Closed jwag956 closed 1 year ago
Thanks for the comments - I will try tests again once 1.11 is out. I changed the test since my understanding is that these tests are faking up an AuthenticationAssertionResponse - which is a client to RP data structure which the spec dictates the data types for. An RP never creates an AuthenticationAssertionResponse. An RP may, in the case of say user_handle - strore ITS version as a memory view or bytes - and wants to be able to compare that to a properly decoded AuthenticationAssertionResponse - which the current code doesn't properly decode.
The gist of this PR is to say that how client data structures are decoded should be dictated by the spec, not by python/pydantic data structures)
This was an overly-aggressive change - working on something more focused....
Instead of relying on input types to drive conversion - set up a field_validator that enumerates all spec-defined base64 fields and convert them. Remove the base64url decoding from the generic field_validator.
change (and delete) some tests around use of memoryviews and other bytes equivalents - the idea is that the RP needs the flexibility to store its values in any bytes-equivalent manner - but the responses from the authenticator needs to follow the spec.
closes #168