Skip to content

Commit

Permalink
[deps]: Update nuget minor (#755)
Browse files Browse the repository at this point in the history 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Jonas Hendrickx <[email protected]>
  • Loading branch information
@renovate @jonashendrickx
renovate[bot] and jonashendrickx authored Nov 1, 2024
1 parent 4041a6a commit e1fb5c3
Show file tree
Hide file tree
Showing 6 changed files with 41 additions and 33 deletions.
2 changes: 1 addition & 1 deletion src/AdminConsole/AdminConsole.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@

<ItemGroup>
<PackageReference Include="Azure.Extensions.AspNetCore.DataProtection.Keys" Version="1.2.4" />
<PackageReference Include="Azure.Identity" Version="1.13.0" />
<PackageReference Include="Azure.Identity" Version="1.13.1" />
<PackageReference Include="Datadog.Trace" Version="3.2.0" />
<PackageReference Include="Humanizer.Core" Version="2.14.1" />
<PackageReference Include="Microsoft.AspNetCore.DataProtection.EntityFrameworkCore" Version="8.0.10" />
Expand Down
6 changes: 3 additions & 3 deletions src/Common/Common.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,8 +5,8 @@
</PropertyGroup>

<ItemGroup>
<PackageReference Include="Fido2" Version="4.0.0-beta.13" />
<PackageReference Include="Fido2.Models" Version="4.0.0-beta.13" />
<PackageReference Include="Fido2" Version="4.0.0-beta.14" />
<PackageReference Include="Fido2.Models" Version="4.0.0-beta.14" />
<PackageReference Include="HtmlSanitizer" Version="8.2.871-beta" />
<PackageReference Include="MailKit" Version="4.8.0" />
<PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.10" />
Expand All @@ -18,7 +18,7 @@
<PackageReference Include="Serilog.Sinks.Seq" Version="8.0.0" />
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.9.0" />
<PackageReference Include="System.Configuration.ConfigurationManager" Version="8.0.1" />
<PackageReference Include="AWSSDK.SimpleEmailV2" Version="3.7.403.1" />
<PackageReference Include="AWSSDK.SimpleEmailV2" Version="3.7.404" />
<PackageReference Include="SendGrid" Version="9.29.3" />
</ItemGroup>

Expand Down
57 changes: 33 additions & 24 deletions src/Service/Fido2Service.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -182,15 +182,21 @@ public async Task<TokenResponse> RegisterCompleteAsync(RegistrationCompleteDTO r

var fido2 = GetFido2Instance(request, _metadataService);

MakeNewCredentialResult success;
RegisteredPublicKeyCredential success;

try
{
success = await fido2.MakeNewCredentialAsync(request.Response, session.Options, async (args, _) =>
var makeNewCredentialParams = new MakeNewCredentialParams
{
bool exists = await _storage.ExistsAsync(args.CredentialId);
return !exists;
});
AttestationResponse = request.Response,
OriginalOptions = session.Options,
IsCredentialIdUniqueToUserCallback = async (args, _) =>
{
bool exists = await _storage.ExistsAsync(args.CredentialId);
return !exists;
}
};
success = await fido2.MakeNewCredentialAsync(makeNewCredentialParams);
}
catch (Fido2VerificationException e)
{
Expand All @@ -204,13 +210,13 @@ public async Task<TokenResponse> RegisterCompleteAsync(RegistrationCompleteDTO r
{
var configuredAuthenticators = await _storage.GetAuthenticatorsAsync();
var blacklist = configuredAuthenticators.Where(x => !x.IsAllowed).ToImmutableList();
if (blacklist.Any() && blacklist.Any(x => x.AaGuid == success.Result!.AaGuid))
if (blacklist.Any() && blacklist.Any(x => x.AaGuid == success.AaGuid))
{
throw new ApiException("authenticator_not_allowed", "The authenticator is on the blocklist and is not allowed to be used for registration.", 400);
}

var whitelist = configuredAuthenticators.Where(x => x.IsAllowed).ToImmutableList();
if (whitelist.Any() && whitelist.All(x => x.AaGuid != success.Result!.AaGuid))
if (whitelist.Any() && whitelist.All(x => x.AaGuid != success.AaGuid))
{
if (session.Options.Attestation == AttestationConveyancePreference.None)
{
Expand All @@ -220,7 +226,7 @@ public async Task<TokenResponse> RegisterCompleteAsync(RegistrationCompleteDTO r
}
}

var userId = Encoding.UTF8.GetString(success.Result.User.Id);
var userId = Encoding.UTF8.GetString(success.User.Id);

