You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Bug Report: Cannot rehydrate MDoc from JSON due to unexported IssuerAuth class
Summary
When an MDoc instance is serialized using JSON.stringify(mdoc) and then deserialized using JSON.parse(...), the issuerSigned.issuerAuth becomes a plain object. This results in the following runtime error:
TypeError: this.issuerSigned?.issuerAuth.getContentForEncoding is not a function
Why this is a problem
The DeviceResponse.from(mdoc).sign() call fails after deserialization.
The issuerAuth object loses its class methods such as getContentForEncoding.
Since the IssuerAuth class is not exported, users have no way to rehydrate it correctly.
This makes it impossible to persist mDocs to a file or database and reuse them reliably later.
Steps to Reproduce
import{MDoc,DeviceResponse}from'@auth0/mdl';import*asfsfrom'fs';// Step 1: Assume we have a valid MDocconstmdoc=newMDoc([...]);// Step 2: Serializeconstjson=JSON.stringify(mdoc);fs.writeFileSync('mdoc.json',json);// Step 3: Deserializeconstparsed=JSON.parse(fs.readFileSync('mdoc.json','utf-8'));// Step 4: ReuseconstparsedMdoc=newMDoc([parsed]);awaitDeviceResponse.from(parsedMdoc).sign();
Expected Behavior
Either:
IssuerAuth should be exported so users can manually rehydrate it (e.g. new IssuerAuth(obj)), OR
A helper function such as MDoc.fromJSON() should be provided to reconstruct a full object graph from plain JSON (including nested types like IssuerAuth and DeviceSignedDocument).
Suggested Solution
Export the IssuerAuth class from the library, or Add MDoc.fromJSON() or similar to allow proper deserialization from persisted data.
Bug Report: Cannot rehydrate
MDocfrom JSON due to unexportedIssuerAuthclassSummary
When an
MDocinstance is serialized usingJSON.stringify(mdoc)and then deserialized usingJSON.parse(...), theissuerSigned.issuerAuthbecomes a plain object. This results in the following runtime error:Why this is a problem
DeviceResponse.from(mdoc).sign()call fails after deserialization.issuerAuthobject loses its class methods such asgetContentForEncoding.IssuerAuthclass is not exported, users have no way to rehydrate it correctly.Steps to Reproduce
Expected Behavior
Suggested Solution
Export the IssuerAuth class from the library, or Add MDoc.fromJSON() or similar to allow proper deserialization from persisted data.