stages/authenticator_validate: fix webauthn validation

This commit is contained in:
Jens Langhammer 2021-02-25 21:00:32 +01:00
parent b968adffc1
commit fbf2fe2404

View file

@ -17,7 +17,7 @@ from webauthn.webauthn import (
from authentik.core.models import User from authentik.core.models import User
from authentik.stages.authenticator_webauthn.models import WebAuthnDevice from authentik.stages.authenticator_webauthn.models import WebAuthnDevice
from authentik.stages.authenticator_webauthn.utils import generate_challenge from authentik.stages.authenticator_webauthn.utils import generate_challenge, get_origin
class DeviceChallenge(Serializer): class DeviceChallenge(Serializer):
@ -80,7 +80,7 @@ def validate_challenge_code(code: str, request: HttpRequest, user: User) -> str:
def validate_challenge_webauthn(data: dict, request: HttpRequest, user: User) -> dict: def validate_challenge_webauthn(data: dict, request: HttpRequest, user: User) -> dict:
"""Validate WebAuthn Challenge""" """Validate WebAuthn Challenge"""
challenge = request.session.get("challenge") challenge = request.session.get("challenge")
assertion_response = data["challenge"] assertion_response = data
credential_id = assertion_response.get("id") credential_id = assertion_response.get("id")
device = WebAuthnDevice.objects.filter(credential_id=credential_id).first() device = WebAuthnDevice.objects.filter(credential_id=credential_id).first()
@ -102,7 +102,7 @@ def validate_challenge_webauthn(data: dict, request: HttpRequest, user: User) ->
webauthn_user, webauthn_user,
assertion_response, assertion_response,
challenge, challenge,
request.build_absolute_uri("/"), get_origin(request),
uv_required=False, uv_required=False,
) # User Verification ) # User Verification