// Add aliases
try
Expand All @@ -237,25 +243,25 @@ public async Task<TokenResponse> RegisterCompleteAsync(RegistrationCompleteDTO r
}

var now = _timeProvider.GetUtcNow().UtcDateTime;
var descriptor = new PublicKeyCredentialDescriptor(success.Result.Id);
var descriptor = new PublicKeyCredentialDescriptor(success.Id);

await _storage.AddCredentialToUser(session.Options.User, new StoredCredential
{
Descriptor = descriptor,
PublicKey = success.Result.PublicKey,
UserHandle = success.Result.User.Id,
SignatureCounter = success.Result.SignCount,
AttestationFmt = success.Result.AttestationFormat,
PublicKey = success.PublicKey,
UserHandle = success.User.Id,
SignatureCounter = success.SignCount,
AttestationFmt = success.AttestationFormat,
CreatedAt = now,
LastUsedAt = now,
Device = deviceInfo,
Country = country,
AaGuid = success.Result.AaGuid,
AaGuid = success.AaGuid,
RPID = request.RPID,
Origin = request.Origin,
Nickname = request.Nickname,
BackupState = success.Result.IsBackedUp,
IsBackupEligible = success.Result.IsBackupEligible,
BackupState = success.IsBackedUp,
IsBackupEligible = success.IsBackupEligible,
IsDiscoverable = request.Response.ClientExtensionResults?.CredProps?.Rk,
});

Expand All @@ -266,7 +272,7 @@ public async Task<TokenResponse> RegisterCompleteAsync(RegistrationCompleteDTO r
Origin = request.Origin,
RpId = session.Options.Rp.Id,
Timestamp = _timeProvider.GetUtcNow().UtcDateTime,
CredentialId = success.Result.Id,
CredentialId = success.Id,
Device = deviceInfo,
Country = country,
Nickname = request.Nickname,
Expand Down Expand Up @@ -383,13 +389,16 @@ public async Task<TokenResponse> SignInCompleteAsync(SignInCompleteDTO request,

// Make the assertion
var storedCredentials = (await _storage.GetCredentialsByUserIdAsync(request.Session)).Select(c => c.PublicKey).ToList();
var res = await fido2.MakeAssertionAsync(
request.Response,
authenticationSessionConfiguration.Options,
credential.PublicKey,
storedCredentials,
credential.SignatureCounter,
callback);
var makeAssertionParams = new MakeAssertionParams
{
AssertionResponse = request.Response,
OriginalOptions = authenticationSessionConfiguration.Options,
StoredPublicKey = credential.PublicKey,
StoredDevicePublicKeys = storedCredentials,
StoredSignatureCounter = credential.SignatureCounter,
IsUserHandleOwnerOfCredentialIdCallback = callback
};
var res = await fido2.MakeAssertionAsync(makeAssertionParams);

// Store the updated counter
await _storage.UpdateCredential(res.CredentialId, res.SignCount, country, device);
Expand Down
6 changes: 3 additions & 3 deletions src/Service/Service.csproj
View file
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
<Project Sdk="Microsoft.NET.Sdk">

<ItemGroup>
<PackageReference Include="Fido2" Version="4.0.0-beta.13" />
<PackageReference Include="Fido2.AspNet" Version="4.0.0-beta.13" />
<PackageReference Include="Fido2.Models" Version="4.0.0-beta.13" />
<PackageReference Include="Fido2" Version="4.0.0-beta.14" />
<PackageReference Include="Fido2.AspNet" Version="4.0.0-beta.14" />
<PackageReference Include="Fido2.Models" Version="4.0.0-beta.14" />
<PackageReference Include="Humanizer.Core" Version="2.14.1" />
<PackageReference Include="MessagePack" Version="2.5.187" />
<PackageReference Include="MessagePackAnalyzer" Version="2.5.187">
Expand Down
2 changes: 1 addition & 1 deletion tests/Api.IntegrationTests/Api.IntegrationTests.csproj
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
<PackageReference Include="Microsoft.AspNetCore.Mvc.Testing" Version="8.0.10"/>
<PackageReference Include="Microsoft.Extensions.TimeProvider.Testing" Version="8.10.0" />
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1"/>
<PackageReference Include="Selenium.WebDriver" Version="4.25.0"/>
<PackageReference Include="Selenium.WebDriver" Version="4.26.1"/>
<PackageReference Include="Testcontainers.MsSql" Version="3.10.0"/>
<PackageReference Include="xunit" Version="2.9.2"/>
<PackageReference Include="xunit.runner.visualstudio" Version="2.8.2">
Expand Down
1 change: 0 additions & 1 deletion tests/Api.IntegrationTests/Endpoints/SignIn/SignInTests.cs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,6 @@ public async Task I_can_retrieve_assertion_options_to_begin_sign_in()
signInResponse.Should().NotBeNull();
signInResponse!.Session.Should().StartWith("session_");
signInResponse.Data.RpId.Should().Be(request.RPID);
signInResponse.Data.Status.Should().Be("ok");
}

[Fact]
Expand Down

0 comments on commit e1fb5c3

Please sign in to comment.