supporting empty allow credentials list (during authentication)

[bmd007]

Suggesting this PR as a fix fir the issues discussed in https://github.com/Yubico/java-webauthn-server/issues/300. Basically, allowCredential being an empty optional is not enough for username less flow. It should be an empty list. Fundamentally, a list wrapped by an optional is a bad idea but itself. But solving that issue would have taken too much time.

[emlun]

As noted in https://github.com/Yubico/java-webauthn-server/issues/300#issuecomment-1607270555, I see no issue with the code as is. [AssertionRequest.toCredentialsCreateJson()](https://developers.yubico.com/java-webauthn-server/JavaDoc/webauthn-server-core/2.4.1/com/yubico/webauthn/AssertionRequest.html#toCredentialsGetJson()) omits empty optional values from the serialization result, and the default value of allowCredentials in the WebAuthn API is []. This is working as intended.

[bmd007]

As noted in #300 (comment), I see no issue with the code as is. [AssertionRequest.toCredentialsCreateJson()](https://developers.yubico.com/java-webauthn-server/JavaDoc/webauthn-server-core/2.4.1/com/yubico/webauthn/AssertionRequest.html#toCredentialsGetJson()) omits empty optional values from the serialization result, and the default value of allowCredentials in the WebAuthn API is []. This is working as intended.

the java code, as I pointed to the line, results in a null instead of []. Please simply debug the flow. Not a complicated thing to try.

[emlun]

I did attempt to debug the flow, but found no issue like what you describe (though I did find a different one, see https://github.com/Yubico/java-webauthn-server/issues/300#issuecomment-1620084015). What results in null?

[bmd007]

I did attempt to debug the flow, but found no issue like what you describe (though I did find a different one, see #300 (comment)). What results in null?

please check my comments on the corresponding issue. I have provided screenshots and possible theories

[emlun]

Thank you, I've replied in #300.