search

Yubico / java-webauthn-server

Server-side Web Authentication library for Java https://www.w3.org/TR/webauthn/#rp-operations
Other
465 stars 142 forks source link

Using the library with Android 14 App causes jackson parsing error on finish registration #306

Closed emlun closed 1 year ago

emlun commented 1 year ago

Discussed in https://github.com/Yubico/java-webauthn-server/discussions/304

Originally posted by **notz** June 23, 2023 I get following error on finishing my passkey created on my android app with android 14: ``` com.fasterxml.jackson.databind.exc.UnrecognizedPropertyException: Unrecognized field "publicKeyAlgorithm" (class com.yubico.webauthn.data.AuthenticatorAttestationResponse), not marked as ignorable (3 known properties: "transports", "clientDataJSON", "attestationObject"]) ``` The generated publicCredential looks like this: ``` { "rawId": "2nTIub3-qA3CCizxdL2DlA", "authenticatorAttachment": "platform", "type": "public-key", "id": "2nTIub3-qA3CCizxdL2DlA", "response": { "clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uY3JlYXRlIiwiY2hhbGxlbmdlIjoiUDZCQkxiOHR2Q1A0N3dsb0JKdVl5cXR2bnkzbWk1QmRuR2FmXzBBZkcwbyIsIm9yaWdpbiI6ImFuZHJvaWQ6YXBrLWtleS1oYXNoOjB1YWV0UDVsQ3VkY3MwMmxaWDJadVgzS3VRSVY0TnFiamJaNnROd3E3UmciLCJhbmRyb2lkUGFja2FnZU5hbWUiOiJtZS5pbnN0YWhlbHAubGVnYWN5In0", "attestationObject": "o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YViU0p4WwdT8fFDK9UkjntJUIEAbq0V4Rjv0GNS1PLSuvsVdAAAAAAAAAAAAAAAAAAAAAAAAAAAAENp0yLm9_qgNwgos8XS9g5SlAQIDJiABIVggTY4v69AVAmDNXm8sLx__GplM2vppiwMmYbonLg5NmCsiWCBUDmsF0cVOP6pHJPF1HNGtKHu9ibZctv9BvCG1_sDyFw", "transports": ["internal", "hybrid"], "authenticatorData": "0p4WwdT8fFDK9UkjntJUIEAbq0V4Rjv0GNS1PLSuvsVdAAAAAAAAAAAAAAAAAAAAAAAAAAAAENp0yLm9_qgNwgos8XS9g5SlAQIDJiABIVggTY4v69AVAmDNXm8sLx__GplM2vppiwMmYbonLg5NmCsiWCBUDmsF0cVOP6pHJPF1HNGtKHu9ibZctv9BvCG1_sDyFw", "publicKeyAlgorithm": -7, "publicKey": "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAETY4v69AVAmDNXm8sLx__GplM2vppiwMmYbonLg5NmCtUDmsF0cVOP6pHJPF1HNGtKHu9ibZctv9BvCG1_sDyFw" }, "clientExtensionResults": { "credProps": { "rk": true } } } ``` It looks that the request should be allowed per spec: https://w3c.github.io/webauthn/#authenticatorattestationresponse Is this a bug?
emlun commented 1 year ago

@notz Thanks for the report! This is indeed a bug, and will be fixed in the 2.5.0 release.

emlun commented 1 year ago

Fixed in version 2.5.0-RC1, please try it out!

notz commented 1 year ago

@emlun i can confirm that the issue is fixed with 2.5.0-RC1

emlun commented 1 year ago

Thanks!