Skip to content

refactor(passkey): restrict NewPasskey type to repository layer#20342

Merged
MagentaManifold merged 1 commit intomainfrom
FXA-13402
Apr 10, 2026
Merged

refactor(passkey): restrict NewPasskey type to repository layer#20342
MagentaManifold merged 1 commit intomainfrom
FXA-13402

Conversation

@MagentaManifold
Copy link
Copy Markdown
Contributor

@MagentaManifold MagentaManifold commented Apr 8, 2026
edited
Loading

Because

  • NewPasskey use integers for boolean values and should be used for db operations only

This pull request

  • make insertPasskey take in a Passkey and transform it to NewPasskey internally

Issue that this pull request solves

Closes: FXA-13402

Checklist

Put an x in the boxes that apply

  • My commit is GPG signed.
  • If applicable, I have modified or added tests which pass locally.
  • I have added necessary documentation (if appropriate).
  • I have verified that my changes render correctly in RTL (if appropriate).
  • I have manually reviewed all AI generated code.

How to review (Optional)

  • Key files/areas to focus on:
  • Suggested review order:
  • Risky or complex parts:

Screenshots (Optional)

Please attach the screenshots of the changes made in case of change in user interface.

Other information (Optional)

Based on #20341 because otherwise there will be a merge conflict.

@MagentaManifold MagentaManifold requested a review from a team as a code owner April 8, 2026 22:32
Copilot AI review requested due to automatic review settings April 8, 2026 22:32
MagentaManifold
MagentaManifold commented Apr 8, 2026
View reviewed changes
Comment thread libs/shared/db/mysql/account/src/lib/kysely-types.ts
publicKey: Buffer;
signCount: number;
transports: Json;
transports: JSONColumnType<string[]>;
Copy link
Copy Markdown
Contributor Author

@MagentaManifold MagentaManifold Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This should provider nicer typing

Copilot AI reviewed Apr 8, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the passkey registration flow to persist prfEnabled from WebAuthn registration responses and refactors the passkey write path to pass around the Passkey shape (booleans + string[] transports) instead of mapping to NewPasskey in the service layer.

Changes:

  • Add prfEnabled extraction to the WebAuthn adapter and cover it with unit tests.
  • Refactor passkey creation/registration to pass a Passkey object through service/manager layers and centralize MySQL storage-type conversions in the repository.
  • Update shared DB typings and factories to represent transports as a JSON array and backup/prf flags as booleans at the domain/type level.

Reviewed changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
libs/shared/db/mysql/account/src/lib/kysely-types.ts Change passkeys.transports typing to a JSON column array.
libs/shared/db/mysql/account/src/lib/factories.ts Update PasskeyFactory to produce Passkey shape (arrays + booleans).
libs/accounts/passkey/src/lib/webauthn-adapter.ts Extract prfEnabled from authenticatorExtensionResults.
libs/accounts/passkey/src/lib/webauthn-adapter.spec.ts Add test coverage for prfEnabled extraction defaults/variants.
libs/accounts/passkey/src/lib/passkey.service.ts Stop mapping to NewPasskey; register using Passkey and propagate prfEnabled.
libs/accounts/passkey/src/lib/passkey.service.spec.ts Update expectations to the new Passkey shape and include prfEnabled.
libs/accounts/passkey/src/lib/passkey.repository.ts Convert PasskeyNewPasskey at insert time (stringify transports + boolean→0/1).
libs/accounts/passkey/src/lib/passkey.manager.ts Update registerPasskey signature to accept Passkey.
libs/accounts/passkey/src/lib/passkey.manager.in.spec.ts Update integration tests to use boolean flags for passkeys.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread libs/shared/db/mysql/account/src/lib/kysely-types.ts
Comment on lines 246 to 252
export interface Passkeys {
uid: Buffer;
credentialId: Buffer;
publicKey: Buffer;
signCount: number;
transports: Json;
transports: JSONColumnType<string[]>;
aaguid: Buffer;
Copy link

Copilot AI Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

transports was changed to JSONColumnType<string[]>, which assumes the underlying MySQL column is a real JSON type and will be returned as an array at runtime. In this repo there’s still a conflicting schema used by testAccountDatabaseSetup (see libs/shared/db/mysql/account/src/test/passkeys.sql:6, where transports is varchar(255) DEFAULT NULL). If that test schema (or any deployed environment) is still in use, reads will return a string/NULL rather than string[], and code that treats transports as an array may misbehave. Consider updating the test schema to match the migrations (e.g., packages/db-migrations/databases/fxa/patches/patch-184-185.sql:15 uses transports JSON NOT NULL) or reverting the Kysely typing to reflect the actual column type used in all environments.

Copilot uses AI. Check for mistakes.
Comment thread libs/accounts/passkey/src/lib/passkey.repository.ts
@MagentaManifold MagentaManifold marked this pull request as draft April 8, 2026 23:11
@MagentaManifold MagentaManifold changed the title Fxa 13402 refactor(passkey): restrict NewPasskey type to repository layer Apr 8, 2026
@MagentaManifold MagentaManifold marked this pull request as ready for review April 9, 2026 16:02
vpomerleau
vpomerleau reviewed Apr 9, 2026
View reviewed changes
Comment thread libs/accounts/passkey/src/lib/passkey.manager.in.spec.ts Outdated
@@ -95,9 +95,9 @@ describe('PasskeyManager (Integration)', () => {
// Pass lastUsedAt: null explicitly — PasskeyFactory may randomise it
const newPasskey = PasskeyFactory({
Copy link
Copy Markdown
Contributor

@vpomerleau vpomerleau Apr 9, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

change to const passkey?

@MagentaManifold
refactor(passkey): restrict NewPasskey type to repository layer
72baca7 
Because:

* NewPasskey use integers for boolean values and should be used for db operations only

This commit:

* make insertPasskey take in a Passkey and transform it to NewPasskey internally

Closes FXA-13402
@MagentaManifold MagentaManifold merged commit b628af4 into main Apr 10, 2026
21 checks passed
@MagentaManifold MagentaManifold deleted the FXA-13402 branch April 10, 2026 00:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@vpomerleau vpomerleau vpomerleau approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@MagentaManifold @vpomerleau