diff --git a/passkeys-backend/functions/registration/start.js b/passkeys-backend/functions/registration/start.js index a67c7dd3..d0bb6834 100644 --- a/passkeys-backend/functions/registration/start.js +++ b/passkeys-backend/functions/registration/start.js @@ -22,6 +22,11 @@ exports.handler = async (context, event, callback) => { const { username, password } = context.getTwilioClient(); + const androidOrigins = (keys) => { + if (!keys || keys.trim() === '""') return []; + return keys.split(','); + }; + // Request body sent to passkeys verify URL call /* eslint-disable camelcase */ const requestBody = { @@ -35,7 +40,7 @@ exports.handler = async (context, event, callback) => { name: 'PasskeySample', origins: [ `https://${DOMAIN_NAME}`, - ...(ANDROID_APP_KEYS?.split(',') ?? []), + ...androidOrigins(ANDROID_APP_KEYS), ], }, user: { diff --git a/passkeys-backend/tests/registration-start.test.js b/passkeys-backend/tests/registration-start.test.js index 9c0e08f7..053c74aa 100644 --- a/passkeys-backend/tests/registration-start.test.js +++ b/passkeys-backend/tests/registration-start.test.js @@ -107,6 +107,34 @@ describe('registration/start', () => { ); }); + // This is how the CodeExchange is populating the optional field if left empty + it('works with ANDROID_APP_KEYS empty string', (done) => { + const callback = (_, { _body }) => { + expect(axios.post).toHaveBeenCalledWith( + 'https://api.com/Factors', + mockRequestBody, + { auth: { password: 'mockPassword', username: 'mockUsername' } } + ); + done(); + }; + + const mockContextWithoutAndroidKeys = { + API_URL: 'https://api.com', + ANDROID_APP_KEYS: '""', + DOMAIN_NAME: 'example.com', + getTwilioClient: () => ({ + username: 'mockUsername', + password: 'mockPassword', + }), + }; + + handlerFunction( + mockContextWithoutAndroidKeys, + { username: 'user001' }, + callback + ); + }); + it('calls the API with the expected request body', (done) => { const modifiedRequest = structuredClone(mockRequestBody); modifiedRequest.content.relying_party.origins.push('key1', 'key2', 'key3');