fix: use real base64 converted values in the helpers

Bewinxed · Bewinxed · commit 2e210fdcfc34 · 2025-09-25T07:52:25.000Z
diff --git a/test/webauthn.helpers.test.ts b/test/webauthn.helpers.test.ts
@@ -23,13 +23,13 @@ describe('WebAuthn Serialization/Deserialization', () => {
 
   describe('deserializeCredentialCreationOptions', () => {
     const validServerOptions = {
-      challenge: 'dGVzdC1jaGFsbGVuZ2U', // "test-challenge" in base64url
+      challenge: 'SGVsbG8gV2ViQXV0aG4h', 
       rp: {
         name: 'Test RP',
         id: 'example.com',
       },
       user: {
-        id: 'dXNlci1pZA', // "user-id" in base64url
+        id: 'dXNlci0xMjM0NTY', 
         name: 'test@example.com',
         displayName: 'Test User',
       },
@@ -41,37 +41,40 @@ describe('WebAuthn Serialization/Deserialization', () => {
       attestation: 'direct' as const,
       excludeCredentials: [
         {
-          id: 'Y3JlZC1pZA', // "cred-id" in base64url
+          id: 'Y3JlZGVudGlhbC1hYmMteHl6', 
           type: 'public-key' as const,
           transports: ['usb', 'nfc'] as AuthenticatorTransportFuture[],
         },
       ],
     }
 
     it('should convert base64url strings to ArrayBuffers using polyfill', () => {
-      // Force polyfill path by removing PublicKeyCredential
+      
       delete (global as any).PublicKeyCredential
 
       const result = deserializeCredentialCreationOptions(validServerOptions)
 
-      // Verify challenge was converted to ArrayBuffer
+      
       expect(result.challenge).toBeInstanceOf(ArrayBuffer)
       const challengeBytes = new Uint8Array(result.challenge)
+      
       expect(challengeBytes).toEqual(
-        new Uint8Array([116, 101, 115, 116, 45, 99, 104, 97, 108, 108, 101, 110, 103, 101])
+        new Uint8Array([72, 101, 108, 108, 111, 32, 87, 101, 98, 65, 117, 116, 104, 110, 33])
       )
 
-      // Verify user.id was converted to ArrayBuffer
+      
       expect(result.user.id).toBeInstanceOf(ArrayBuffer)
       const userIdBytes = new Uint8Array(result.user.id)
-      expect(userIdBytes).toEqual(new Uint8Array([117, 115, 101, 114, 45, 105, 100]))
+      
+      expect(userIdBytes).toEqual(new Uint8Array([117, 115, 101, 114, 45, 49, 50, 51, 52, 53, 54]))
 
-      // Verify excludeCredentials[0].id was converted to ArrayBuffer
+      
       expect(result.excludeCredentials![0].id).toBeInstanceOf(ArrayBuffer)
       const credIdBytes = new Uint8Array(result.excludeCredentials![0].id as ArrayBuffer)
-      expect(credIdBytes).toEqual(new Uint8Array([99, 114, 101, 100, 45, 105, 100]))
+      
+      expect(credIdBytes).toEqual(new Uint8Array([99, 114, 101, 100, 101, 110, 116, 105, 97, 108, 45, 97, 98, 99, 45, 120, 121, 122]))
 
-      // Verify other fields are preserved
+      
       expect(result.rp).toEqual(validServerOptions.rp)
       expect(result.pubKeyCredParams).toEqual(validServerOptions.pubKeyCredParams)
       expect(result.timeout).toBe(60000)
@@ -99,10 +102,10 @@ describe('WebAuthn Serialization/Deserialization', () => {
 
     it('should handle missing optional fields correctly', () => {
       const minimalOptions = {
-        challenge: 'dGVzdC1jaGFsbGVuZ2U',
+        challenge: 'SGVsbG8gV2ViQXV0aG4h', 
         rp: { name: 'Test RP' },
         user: {
-          id: 'dXNlci1pZA',
+          id: 'dXNlci0xMjM0NTY', 
           name: 'test@example.com',
           displayName: 'Test User',
         },
@@ -130,13 +133,13 @@ describe('WebAuthn Serialization/Deserialization', () => {
 
