fix: encoding
James Elliott
parent
e5cdb175b4
commit
a13a3c45f2
2
go.mod
2
go.mod
|
|
@ -15,7 +15,7 @@ require (
|
|||
github.com/go-ldap/ldap/v3 v3.4.4
|
||||
github.com/go-rod/rod v0.112.5
|
||||
github.com/go-sql-driver/mysql v1.7.0
|
||||
github.com/go-webauthn/webauthn v0.7.2-0.20230215030733-184b9e43f224
|
||||
github.com/go-webauthn/webauthn v0.8.0
|
||||
github.com/golang-jwt/jwt/v4 v4.4.3
|
||||
github.com/golang/mock v1.6.0
|
||||
github.com/google/uuid v1.3.0
|
||||
|
|
|
|||
4
go.sum
4
go.sum
|
|
@ -192,8 +192,8 @@ github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg78
|
|||
github.com/go-test/deep v1.0.2-0.20181118220953-042da051cf31/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA=
|
||||
github.com/go-webauthn/revoke v0.1.9 h1:gSJ1ckA9VaKA2GN4Ukp+kiGTk1/EXtaDb1YE8RknbS0=
|
||||
github.com/go-webauthn/revoke v0.1.9/go.mod h1:j6WKPnv0HovtEs++paan9g3ar46gm1NarktkXBaPR+w=
|
||||
github.com/go-webauthn/webauthn v0.7.2-0.20230215030733-184b9e43f224 h1:FD36ZZlNO+E1MarHZiWT6KiZpEUc06slIeT1P2suK9k=
|
||||
github.com/go-webauthn/webauthn v0.7.2-0.20230215030733-184b9e43f224/go.mod h1:22OJd+TV8oHrjjXmPHtcPR82lR/yR5m5ilGiF8yPFrE=
|
||||
github.com/go-webauthn/webauthn v0.8.0 h1:0MPTC348uPc88XCmn5VZaI+Lp0u2LXawYpPvNayLsio=
|
||||
github.com/go-webauthn/webauthn v0.8.0/go.mod h1:22OJd+TV8oHrjjXmPHtcPR82lR/yR5m5ilGiF8yPFrE=
|
||||
github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
|
||||
github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
|
||||
github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
|
||||
|
|
|
|||
|
|
@ -58,9 +58,11 @@ func WebauthnAssertionGET(ctx *middlewares.AutheliaCtx) {
|
|||
if len(extensions) != 0 {
|
||||
opts = append(opts, webauthn.WithAssertionExtensions(extensions))
|
||||
}
|
||||
var assertion *protocol.CredentialAssertion
|
||||
|
||||
data := session.Webauthn{}
|
||||
var (
|
||||
assertion *protocol.CredentialAssertion
|
||||
data session.Webauthn
|
||||
)
|
||||
|
||||
if assertion, data.SessionData, err = w.BeginLogin(user, opts...); err != nil {
|
||||
ctx.Logger.Errorf("Unable to create %s authentication challenge for user '%s': %+v", regulation.AuthTypeWebauthn, userSession.Username, err)
|
||||
|
|
@ -207,8 +209,8 @@ func WebauthnAssertionPOST(ctx *middlewares.AutheliaCtx) {
|
|||
}
|
||||
|
||||
userSession.SetTwoFactorWebauthn(ctx.Clock.Now(),
|
||||
assertionResponse.Response.AuthenticatorData.Flags.UserPresent(),
|
||||
assertionResponse.Response.AuthenticatorData.Flags.UserVerified())
|
||||
assertionResponse.Response.AuthenticatorData.Flags.HasUserPresent(),
|
||||
assertionResponse.Response.AuthenticatorData.Flags.HasUserVerified())
|
||||
|
||||
if err = ctx.SaveSession(userSession); err != nil {
|
||||
ctx.Logger.Errorf(logFmtErrSessionSave, "removal of the authentiation challenge and authentication time", regulation.AuthTypeWebauthn, userSession.Username, err)
|
||||
|
|
|
|||
|
|
@ -51,19 +51,30 @@ func newWebauthn(ctx *middlewares.AutheliaCtx) (w *webauthn.WebAuthn, err error)
|
|||
}
|
||||
|
||||
config := &webauthn.Config{
|
||||
RPDisplayName: ctx.Configuration.Webauthn.DisplayName,
|
||||
RPID: origin.Hostname(),
|
||||
RPOrigins: []string{origin.String()},
|
||||
RPIcon: "",
|
||||
|
||||
RPID: origin.Hostname(),
|
||||
RPDisplayName: ctx.Configuration.Webauthn.DisplayName,
|
||||
RPOrigins: []string{origin.String()},
|
||||
AttestationPreference: ctx.Configuration.Webauthn.ConveyancePreference,
|
||||
AuthenticatorSelection: protocol.AuthenticatorSelection{
|
||||
AuthenticatorAttachment: protocol.CrossPlatform,
|
||||
UserVerification: ctx.Configuration.Webauthn.UserVerification,
|
||||
RequireResidentKey: protocol.ResidentKeyNotRequired(),
|
||||
ResidentKey: protocol.ResidentKeyRequirementDiscouraged,
|
||||
UserVerification: ctx.Configuration.Webauthn.UserVerification,
|
||||
},
|
||||
Debug: false,
|
||||
EncodeUserIDAsString: true,
|
||||
Timeouts: webauthn.TimeoutsConfig{
|
||||
Login: webauthn.TimeoutConfig{
|
||||
Enforce: true,
|
||||
Timeout: ctx.Configuration.Webauthn.Timeout,
|
||||
TimeoutUVD: ctx.Configuration.Webauthn.Timeout,
|
||||
},
|
||||
Registration: webauthn.TimeoutConfig{
|
||||
Enforce: true,
|
||||
Timeout: ctx.Configuration.Webauthn.Timeout,
|
||||
TimeoutUVD: ctx.Configuration.Webauthn.Timeout,
|
||||
},
|
||||
},
|
||||
|
||||
Timeout: int(ctx.Configuration.Webauthn.Timeout.Milliseconds()),
|
||||
}
|
||||
|
||||
ctx.Logger.Tracef("Creating new Webauthn RP instance with ID %s and Origins %s", config.RPID, strings.Join(config.RPOrigins, ", "))
|
||||
|
|
|
|||
|
|
@ -104,8 +104,6 @@ function getAssertionResultFromDOMException(
|
|||
}
|
||||
}
|
||||
|
||||
const decode = (str: string): string => window.atob(str.replace("-", "+").replace("_", "/")).toString();
|
||||
|
||||
export async function getAttestationCreationOptions(
|
||||
description: string,
|
||||
): Promise<PublicKeyCredentialCreationOptionsStatus> {
|
||||
|
|
@ -127,8 +125,6 @@ export async function getAttestationCreationOptions(
|
|||
};
|
||||
}
|
||||
|
||||
response.data.data.publicKey.user.id = decode(response.data.data.publicKey.user.id);
|
||||
|
||||
return {
|
||||
options: response.data.data.publicKey,
|
||||
status: response.status,
|
||||
|
|
|
|||
Loading…
Reference in New Issue