root
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Actions 26 Packages Projects Releases Wiki Activity

Fix credential parameters conversion to WebAuthn4j 

Replace comparison with != operator by an .equals() comparison based on text value.
The 2 objects have the same value in most setups, but not when used in conjunction with Spring Session for example, as the object in session is built for each request

Signed-off-by: ltanguy <loeiz.tanguy@gmail.com>
This commit is contained in:
ltanguy 2025-06-10 14:56:13 +02:00 committed by GitHub
parent d0db5e3ea3
commit 92048529d2
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
web/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java
View File

@ -304,7 +304,7 @@ public class Webauthn4JRelyingPartyOperations implements WebAuthnRelyingPartyOpe
private com.webauthn4j.data.PublicKeyCredentialParameters convertParamToWebauthn4j( private com.webauthn4j.data.PublicKeyCredentialParameters convertParamToWebauthn4j(
PublicKeyCredentialParameters parameter) { PublicKeyCredentialParameters parameter) {
if (parameter.getType() != PublicKeyCredentialType.PUBLIC_KEY) { if (!PublicKeyCredentialType.PUBLIC_KEY.getValue().equals(parameter.getType().getValue())) {
throw new IllegalArgumentException( throw new IllegalArgumentException(
"Cannot convert unknown credential type " + parameter.getType() + " to webauthn4j"); "Cannot convert unknown credential type " + parameter.getType() + " to webauthn4j");
} }