fix: Work around credentials not being enumerable (#860)

Frederik Rothenberger · web-flow · commit 4e786fc36075 · 2024-03-19T08:30:26.000-07:00
This PR fixes an issue that arises from assuming that the
`PublicKeyCredential` returned from `navigators.credentials.create`
is enumerable.
diff --git a/docs/CHANGELOG.md b/docs/CHANGELOG.md
@@ -2,6 +2,8 @@
 
 ## [Unreleased]
 
+* fix: work around `PublicKeyCredential` not being enumerable
+
 ## [1.1.0] - 2024-03-18
 
 ### Added
diff --git a/packages/identity/src/identity/webauthn.ts b/packages/identity/src/identity/webauthn.ts
@@ -112,7 +112,12 @@ async function _createCredential(
   }
 
   return {
-    ...creds,
+    // do _not_ use ...creds here, as creds is not enumerable in all cases
+    id: creds.id,
+    response: creds.response,
+    type: creds.type,
+    authenticatorAttachment: creds.authenticatorAttachment,
+    getClientExtensionResults: creds.getClientExtensionResults,
     // Some password managers will return a Uint8Array, so we ensure we return an ArrayBuffer.
     rawId: bufFromBufLike(creds.rawId),
   };
