Skip to content

Commit 67634f8

Browse files
authored
Merge pull request #376 from Yubico/fido-mds-unknown-fields
Fix FidoMetadataDownloader failure on unknown properties
2 parents fed0930 + 63bc71b commit 67634f8

File tree

8 files changed

+83
-18
lines changed

8 files changed

+83
-18
lines changed
Lines changed: 52 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
# This name is shown in the status badge in the README
2+
name: integration-test
3+
4+
on:
5+
push:
6+
branches:
7+
- main
8+
- 'release-*'
9+
schedule:
10+
# Run once a week to check compatibility with new FIDO MDS blob contents
11+
- cron: '0 0 * * 1'
12+
13+
jobs:
14+
test:
15+
name: JDK ${{ matrix.java }} ${{ matrix.distribution }}
16+
17+
runs-on: ubuntu-latest
18+
strategy:
19+
matrix:
20+
java: [17]
21+
distribution: [temurin]
22+
23+
outputs:
24+
report-java: 17
25+
report-dist: temurin
26+
27+
steps:
28+
- name: Check out code
29+
uses: actions/checkout@v4
30+
31+
- name: Set up JDK ${{ matrix.java }}
32+
uses: actions/setup-java@v4
33+
with:
34+
java-version: ${{ matrix.java }}
35+
distribution: ${{ matrix.distribution }}
36+
37+
- name: Run integration tests
38+
run: ./gradlew integrationTest
39+
40+
- name: Archive HTML test report
41+
if: ${{ always() }}
42+
uses: actions/upload-artifact@v4
43+
with:
44+
name: test-reports-java${{ matrix.java }}-${{ matrix.distribution }}-html
45+
path: "*/build/reports/**"
46+
47+
- name: Archive JUnit test report
48+
if: ${{ always() }}
49+
uses: actions/upload-artifact@v4
50+
with:
51+
name: test-reports-java${{ matrix.java }}-${{ matrix.distribution }}-xml
52+
path: "*/build/test-results/**/*.xml"

NEWS

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,13 @@
1+
== Version 2.5.3 (unreleased) ==
2+
3+
`webauthn-server-attestation`:
4+
5+
Fixes:
6+
7+
* `FidoMetadataDownloader` no longer rejects FIDO MDS metadata BLOBs with
8+
unknown properties.
9+
10+
111
== Version 2.5.2 ==
212

313
Fixes:

buildSrc/build.gradle.kts

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -10,12 +10,12 @@ repositories {
1010
}
1111

1212
dependencies {
13-
implementation("info.solidsoft.gradle.pitest:gradle-pitest-plugin:1.9.11")
13+
implementation("info.solidsoft.gradle.pitest:gradle-pitest-plugin:1.15.0")
1414
implementation("io.franzbecker:gradle-lombok:5.0.0")
1515

1616
// Spotless dropped Java 8 support in version 2.33.0
1717
if (JavaVersion.current().isJava11Compatible) {
18-
implementation("com.diffplug.spotless:spotless-plugin-gradle:6.19.0")
19-
implementation("io.github.cosmicsilence:gradle-scalafix:0.1.14")
18+
implementation("com.diffplug.spotless:spotless-plugin-gradle:6.25.0")
19+
implementation("io.github.cosmicsilence:gradle-scalafix:0.2.2")
2020
}
2121
}

buildSrc/src/main/groovy/project-convention-code-formatting-internal.gradle

Lines changed: 4 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,9 +13,10 @@ spotless {
1313
scalafix {
1414
configFile.set(project.rootProject.file("scalafix.conf"))
1515

16-
// Work around dependency resolution issues in April 2022
17-
semanticdb.autoConfigure.set(true)
18-
semanticdb.version.set("4.5.5")
16+
if (project.name != "yubico-util-scala") {
17+
// yubico-util-scala is the only subproject with Scala sources in the "main" source set
18+
ignoreSourceSets.add("main")
19+
}
1920
}
2021

2122
project.dependencies.scalafix("com.github.liancheng:organize-imports_2.13:0.6.0")

buildSrc/src/main/kotlin/project-convention-pitest.gradle.kts

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@ plugins {
44
}
55

66
pitest {
7-
pitestVersion.set("1.9.5")
7+
pitestVersion.set("1.15.0")
88
timestampedReports.set(false)
99

1010
outputFormats.set(listOf("XML", "HTML"))

test-platform/build.gradle.kts

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -9,12 +9,12 @@ dependencies {
99
api("junit:junit:4.13.2")
1010
api("org.bouncycastle:bcpkix-jdk18on:[1.62,2)")
1111
api("org.bouncycastle:bcprov-jdk18on:[1.62,2)")
12-
api("org.mockito:mockito-core:4.7.0")
13-
api("org.scalacheck:scalacheck_2.13:1.16.0")
14-
api("org.scalatest:scalatest_2.13:3.2.13")
15-
api("org.scalatestplus:junit-4-13_2.13:3.2.13.0")
16-
api("org.scalatestplus:scalacheck-1-16_2.13:3.2.13.0")
17-
api("org.slf4j:slf4j-nop:2.0.3")
12+
api("org.mockito:mockito-core:4.11.0")
13+
api("org.scalacheck:scalacheck_2.13:1.18.0")
14+
api("org.scalatest:scalatest_2.13:3.2.18")
15+
api("org.scalatestplus:junit-4-13_2.13:3.2.18.0")
16+
api("org.scalatestplus:scalacheck-1-16_2.13:3.2.14.0")
17+
api("org.slf4j:slf4j-nop:2.0.13")
1818
api("uk.org.lidalia:slf4j-test:1.2.0")
1919
}
2020
}

webauthn-server-attestation/src/main/java/com/yubico/fido/metadata/FidoMetadataDownloader.java

Lines changed: 1 addition & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,6 @@
2525
package com.yubico.fido.metadata;
2626

2727
import com.fasterxml.jackson.core.Base64Variants;
28-
import com.fasterxml.jackson.databind.DeserializationFeature;
2928
import com.fasterxml.jackson.databind.ObjectMapper;
3029
import com.yubico.fido.metadata.FidoMetadataDownloaderException.Reason;
3130
import com.yubico.internal.util.BinaryUtil;
@@ -1172,9 +1171,7 @@ private static ParseResult parseBlob(ByteArray jwt) throws IOException, Base64Ur
11721171
final ByteArray jwtSignature = ByteArray.fromBase64Url(s.next());
11731172

11741173
final ObjectMapper headerJsonMapper =
1175-
com.yubico.internal.util.JacksonCodecs.json()
1176-
.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, true)
1177-
.setBase64Variant(Base64Variants.MIME_NO_LINEFEEDS);
1174+
JacksonCodecs.json().setBase64Variant(Base64Variants.MIME_NO_LINEFEEDS);
11781175

11791176
return new ParseResult(
11801177
new MetadataBLOB(

webauthn-server-attestation/src/main/java/com/yubico/fido/metadata/JacksonCodecs.java

Lines changed: 6 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -5,8 +5,13 @@
55

66
class JacksonCodecs {
77

8-
static ObjectMapper jsonWithDefaultEnums() {
8+
static ObjectMapper json() {
99
return com.yubico.internal.util.JacksonCodecs.json()
10+
.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, false);
11+
}
12+
13+
static ObjectMapper jsonWithDefaultEnums() {
14+
return json()
1015
.configure(DeserializationFeature.READ_UNKNOWN_ENUM_VALUES_USING_DEFAULT_VALUE, true);
1116
}
1217
}

0 commit comments

Comments
 (0)