-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Revisit options challenge endpoints #45132
Revisit options challenge endpoints #45132
Conversation
This comment has been minimized.
This comment has been minimized.
🙈 The PR is closed and the preview is expired. |
This comment has been minimized.
This comment has been minimized.
239adb8
to
37c204f
Compare
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
37c204f
to
76295ea
Compare
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Besides the JS function, this is great. I can take care of updating the migration guide https://github.com/quarkusio/quarkus/wiki/Migration-Guide-3.18/#webauthn and the Quickstart (https://github.com/quarkusio/quarkus-quickstarts/tree/main/security-webauthn-quickstart and https://github.com/quarkusio/quarkus-quickstarts/tree/main/security-webauthn-reactive-quickstart if it actually turns out we need to update them) when we merge this.
Although, perhaps this is our last chance to rename userName
to username
and make this lowercase, what do you think?
@@ -215,13 +214,12 @@ | |||
if (!self.loginOptionsChallengePath) { | |||
return Promise.reject('Login challenge path missing from the initial configuration!'); | |||
} | |||
return self.fetchWithCsrf(self.loginOptionsChallengePath, { | |||
method: 'POST', | |||
return self.fetchWithCsrf(self.loginOptionsChallengePath + "?" + new URLSearchParams({name: user.name}).toString(), { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
https://quarkus.io/version/main/guides/security-webauthn#invoke-login documents that the user name is optional for this method. It doesn't really say whether it's the entire user
parameter that is optional, but the previous code used to do user || {}
so it was in practice optional. Perhaps we should keep it entirely optional?
I prefer |
Alright, let's change it to username then, fix this now. Do you mind doing it as part of this PR? |
I've added some commits to rename |
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
bf86e3c
to
85938e7
Compare
This comment has been minimized.
This comment has been minimized.
85938e7
to
0da01e2
Compare
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
@FroMage I've addressed |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great. Could you rebase your commits to group them better? In particular the WIP and userName->username
ones could be merged.
This comment has been minimized.
This comment has been minimized.
The quickstart failure is expected, since you have a PR pending there. |
@FroMage Oh, I recalled why I marked it WIP. |
0da01e2
to
5aeb831
Compare
Oh, oops. Let me see… |
Rebased to main and merged some commits that are close in content |
This comment has been minimized.
This comment has been minimized.
Change register-options-challenge endpoint and login-options-challenge endpoint from POST to GET Update webauthn.js regarding change from POST to GET Update security-webauthn.adoc
Correct query parameter name from name to userName
5aeb831
to
2859983
Compare
OK, should be good. |
I merged this and the Quickstarts, and updated the migration docs. Thanks a lot @ynojima ! |
…EGISTER_CHALLENGE_OPTIONS_URL endpoint For more info about these changes see quarkusio/quarkus#45132
…EGISTER_CHALLENGE_OPTIONS_URL endpoint For more info about these changes see quarkusio/quarkus#45132
Addresses #45091, Follow-up for #44105
/q/webauthn/register-options-challenge
and/q/webauthn/login-options-challenge
endpoints fromPOST
toGET
username
fromname
oruserName
for consistencyuser
parameter ofloginCLientSteps
method optionalI couldn't update the webauthn-*.svg files as I don't have the original files.