Skip to content

Commit 0b21631

Browse files
committed
Tolerate "publicKey" and "publicKeyAlgorithm" properties in parseRegistrationResponseJson
1 parent f0da07b commit 0b21631

File tree

3 files changed

+52
-0
lines changed

3 files changed

+52
-0
lines changed

NEWS

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,14 @@ New features:
1717
around passkey use cases.
1818
* Added `Automatic-Module-Name` to jar manifest.
1919

20+
Fixes:
21+
22+
* `AuthenticatorAttestationResponse` now tolerates and ignores properties
23+
`"publicKey"` and `"publicKeyAlgorithm"` during JSON deserialization. These
24+
properties are emitted by the `PublicKeyCredential.toJSON()` method added in
25+
WebAuthn Level 3.
26+
27+
2028
`webauthn-server-attestation`:
2129

2230
New features:

webauthn-server-core/src/main/java/com/yubico/webauthn/data/AuthenticatorAttestationResponse.java

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -26,6 +26,7 @@
2626

2727
import com.fasterxml.jackson.annotation.JsonCreator;
2828
import com.fasterxml.jackson.annotation.JsonIgnore;
29+
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
2930
import com.fasterxml.jackson.annotation.JsonProperty;
3031
import com.yubico.internal.util.CollectionUtil;
3132
import com.yubico.webauthn.data.exception.Base64UrlException;
@@ -49,6 +50,7 @@
4950
* Information About Public Key Credential (interface AuthenticatorAttestationResponse) </a>
5051
*/
5152
@Value
53+
@JsonIgnoreProperties({"publicKey", "publicKeyAlgorithm"})
5254
public class AuthenticatorAttestationResponse implements AuthenticatorResponse {
5355

5456
/**

webauthn-server-core/src/test/scala/com/yubico/webauthn/data/JsonIoSpec.scala

Lines changed: 42 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,10 +25,12 @@
2525
package com.yubico.webauthn.data
2626

2727
import com.fasterxml.jackson.core.`type`.TypeReference
28+
import com.fasterxml.jackson.databind.JsonNode
2829
import com.fasterxml.jackson.databind.ObjectMapper
2930
import com.fasterxml.jackson.databind.exc.ValueInstantiationException
3031
import com.fasterxml.jackson.databind.json.JsonMapper
3132
import com.fasterxml.jackson.databind.node.BooleanNode
33+
import com.fasterxml.jackson.databind.node.JsonNodeFactory
3234
import com.fasterxml.jackson.databind.node.ObjectNode
3335
import com.fasterxml.jackson.databind.node.TextNode
3436
import com.fasterxml.jackson.datatype.jdk8.Jdk8Module
@@ -44,6 +46,7 @@ import com.yubico.webauthn.extension.appid.Generators._
4446
import org.junit.runner.RunWith
4547
import org.scalacheck.Arbitrary
4648
import org.scalacheck.Arbitrary.arbitrary
49+
import org.scalacheck.Gen
4750
import org.scalatest.funspec.AnyFunSpec
4851
import org.scalatest.matchers.should.Matchers
4952
import org.scalatestplus.junit.JUnitRunner
@@ -62,6 +65,7 @@ class JsonIoSpec
6265
.builder()
6366
.addModule(new Jdk8Module())
6467
.build()
68+
val jf: JsonNodeFactory = JsonNodeFactory.instance
6569

6670
describe("The class") {
6771

@@ -392,6 +396,44 @@ class JsonIoSpec
392396
]]() {}
393397
)
394398
}
399+
400+
describe("""tolerates and ignores the "response" sub-attribute:""") {
401+
def test[T <: JsonNode](attrName: String, genAttrValue: Gen[T]): Unit = {
402+
type P = PublicKeyCredential[
403+
AuthenticatorAttestationResponse,
404+
ClientRegistrationExtensionOutputs,
405+
]
406+
it(s"${attrName}.") {
407+
forAll(
408+
arbitrary[P],
409+
genAttrValue,
410+
) { (value: P, attrValue: T) =>
411+
val tree: ObjectNode = json.valueToTree(value)
412+
tree
413+
.get("response")
414+
.asInstanceOf[ObjectNode]
415+
.set(attrName, attrValue)
416+
val encoded = json.writeValueAsString(tree)
417+
val decoded =
418+
PublicKeyCredential.parseRegistrationResponseJson(encoded)
419+
val recoded: ObjectNode = json.valueToTree[ObjectNode](decoded)
420+
recoded.has(attrName) should be(false)
421+
}
422+
}
423+
}
424+
425+
test(
426+
"publicKeyAlgorithm",
427+
arbitraryCOSEAlgorithmIdentifier.arbitrary.map(i =>
428+
jf.numberNode(i.getId)
429+
),
430+
)
431+
432+
test(
433+
"publicKey",
434+
arbitrary[String].map(new TextNode(_)),
435+
)
436+
}
395437
}
396438

397439
describe("The function PublicKeyCredential.parseAssertionResponseJson") {

0 commit comments

Comments
 (0)