Closed jjjacksn closed 1 year ago
Hello @jjjacksn, thanks for calling this out. Way back when I defined transports
in the same place in SimpleWebAuthn (in PublicKeyCredential
instead of within response
), but I recently moved transports
into response
as part of updating that library to accommodate the JSON data structures I got into the WebAuthn L3 draft here. Updating py_webauthn accordingly (which will include relocating transports
into response
too) will happen when I address #143.
Closing as a duplicate of #143.
@jjjacksn Following up on this, this issue should be addressed with the release just now of v1.8.0:
https://pypi.org/project/webauthn/1.8.0/
Please feel free to follow up if you notice anything off :v:
Thanks for the great project! It's been great to use getting started with WebAuthn in python.
However, I believe I have discovered a deviation from the WebAuthn spec in the struct helpers.
I discovered this while implementing a python backend using py-webauthn and a front end using SimpleWebAuthn.
py_webauthn's
RegistrationCredential
has a top leveltransports
attribute while SimpleWebAuthn has it at theresponse.transports
key path level in the AuthenticatorAttestationResponseJSON interface.From my quick reading of the WebAuthn 2.0 spec , it seems that having this data at
response.transports
is correct.