diff --git a/go.mod b/go.mod index c96225988..db4170f62 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/go-ldap/ldap/v3 v3.4.4 github.com/go-rod/rod v0.112.8 github.com/go-sql-driver/mysql v1.7.0 - github.com/go-webauthn/webauthn v0.7.1 + github.com/go-webauthn/webauthn v0.5.0 github.com/golang-jwt/jwt/v4 v4.5.0 github.com/golang/mock v1.6.0 github.com/google/uuid v1.3.0 diff --git a/go.sum b/go.sum index 2b005df1a..d298482e3 100644 --- a/go.sum +++ b/go.sum @@ -168,6 +168,8 @@ github.com/go-sql-driver/mysql v1.7.0/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-webauthn/revoke v0.1.9 h1:gSJ1ckA9VaKA2GN4Ukp+kiGTk1/EXtaDb1YE8RknbS0= github.com/go-webauthn/revoke v0.1.9/go.mod h1:j6WKPnv0HovtEs++paan9g3ar46gm1NarktkXBaPR+w= +github.com/go-webauthn/webauthn v0.5.0 h1:Tbmp37AGIhYbQmcy2hEffo3U3cgPClqvxJ7cLUnF7Rc= +github.com/go-webauthn/webauthn v0.5.0/go.mod h1:0CBq/jNfPS9l033j4AxMk8K8MluiMsde9uGNSPFLEVE= github.com/go-webauthn/webauthn v0.7.1 h1:b1/HP1bkqsW+DIO22WyG7BP9dL0rN151VpruH6cxADA= github.com/go-webauthn/webauthn v0.7.1/go.mod h1:22OJd+TV8oHrjjXmPHtcPR82lR/yR5m5ilGiF8yPFrE= github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= diff --git a/internal/handlers/handler_sign_webauthn.go b/internal/handlers/handler_sign_webauthn.go index da7b88f82..7c65c6a8c 100644 --- a/internal/handlers/handler_sign_webauthn.go +++ b/internal/handlers/handler_sign_webauthn.go @@ -52,7 +52,7 @@ func WebauthnAssertionGET(ctx *middlewares.AutheliaCtx) { extensions := map[string]any{} if user.HasFIDOU2F() { - extensions["appid"] = w.Config.RPOrigins[0] + extensions["appid"] = w.Config.RPOrigin } if len(extensions) != 0 { diff --git a/internal/handlers/webauthn.go b/internal/handlers/webauthn.go index d9703e2df..5154689de 100644 --- a/internal/handlers/webauthn.go +++ b/internal/handlers/webauthn.go @@ -3,7 +3,6 @@ package handlers import ( "fmt" "net/url" - "strings" "github.com/go-webauthn/webauthn/protocol" "github.com/go-webauthn/webauthn/webauthn" @@ -45,7 +44,7 @@ func newWebauthn(ctx *middlewares.AutheliaCtx) (w *webauthn.WebAuthn, err error) config := &webauthn.Config{ RPDisplayName: ctx.Configuration.Webauthn.DisplayName, RPID: rpID, - RPOrigins: []string{origin}, + RPOrigin: origin, RPIcon: "", AttestationPreference: ctx.Configuration.Webauthn.ConveyancePreference, @@ -58,7 +57,7 @@ func newWebauthn(ctx *middlewares.AutheliaCtx) (w *webauthn.WebAuthn, err error) Timeout: int(ctx.Configuration.Webauthn.Timeout.Milliseconds()), } - ctx.Logger.Tracef("Creating new Webauthn RP instance with ID %s and Origins %s", config.RPID, strings.Join(config.RPOrigins, ", ")) + ctx.Logger.Tracef("Creating new Webauthn RP instance with ID %s and Origins %s", config.RPID, config.RPOrigin) return webauthn.New(config) } diff --git a/internal/model/webauthn.go b/internal/model/webauthn.go index 3fd9589fa..a3a19c62e 100644 --- a/internal/model/webauthn.go +++ b/internal/model/webauthn.go @@ -166,7 +166,7 @@ func (d *WebauthnDevice) UpdateSignInInfo(config *webauthn.Config, now time.Time switch d.AttestationType { case attestationTypeFIDOU2F: - d.RPID = config.RPOrigins[0] + d.RPID = config.RPOrigin default: d.RPID = config.RPID }