Closed manubo closed 1 year ago
Hi @manubo ! thank you for the agency on putting this PR up. For a multi-tenant usage of this gem, I'd recommend using our v3 which is in alpha right now but it's been highly tested at this point. We're about to release v3 alpha2 so please stayed tuned for https://github.com/cedarcode/webauthn-ruby/pull/368
Hi @brauliomartinezlm, thanks for your feedback. I have seen that #368 was merged, which is great. There is no v3 alpha2 tag yet, but I assume it's the same as master at the moment, right? I will give it a try, thanks for your support 👍🏼
Closed in favour of using v3 of this gem.
@manubo I've just released 3.0.0.alpha2. Hope it worked as you needed.
Yes, works like a charm, thanks @brauliomartinezlm 👍🏼
Both
WebAuthn::AuthenticatorAttestationResponse#verify
andWebAuthn::AuthenticatorAssertionResponse#verify
accept the parameter
expected_origin
, but the calling methodsPublicKeyCredentialWithAttestation#verify
andPublicKeyCredentialWithAssertion#verify
,respectively, do not.
We have a multi-tenant system where each tenant has its own subdomain and need to be able to pass the origin when validating the data.