diff --git a/src/lib/server/schemas/auth.ts b/src/lib/server/schemas/auth.ts index 220b029..10c8fcc 100644 --- a/src/lib/server/schemas/auth.ts +++ b/src/lib/server/schemas/auth.ts @@ -19,6 +19,6 @@ export type TokenUpgradeResponse = z.infer; export const tokenUpgradeVerifyRequest = z.object({ answer: z.string().base64().nonempty(), - sigAnswer: z.string().base64().nonempty(), + answerSig: z.string().base64().nonempty(), }); export type TokenUpgradeVerifyRequest = z.infer; diff --git a/src/lib/server/schemas/client.ts b/src/lib/server/schemas/client.ts index 8bda49e..53cbb88 100644 --- a/src/lib/server/schemas/client.ts +++ b/src/lib/server/schemas/client.ts @@ -23,7 +23,7 @@ export type ClientRegisterResponse = z.infer; export const clientRegisterVerifyRequest = z.object({ answer: z.string().base64().nonempty(), - sigAnswer: z.string().base64().nonempty(), + answerSig: z.string().base64().nonempty(), }); export type ClientRegisterVerifyRequest = z.infer; diff --git a/src/lib/server/services/auth.ts b/src/lib/server/services/auth.ts index 83dbc33..fbab586 100644 --- a/src/lib/server/services/auth.ts +++ b/src/lib/server/services/auth.ts @@ -132,7 +132,7 @@ export const upgradeToken = async ( refreshToken: string, ip: string, answer: string, - sigAnswer: string, + answerSig: string, ) => { const { jti: oldJti, userId, clientId } = await verifyRefreshToken(refreshToken); if (clientId) { @@ -149,7 +149,7 @@ export const upgradeToken = async ( const client = await getClient(challenge.clientId); if (!client) { error(500, "Invalid challenge answer"); - } else if (!verifySignature(Buffer.from(answer, "base64"), sigAnswer, client.sigPubKey)) { + } else if (!verifySignature(Buffer.from(answer, "base64"), answerSig, client.sigPubKey)) { error(401, "Invalid challenge answer signature"); } diff --git a/src/lib/server/services/client.ts b/src/lib/server/services/client.ts index 9291d6b..071355e 100644 --- a/src/lib/server/services/client.ts +++ b/src/lib/server/services/client.ts @@ -92,7 +92,7 @@ export const verifyUserClient = async ( userId: number, ip: string, answer: string, - sigAnswer: string, + answerSig: string, ) => { const challenge = await getUserClientChallenge(answer, ip); if (!challenge) { @@ -104,7 +104,7 @@ export const verifyUserClient = async ( const client = await getClient(challenge.clientId); if (!client) { error(500, "Invalid challenge answer"); - } else if (!verifySignature(Buffer.from(answer, "base64"), sigAnswer, client.sigPubKey)) { + } else if (!verifySignature(Buffer.from(answer, "base64"), answerSig, client.sigPubKey)) { error(401, "Invalid challenge answer signature"); } diff --git a/src/lib/services/auth.ts b/src/lib/services/auth.ts index d796d28..606ab7c 100644 --- a/src/lib/services/auth.ts +++ b/src/lib/services/auth.ts @@ -25,7 +25,7 @@ export const requestTokenUpgrade = async ( const { challenge }: TokenUpgradeResponse = await res.json(); const answer = await decryptChallenge(challenge, decryptKey); - const sigAnswer = await signMessage(answer, signKey); + const answerSig = await signMessage(answer, signKey); res = await fetch("/api/auth/upgradeToken/verify", { method: "POST", @@ -34,7 +34,7 @@ export const requestTokenUpgrade = async ( }, body: JSON.stringify({ answer: encodeToBase64(answer), - sigAnswer: encodeToBase64(sigAnswer), + answerSig: encodeToBase64(answerSig), } satisfies TokenUpgradeVerifyRequest), }); return res.ok; diff --git a/src/lib/services/key.ts b/src/lib/services/key.ts index 5a2c620..e2dfd30 100644 --- a/src/lib/services/key.ts +++ b/src/lib/services/key.ts @@ -29,11 +29,11 @@ export const requestClientRegistration = async ( const { challenge }: ClientRegisterResponse = await res.json(); const answer = await decryptChallenge(challenge, decryptKey); - const sigAnswer = await signMessage(answer, signKey); + const answerSig = await signMessage(answer, signKey); res = await callPostApi("/api/client/register/verify", { answer: encodeToBase64(answer), - sigAnswer: encodeToBase64(sigAnswer), + answerSig: encodeToBase64(answerSig), }); return res.ok; }; diff --git a/src/routes/api/auth/upgradeToken/verify/+server.ts b/src/routes/api/auth/upgradeToken/verify/+server.ts index df001ed..c4ab37a 100644 --- a/src/routes/api/auth/upgradeToken/verify/+server.ts +++ b/src/routes/api/auth/upgradeToken/verify/+server.ts @@ -11,13 +11,13 @@ export const POST: RequestHandler = async ({ request, cookies, getClientAddress const zodRes = tokenUpgradeVerifyRequest.safeParse(await request.json()); if (!zodRes.success) error(400, "Invalid request body"); - const { answer, sigAnswer } = zodRes.data; + const { answer, answerSig } = zodRes.data; const { accessToken, refreshToken } = await upgradeToken( token, getClientAddress(), answer, - sigAnswer, + answerSig, ); cookies.set("accessToken", accessToken, { path: "/", diff --git a/src/routes/api/client/register/verify/+server.ts b/src/routes/api/client/register/verify/+server.ts index f261497..e48b454 100644 --- a/src/routes/api/client/register/verify/+server.ts +++ b/src/routes/api/client/register/verify/+server.ts @@ -12,8 +12,8 @@ export const POST: RequestHandler = async ({ request, cookies, getClientAddress const zodRes = clientRegisterVerifyRequest.safeParse(await request.json()); if (!zodRes.success) error(400, "Invalid request body"); - const { answer, sigAnswer } = zodRes.data; + const { answer, answerSig } = zodRes.data; - await verifyUserClient(userId, getClientAddress(), answer, sigAnswer); + await verifyUserClient(userId, getClientAddress(), answer, answerSig); return text("Client verified", { headers: { "Content-Type": "text/plain" } }); };