fix: pass necessary webauthn data through events (#1541)

2025-08-11 19:17:32 +00:00 · 2021-04-07 12:56:59 +02:00
parent 4d19652cd9
commit f889b85d42
5 changed files with 47 additions and 30 deletions
--- a/internal/repository/user/human_mfa_passwordless.go
+++ b/internal/repository/user/human_mfa_passwordless.go
@@ -2,8 +2,9 @@ package user

 import (
 	"context"
-	"github.com/caos/zitadel/internal/eventstore"

+	"github.com/caos/zitadel/internal/domain"
+	"github.com/caos/zitadel/internal/eventstore"
 	"github.com/caos/zitadel/internal/eventstore/repository"
 )

@@ -170,18 +171,20 @@ func NewHumanPasswordlessBeginLoginEvent(
 	ctx context.Context,
 	aggregate *eventstore.Aggregate,
 	challenge string,
+	allowedCredentialIDs [][]byte,
+	userVerification domain.UserVerificationRequirement,
 	info *AuthRequestInfo,
 ) *HumanPasswordlessBeginLoginEvent {
 	return &HumanPasswordlessBeginLoginEvent{
-		HumanWebAuthNBeginLoginEvent: *NewHumanWebAuthNBeginLoginEvent(
-			eventstore.NewBaseEventForPush(
-				ctx,
-				aggregate,
-				HumanPasswordlessTokenBeginLoginType,
-			),
-			challenge,
-			info,
+		HumanWebAuthNBeginLoginEvent: *NewHumanWebAuthNBeginLoginEvent(eventstore.NewBaseEventForPush(
+			ctx,
+			aggregate,
+			HumanPasswordlessTokenBeginLoginType,
 		),
+			challenge,
+			allowedCredentialIDs,
+			userVerification,
+			info),
 	}
 }

--- a/internal/repository/user/human_mfa_u2f.go
+++ b/internal/repository/user/human_mfa_u2f.go
@@ -2,8 +2,9 @@ package user

 import (
 	"context"
-	"github.com/caos/zitadel/internal/eventstore"

+	"github.com/caos/zitadel/internal/domain"
+	"github.com/caos/zitadel/internal/eventstore"
 	"github.com/caos/zitadel/internal/eventstore/repository"
 )

@@ -166,12 +167,7 @@ type HumanU2FBeginLoginEvent struct {
 	HumanWebAuthNBeginLoginEvent
 }

-func NewHumanU2FBeginLoginEvent(
-	ctx context.Context,
-	aggregate *eventstore.Aggregate,
-	challenge string,
-	info *AuthRequestInfo,
-) *HumanU2FBeginLoginEvent {
+func NewHumanU2FBeginLoginEvent(ctx context.Context, aggregate *eventstore.Aggregate, challenge string, allowedCredentialIDs [][]byte, userVerification domain.UserVerificationRequirement, info *AuthRequestInfo) *HumanU2FBeginLoginEvent {
 	return &HumanU2FBeginLoginEvent{
 		HumanWebAuthNBeginLoginEvent: *NewHumanWebAuthNBeginLoginEvent(
 			eventstore.NewBaseEventForPush(
@@ -180,6 +176,8 @@ func NewHumanU2FBeginLoginEvent(
 				HumanU2FTokenBeginLoginType,
 			),
 			challenge,
+			allowedCredentialIDs,
+			userVerification,
 			info,
 		),
 	}
--- a/internal/repository/user/human_mfa_web_auth_n.go
+++ b/internal/repository/user/human_mfa_web_auth_n.go
@@ -180,7 +180,9 @@ func HumanWebAuthNRemovedEventMapper(event *repository.Event) (eventstore.EventR
 type HumanWebAuthNBeginLoginEvent struct {
 	eventstore.BaseEvent `json:"-"`

-	Challenge string `json:"challenge"`
+	Challenge            string                             `json:"challenge"`
+	AllowedCredentialIDs [][]byte                           `json:"allowedCredentialIDs"`
+	UserVerification     domain.UserVerificationRequirement `json:"userVerification"`
 	*AuthRequestInfo
 }

@@ -192,15 +194,13 @@ func (e *HumanWebAuthNBeginLoginEvent) UniqueConstraints() []*eventstore.EventUn
 	return nil
 }

-func NewHumanWebAuthNBeginLoginEvent(
-	base *eventstore.BaseEvent,
-	challenge string,
-	info *AuthRequestInfo,
-) *HumanWebAuthNBeginLoginEvent {
+func NewHumanWebAuthNBeginLoginEvent(base *eventstore.BaseEvent, challenge string, allowedCredentialIDs [][]byte, userVerification domain.UserVerificationRequirement, info *AuthRequestInfo) *HumanWebAuthNBeginLoginEvent {
 	return &HumanWebAuthNBeginLoginEvent{
-		BaseEvent:       *base,
-		Challenge:       challenge,
-		AuthRequestInfo: info,
+		BaseEvent:            *base,
+		Challenge:            challenge,
+		AllowedCredentialIDs: allowedCredentialIDs,
+		UserVerification:     userVerification,
+		AuthRequestInfo:      info,
 	}
 }