From 4e786fc360753977aa73e854e1fd17ac339f875c Mon Sep 17 00:00:00 2001
From: Frederik Rothenberger <frederik.rothenberger@dfinity.org>
Date: Tue, 19 Mar 2024 16:30:26 +0100
Subject: [PATCH] fix: Work around credentials not being enumerable (#860)

This PR fixes an issue that arises from assuming that the
`PublicKeyCredential` returned from `navigators.credentials.create`
is enumerable.
---
 docs/CHANGELOG.md                          | 2 ++
 packages/identity/src/identity/webauthn.ts | 7 ++++++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
index 87f04526..bbf44d96 100644
--- a/docs/CHANGELOG.md
+++ b/docs/CHANGELOG.md
@@ -2,6 +2,8 @@
 
 ## [Unreleased]
 
+* fix: work around `PublicKeyCredential` not being enumerable
+
 ## [1.1.0] - 2024-03-18
 
 ### Added
diff --git a/packages/identity/src/identity/webauthn.ts b/packages/identity/src/identity/webauthn.ts
index 0bcdb926..75a6c1ad 100644
--- a/packages/identity/src/identity/webauthn.ts
+++ b/packages/identity/src/identity/webauthn.ts
@@ -112,7 +112,12 @@ async function _createCredential(
   }
 
   return {
-    ...creds,
+    // do _not_ use ...creds here, as creds is not enumerable in all cases
+    id: creds.id,
+    response: creds.response,
+    type: creds.type,
+    authenticatorAttachment: creds.authenticatorAttachment,
+    getClientExtensionResults: creds.getClientExtensionResults,
     // Some password managers will return a Uint8Array, so we ensure we return an ArrayBuffer.
     rawId: bufFromBufLike(creds.rawId),
   };