fix: exclude token from device signing payload in password auth mode

When authMode is 'password', the auth token is null/undefined, but was
being included in the device signing payload. This caused a signature
mismatch on the gateway side, preventing password-mode auth from working.
This commit is contained in:
Marcel Hild
2026-03-08 13:19:44 +01:00
parent c9dc2a671a
commit 5a6179aa8b

View File

@@ -137,7 +137,7 @@ export class GatewayClient {
role,
scopes,
signedAtMs,
token: this.authToken || null,
token: this.authMode === 'password' ? null : (this.authToken || null),
nonce,
});
const signature = await signPayload(this.deviceIdentity.keyPair.privateKey, payload);