fix: WebAuthn type fixes to align with CDI (#1002)

* fix: handle optional recipeUserId in getUserFromRecoverAccountToken response

* rebuilt code

* fix: update WebAuthn types to use number for createdAt, expiresAt and timout fields and made email optional in for register options

* changelog updates

---------

Co-authored-by: Victor Bojica <[email protected]>

Author: coolbueb

CHANGELOG.md

@@ -14,6 +14,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 -   Fixes broken workflows (Example Tests, AWS Edge function compatibility)
 -   Sets up workflow to run auth-react tests
     -   Updates test-servers to work with updated tests
+-   Fixes wrong types types from `string` to `number` on `createdAt`, `expiresAt` and `timeout` from the WebAuthn recipe
+-   Fixed `email` property by making it optional on `getGeneratedOptions` recipe implementation method
 
 ## [23.0.0] - 2025-06-10
 

lib/build/recipe/webauthn/index.d.ts

@@ -328,7 +328,7 @@ export default function getRecipeInterface(
                 return {
                     ...resp,
                     user: new User(resp.user),
-                    recipeUserId: new RecipeUserId(resp.recipeUserId),
+                    recipeUserId: resp.recipeUserId ? new RecipeUserId(resp.recipeUserId) : undefined,
                 };
             }
 

lib/build/recipe/webauthn/recipeImplementation.js

@@ -199,8 +199,8 @@ export type RecipeInterface = {
         | {
               status: "OK";
               webauthnGeneratedOptionsId: string;
-              createdAt: string;
-              expiresAt: string;
+              createdAt: number;
+              expiresAt: number;
               // for understanding the response, see https://www.w3.org/TR/webauthn-3/#sctn-registering-a-new-credential and https://developer.mozilla.org/en-US/docs/Web/API/PublicKeyCredential
               rp: {
                   id: string;
@@ -246,8 +246,8 @@ export type RecipeInterface = {
         | {
               status: "OK";
               webauthnGeneratedOptionsId: string;
-              createdAt: string;
-              expiresAt: string;
+              createdAt: number;
+              expiresAt: number;
               challenge: string;
               timeout: number;
               userVerification: UserVerification;
@@ -344,7 +344,9 @@ export type RecipeInterface = {
         token: string;
         tenantId: string;
         userContext: UserContext;
-    }): Promise<{ status: "OK"; user: User; recipeUserId: RecipeUserId } | GetUserFromRecoverAccountTokenErrorResponse>;
+    }): Promise<
+        { status: "OK"; user: User; recipeUserId?: RecipeUserId } | GetUserFromRecoverAccountTokenErrorResponse
+    >;
 
     removeCredential(input: { webauthnCredentialId: string; recipeUserId: string; userContext: UserContext }): Promise<
         | {
@@ -393,8 +395,8 @@ export type RecipeInterface = {
               userVerification: UserVerification;
               userPresence: boolean;
               origin: string;
-              email: string;
-              timeout: string;
+              email?: string;
+              timeout: number;
               challenge: string;
               createdAt: number;
               expiresAt: number;
@@ -483,8 +485,8 @@ export type APIInterface = {
               | {
                     status: "OK";
                     webauthnGeneratedOptionsId: string;
-                    createdAt: string;
-                    expiresAt: string;
+                    createdAt: number;
+                    expiresAt: number;
                     rp: {
                         id: string;
                         name: string;
@@ -522,8 +524,8 @@ export type APIInterface = {
               | {
                     status: "OK";
                     webauthnGeneratedOptionsId: string;
-                    createdAt: string;
-                    expiresAt: string;
+                    createdAt: number;
+                    expiresAt: number;
                     rpId: string;
                     challenge: string;
                     timeout: number;