Closed bmd007 closed 1 year ago
As noted in https://github.com/Yubico/java-webauthn-server/issues/300#issuecomment-1607270555, I see no issue with the code as is. [AssertionRequest.toCredentialsCreateJson()
](https://developers.yubico.com/java-webauthn-server/JavaDoc/webauthn-server-core/2.4.1/com/yubico/webauthn/AssertionRequest.html#toCredentialsGetJson()) omits empty optional values from the serialization result, and the default value of allowCredentials
in the WebAuthn API is []
. This is working as intended.
As noted in #300 (comment), I see no issue with the code as is. [
AssertionRequest.toCredentialsCreateJson()
](https://developers.yubico.com/java-webauthn-server/JavaDoc/webauthn-server-core/2.4.1/com/yubico/webauthn/AssertionRequest.html#toCredentialsGetJson()) omits empty optional values from the serialization result, and the default value ofallowCredentials
in the WebAuthn API is[]
. This is working as intended.
the java code, as I pointed to the line, results in a null instead of []. Please simply debug the flow. Not a complicated thing to try.
I did attempt to debug the flow, but found no issue like what you describe (though I did find a different one, see https://github.com/Yubico/java-webauthn-server/issues/300#issuecomment-1620084015). What results in null?
I did attempt to debug the flow, but found no issue like what you describe (though I did find a different one, see #300 (comment)). What results in null?
please check my comments on the corresponding issue. I have provided screenshots and possible theories
Thank you, I've replied in #300.
Suggesting this PR as a fix fir the issues discussed in https://github.com/Yubico/java-webauthn-server/issues/300. Basically, allowCredential being an empty optional is not enough for username less flow. It should be an empty list. Fundamentally, a list wrapped by an optional is a bad idea but itself. But solving that issue would have taken too much time.