * A wrapper method for the SLAS endpoint: finishWebauthnUserRegistration.
+     */
+    async finishWebauthnUserRegistration(parameters: ShopperLoginTypes.finishWebauthnUserRegistrationBodyType) {
+        const slasClient = this.client
+
+        const options = {
+            headers: {
+                Authorization: ''
+            },
+            body: {
+                // Required params
+                client_id: parameters.client_id || slasClient.clientConfig.parameters.clientId,
+                channel_id: parameters.channel_id || slasClient.clientConfig.parameters.siteId,
+                pwd_action_token: parameters.pwd_action_token,
+                username: parameters.username,
+                credential_id: parameters.credential_id,
+            }
+        }
+
+        const authHeader = this.getBasicAuthHeader(slasClient)
+        if (authHeader) {
+            options.headers.Authorization = authHeader
+        }
+
+        const res = await slasClient.finishWebauthnUserRegistration(options)
+        return res
     }
 
-    async startWebauthnAuthentication() {
+    /**
+     * A wrapper method for the SLAS endpoint: startWebauthnAuthentication.
+     */
+    async startWebauthnAuthentication(parameters: ShopperLoginTypes.startWebauthnAuthenticationBodyType) {
+        const slasClient = this.client
+
+        const options = {
+            headers: {
+                Authorization: ''
+            },
+            body: {
+                // Required params
+                client_id: parameters.client_id || slasClient.clientConfig.parameters.clientId,
+                channel_id: parameters.channel_id || slasClient.clientConfig.parameters.siteId,
+                user_id: parameters.user_id,
+            }
+        }
+
+        const authHeader = this.getBasicAuthHeader(slasClient)
+        if (authHeader) {
+            options.headers.Authorization = authHeader
+        }
+
+        const res = await slasClient.startWebauthnAuthentication(options)
+        return res
     }
 
-    async finishWebauthnAuthentication() {
-}
+    /**
+     * A wrapper method for the SLAS endpoint: finishWebauthnAuthentication.
+     */
+    async finishWebauthnAuthentication(parameters: ShopperLoginTypes.finishWebauthnAuthenticationBodyType) {
+        const slasClient = this.client
+
+        const options = {
+            headers: {
+                Authorization: ''
+            },
+            body: {
+                // Required params
+                client_id: parameters.client_id || slasClient.clientConfig.parameters.clientId,
+                channel_id: parameters.channel_id || slasClient.clientConfig.parameters.siteId,
+                credential: parameters.credential
+            }
+        }
+
+        const authHeader = this.getBasicAuthHeader(slasClient)
+        if (authHeader) {
+            options.headers.Authorization = authHeader
+        }
 
+        const res = await slasClient.finishWebauthnAuthentication(options)
+        const tokenResponse = res.tokenResponse
+        this.handleTokenResponse(tokenResponse, false)
+
+        return tokenResponse
+    }
+}
 export default Auth

packages/commerce-sdk-react/src/hooks/ShopperLogin/cache.ts

@@ -29,8 +29,8 @@ export const cacheUpdateMatrix: CacheUpdateMatrix<Client> = {
     getPasswordLessAccessToken: noop,
     revokeToken: noop,
     introspectToken: noop,
-    startWebauthnRegistration: noop,
-    finishWebauthnRegistration: noop,
+    startWebauthnUserRegistration: noop,
+    finishWebauthnUserRegistration: noop,
     authorizeWebauthnRegistration: noop,
     startWebauthnAuthentication: noop,
     finishWebauthnAuthentication: noop

packages/commerce-sdk-react/src/hooks/ShopperLogin/mutation.ts

@@ -102,12 +102,12 @@ The value of the `_sfdc_client_auth` header must be a Base64-encoded string. The
      * Start WebAuthn passkey registration. Starts the WebAuthn registration process by generating credential creation options. Returns the challenge and other parameters needed by the authenticator to create a new credential.
      * @returns A TanStack Query mutation hook for interacting with the Shopper Login `startWebauthnRegistration` endpoint.
      */
-    StartWebauthnRegistration: 'startWebauthnRegistration',
+    StartWebauthnUserRegistration: 'startWebauthnUserRegistration',
     /**
      * Finish WebAuthn passkey registration. Completes the WebAuthn registration process by verifying the credential created by the authenticator. Stores the public key and credential information for future authentication.
      * @returns A TanStack Query mutation hook for interacting with the Shopper Login `finishWebauthnRegistration` endpoint.
      */
-    FinishWebauthnRegistration: 'finishWebauthnRegistration',
+    FinishWebauthnUserRegistration: 'finishWebauthnUserRegistration',
     /**
      * Authorize WebAuthn passkey registration. Authorizes a user to register a WebAuthn credential (passkey). This endpoint validates the user's credentials and creates a password action token that can be used to start the registration process. The token is sent to the user via the specified channel (email or SMS).
      * @returns A TanStack Query mutation hook for interacting with the Shopper Login `authorizeWebauthnRegistration` endpoint.

packages/commerce-sdk-react/src/hooks/useAuthHelper.ts

@@ -32,8 +32,8 @@ export const AuthHelpers = {
     Register: 'register',
     ResetPassword: 'resetPassword',
     UpdateCustomerPassword: 'updateCustomerPassword',
-    StartWebauthnRegistration: 'startWebauthnRegistration',
-    FinishWebauthnRegistration: 'finishWebauthnRegistration',
+    StartWebauthnUserRegistration: 'startWebauthnRegistration',
+    FinishWebauthnUserRegistration: 'finishWebauthnRegistration',
     AuthorizeWebauthnRegistration: 'authorizeWebauthnRegistration',
     StartWebauthnAuthentication: 'startWebauthnAuthentication',
     FinishWebauthnAuthentication: 'finishWebauthnAuthentication'