fix: exclude token from device signing payload in password auth mode
When authMode is 'password', the auth token is null/undefined, but was being included in the device signing payload. This caused a signature mismatch on the gateway side, preventing password-mode auth from working.
This commit is contained in:
@@ -137,7 +137,7 @@ export class GatewayClient {
|
|||||||
role,
|
role,
|
||||||
scopes,
|
scopes,
|
||||||
signedAtMs,
|
signedAtMs,
|
||||||
token: this.authToken || null,
|
token: this.authMode === 'password' ? null : (this.authToken || null),
|
||||||
nonce,
|
nonce,
|
||||||
});
|
});
|
||||||
const signature = await signPayload(this.deviceIdentity.keyPair.privateKey, payload);
|
const signature = await signPayload(this.deviceIdentity.keyPair.privateKey, payload);
|
||||||
|
|||||||
Reference in New Issue
Block a user