fix: exclude token from device signing payload in password auth mode
When authMode is 'password', the auth token is null/undefined, but was being included in the device signing payload. This caused a signature mismatch on the gateway side, preventing password-mode auth from working.
This commit is contained in:
@@ -137,7 +137,7 @@ export class GatewayClient {
|
||||
role,
|
||||
scopes,
|
||||
signedAtMs,
|
||||
token: this.authToken || null,
|
||||
token: this.authMode === 'password' ? null : (this.authToken || null),
|
||||
nonce,
|
||||
});
|
||||
const signature = await signPayload(this.deviceIdentity.keyPair.privateKey, payload);
|
||||
|
||||
Reference in New Issue
Block a user