fix: for issues with _allowCredentials and device registration

[thomas-schofield-fr]

JIRA Ticket

Fixes for original changes made by:

1. AME-33781
2. AME-33773

Description

Fixes 2 bugs:

1. Check for isWebAuthnSupported() should have been inverted when registering a new device.
2. _allowCredentials array entries have an id property which needed to be a typed array for navigator.credentials.get().

[changeset-bot]

⚠️ No Changeset found

Latest commit: ad9026a

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[ryanbas21]

I don't understand this comment. The type PublicKeyCredentialDescriptor shows this

interface PublicKeyCredentialDescriptor {
    id: BufferSource;
    transports?: AuthenticatorTransport[];
    type: PublicKeyCredentialType;
}

This type comes from lib.dom.ts https://www.dec112.at/docs/ng112-js/1.9.4/interfaces/_internal_.PublicKeyCredentialDescriptor.html

Are we saying this is wrong?

navigator.credentials.get accepts CredentialRequestOptions

interface CredentialRequestOptions {
    mediation?: CredentialMediationRequirement;
    publicKey?: PublicKeyCredentialRequestOptions;
    signal?: AbortSignal;
}

Pulling your branch down, and just looking at cred it seems like this is already the correct type?

I'm a bit confused by this change.

[thomas-schofield-fr]

I think TypeScript just doesn't correctly verify the incoming metadataCallback.getOutputValue('data') is actually the correct type all the way through - specifically, the id property is Array which doesn't conform to BufferSource.

If we don't make the change, the error from navigator.credentials.get is fairly clear:

[ryanbas21]

Does this happen on the latest version of the SDK before these changes? I feel like this would be a pretty breaking bug?

[thomas-schofield-fr]

It does not, it's a new issue since 03135cf#diff-112486585734aee9407beea04e071c53e7eddce56a465b7462455fcb0e3bb346R514

[ryanbas21]

Ran this locally with a local publish + webauthn flow and it worked.