   describe('deserializeCredentialRequestOptions', () => {
     const validServerOptions = {
-      challenge: 'dGVzdC1jaGFsbGVuZ2U',
+      challenge: 'QXV0aGVudGljYXRlTWU', 
       timeout: 60000,
       rpId: 'example.com',
       userVerification: 'preferred' as const,
       allowCredentials: [
         {
-          id: 'Y3JlZC1pZA',
+          id: 'YWxsb3dlZC1jcmVkLTEyMw', 
           type: 'public-key' as const,
           transports: ['usb', 'nfc'] as AuthenticatorTransportFuture[],
         },
@@ -148,19 +151,21 @@ describe('WebAuthn Serialization/Deserialization', () => {
 
       const result = deserializeCredentialRequestOptions(validServerOptions)
 
-      // Verify challenge was converted
+      
       expect(result.challenge).toBeInstanceOf(ArrayBuffer)
       const challengeBytes = new Uint8Array(result.challenge)
+      
       expect(challengeBytes).toEqual(
-        new Uint8Array([116, 101, 115, 116, 45, 99, 104, 97, 108, 108, 101, 110, 103, 101])
+        new Uint8Array([65, 117, 116, 104, 101, 110, 116, 105, 99, 97, 116, 101, 77, 101])
       )
 
-      // Verify allowCredentials[0].id was converted
+      
       expect(result.allowCredentials![0].id).toBeInstanceOf(ArrayBuffer)
       const credIdBytes = new Uint8Array(result.allowCredentials![0].id as ArrayBuffer)
-      expect(credIdBytes).toEqual(new Uint8Array([99, 114, 101, 100, 45, 105, 100]))
+      
+      expect(credIdBytes).toEqual(new Uint8Array([97, 108, 108, 111, 119, 101, 100, 45, 99, 114, 101, 100, 45, 49, 50, 51]))
 
-      // Verify other fields preserved
+      
       expect(result.rpId).toBe('example.com')
       expect(result.userVerification).toBe('preferred')
       expect(result.timeout).toBe(60000)
@@ -192,15 +197,15 @@ describe('WebAuthn Serialization/Deserialization', () => {
       }
 
       const result = deserializeCredentialRequestOptions(optionsWithEmptyArray)
-      // Empty array is not added to result per implementation
+      
       expect(result.allowCredentials).toBeUndefined()
     })
 
     it('should handle missing allowCredentials', () => {
       delete (global as any).PublicKeyCredential
 
       const optionsWithoutAllow = {
-        challenge: 'dGVzdC1jaGFsbGVuZ2U',
+        challenge: 'QXV0aGVudGljYXRlTWU', 
         rpId: 'example.com',
       }
 
@@ -233,10 +238,10 @@ describe('WebAuthn Serialization/Deserialization', () => {
 
       const result = serializeCredentialCreationResponse(mockCredential)
 
-      // Verify ArrayBuffers were converted to base64url
-      expect(result.rawId).toBe(mockCredential.id) // Now correctly converts rawId ArrayBuffer to base64url
-      expect(result.response.attestationObject).toBe('AQIDBAU')
-      expect(result.response.clientDataJSON).toBe('BgcICQo')
+      
+      expect(result.rawId).toBe(mockCredential.id)
+      expect(result.response.attestationObject).toBe('AQIDBAU') 
+      expect(result.response.clientDataJSON).toBe('BgcICQo') 
       expect(result.authenticatorAttachment).toBe('platform')
       expect(result.clientExtensionResults).toEqual({ credProps: { rk: true } })
     })
@@ -320,12 +325,12 @@ describe('WebAuthn Serialization/Deserialization', () => {
 
       const result = serializeCredentialRequestResponse(mockCredential)
 
-      // Verify conversions
-      expect(result.rawId).toBe(mockCredential.id) // Now correctly converts rawId ArrayBuffer to base64url
-      expect(result.response.authenticatorData).toBe('AQIDBAU')
-      expect(result.response.clientDataJSON).toBe('BgcICQo')
-      expect(result.response.signature).toBe('CwwNDg8')
-      expect(result.response.userHandle).toBe('EBESExQ')
+      
+      expect(result.rawId).toBe(mockCredential.id)
+      expect(result.response.authenticatorData).toBe('AQIDBAU') 
+      expect(result.response.clientDataJSON).toBe('BgcICQo') 
+      expect(result.response.signature).toBe('CwwNDg8') 
+      expect(result.response.userHandle).toBe('EBESExQ') 
     })
 
