TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 05:07:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: provide domain in session, passkey and u2f (#6097)

Browse Source 
This fix provides a possibility to pass a domain on the session, which
will be used (as rpID) to create a passkey / u2f assertion and
attestation. This is useful in cases where the login UI is served under
a different domain / origin than the ZITADEL API.
This commit is contained in:
Livio Spring
2023-06-27 14:36:07 +02:00
committed by GitHub
parent d0cda1b479
commit bd5defa96a
32 changed files with 287 additions and 123 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/webauthn/converter.go
View File

@@ -7,10 +7,10 @@ import (
"github.com/zitadel/zitadel/internal/domain"
)
func WebAuthNsToCredentials(webAuthNs []*domain.WebAuthNToken) []webauthn.Credential {
func WebAuthNsToCredentials(webAuthNs []*domain.WebAuthNToken, rpID string) []webauthn.Credential {
creds := make([]webauthn.Credential, 0)
for _, webAuthN := range webAuthNs {
if webAuthN.State == domain.MFAStateReady {
if webAuthN.State == domain.MFAStateReady && webAuthN.RPID == rpID {
creds = append(creds, webauthn.Credential{
ID: webAuthN.KeyID,
PublicKey: webAuthN.PublicKey,