From 8c1b45f35b0012bc8a8866fee513074b90d129e5 Mon Sep 17 00:00:00 2001
From: Thomas Kaul <4159106+dtslvr@users.noreply.github.com>
Date: Mon, 30 Oct 2023 19:23:55 +0100
Subject: [PATCH] Bugfix/fix exception in webauthn page (#2564)

* Remove useBrowserAutofill option in startAuthentication()

* Update changelog
---
 CHANGELOG.md                                   |  4 ++++
 .../src/app/services/web-authn.service.ts      | 18 +++++++++---------
 2 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2bb45d39..b38f7b92 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,10 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Improved the language localization for German (`de`)
 
+### Fixed
+
+- Fixed an issue in the biometric authentication
+
 ## 2.16.0 - 2023-10-29
 
 ### Changed
diff --git a/apps/client/src/app/services/web-authn.service.ts b/apps/client/src/app/services/web-authn.service.ts
index 5075d036..5c7b1983 100644
--- a/apps/client/src/app/services/web-authn.service.ts
+++ b/apps/client/src/app/services/web-authn.service.ts
@@ -46,12 +46,10 @@ export class WebAuthnService {
         switchMap((attOps) => {
           return startRegistration(attOps);
         }),
-        switchMap((attResp) => {
+        switchMap((credential) => {
           return this.http.post<AuthDeviceDto>(
             `/api/v1/auth/webauthn/verify-attestation`,
-            {
-              credential: attResp
-            }
+            { credential }
           );
         }),
         tap((authDevice) =>
@@ -65,6 +63,7 @@ export class WebAuthnService {
 
   public deregister() {
     const deviceId = this.getDeviceId();
+
     return this.http
       .delete<AuthDeviceDto>(`/api/v1/auth-device/${deviceId}`)
       .pipe(
@@ -82,20 +81,21 @@ export class WebAuthnService {
 
   public login() {
     const deviceId = this.getDeviceId();
+
     return this.http
       .post<PublicKeyCredentialRequestOptionsJSON>(
         `/api/v1/auth/webauthn/generate-assertion-options`,
         { deviceId }
       )
       .pipe(
-        switchMap((requestOptionsJSON) =>
-          startAuthentication(requestOptionsJSON, true)
-        ),
-        switchMap((assertionResponse) => {
+        switchMap((requestOptionsJSON) => {
+          return startAuthentication(requestOptionsJSON);
+        }),
+        switchMap((credential) => {
           return this.http.post<{ authToken: string }>(
             `/api/v1/auth/webauthn/verify-assertion`,
             {
-              credential: assertionResponse,
+              credential,
               deviceId
             }
           );