     it('should handle null userHandle correctly', () => {
@@ -386,10 +391,10 @@ describe('WebAuthn Serialization/Deserialization', () => {
 
   describe('mergeCredentialCreationOptions', () => {
     const baseOptions: PublicKeyCredentialCreationOptionsFuture = {
-      challenge: new Uint8Array([1, 2, 3, 4]).buffer,
+      challenge: new Uint8Array([67, 104, 97, 108, 108, 101, 110, 103, 101, 49, 50, 51]).buffer, 
       rp: { name: 'Test RP', id: 'example.com' },
       user: {
-        id: new Uint8Array([5, 6, 7, 8]).buffer,
+        id: new Uint8Array([85, 115, 101, 114, 49, 50, 51]).buffer, 
         name: 'user@example.com',
         displayName: 'Test User',
       },
@@ -399,7 +404,7 @@ describe('WebAuthn Serialization/Deserialization', () => {
     it('should apply DEFAULT_CREATION_OPTIONS correctly', () => {
       const result = mergeCredentialCreationOptions(baseOptions)
 
-      // Verify defaults are applied
+      
       expect(result.authenticatorSelection).toEqual({
         authenticatorAttachment: 'cross-platform',
         requireResidentKey: false,
@@ -409,7 +414,7 @@ describe('WebAuthn Serialization/Deserialization', () => {
       expect(result.hints).toEqual(['security-key'])
       expect(result.attestation).toBe('direct')
 
-      // Verify base options are preserved
+      
       expect(result.challenge).toBe(baseOptions.challenge)
       expect(result.rp).toEqual(baseOptions.rp)
       expect(result.user).toEqual(baseOptions.user)
@@ -422,12 +427,12 @@ describe('WebAuthn Serialization/Deserialization', () => {
         },
       })
 
-      // Should merge, not replace
+      
       expect(result.authenticatorSelection).toEqual({
         authenticatorAttachment: 'cross-platform',
         requireResidentKey: false,
         residentKey: 'discouraged',
-        userVerification: 'required', // Override applied
+        userVerification: 'required', 
       })
     })
 
@@ -454,7 +459,7 @@ describe('WebAuthn Serialization/Deserialization', () => {
     })
 
     it('should not modify ArrayBuffer fields during merge', () => {
-      const customChallenge = new Uint8Array([9, 10, 11, 12]).buffer
+      const customChallenge = new Uint8Array([78, 101, 119, 67, 104, 97, 108, 108]).buffer 
       const result = mergeCredentialCreationOptions(baseOptions, {
         challenge: customChallenge,
       })
@@ -466,11 +471,11 @@ describe('WebAuthn Serialization/Deserialization', () => {
 
   describe('mergeCredentialRequestOptions', () => {
     const baseOptions: PublicKeyCredentialRequestOptionsFuture = {
-      challenge: new Uint8Array([1, 2, 3, 4]).buffer,
+      challenge: new Uint8Array([82, 101, 113, 117, 101, 115, 116]).buffer, 
       rpId: 'example.com',
       allowCredentials: [
         {
-          id: new Uint8Array([5, 6, 7, 8]).buffer,
+          id: new Uint8Array([67, 114, 101, 100, 49, 50, 51]).buffer, 
           type: 'public-key',
           transports: ['usb'],
         },
@@ -483,7 +488,7 @@ describe('WebAuthn Serialization/Deserialization', () => {
       expect(result.userVerification).toBe('preferred')
       expect(result.hints).toEqual(['security-key'])
 
-      // Base options preserved
+      
       expect(result.challenge).toBe(baseOptions.challenge)
       expect(result.allowCredentials).toBe(baseOptions.allowCredentials)
     })
@@ -503,7 +508,7 @@ describe('WebAuthn Serialization/Deserialization', () => {
     it('should preserve allowCredentials ArrayBuffers', () => {
       const newCreds = [
         {
-          id: new Uint8Array([9, 10, 11, 12]).buffer,
+          id: new Uint8Array([78, 101, 119, 67, 114, 101, 100]).buffer, 
           type: 'public-key' as const,
           transports: ['nfc'] as AuthenticatorTransportFuture[],
         },
