From e1fb5c3d9a8a873d0e40a2642b57eae9b27fff0e Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 1 Nov 2024 08:01:19 +0100
Subject: [PATCH] [deps]: Update nuget minor (#755)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Jonas Hendrickx <jhendrickx@bitwarden.com>
---
 src/AdminConsole/AdminConsole.csproj          |  2 +-
 src/Common/Common.csproj                      |  6 +-
 src/Service/Fido2Service.cs                   | 57 +++++++++++--------
 src/Service/Service.csproj                    |  6 +-
 .../Api.IntegrationTests.csproj               |  2 +-
 .../Endpoints/SignIn/SignInTests.cs           |  1 -
 6 files changed, 41 insertions(+), 33 deletions(-)

diff --git a/src/AdminConsole/AdminConsole.csproj b/src/AdminConsole/AdminConsole.csproj
index 758d39ff1..84779dee4 100644
--- a/src/AdminConsole/AdminConsole.csproj
+++ b/src/AdminConsole/AdminConsole.csproj
@@ -6,7 +6,7 @@
 
   <ItemGroup>
     <PackageReference Include="Azure.Extensions.AspNetCore.DataProtection.Keys" Version="1.2.4" />
-    <PackageReference Include="Azure.Identity" Version="1.13.0" />
+    <PackageReference Include="Azure.Identity" Version="1.13.1" />
     <PackageReference Include="Datadog.Trace" Version="3.2.0" />
     <PackageReference Include="Humanizer.Core" Version="2.14.1" />
     <PackageReference Include="Microsoft.AspNetCore.DataProtection.EntityFrameworkCore" Version="8.0.10" />
diff --git a/src/Common/Common.csproj b/src/Common/Common.csproj
index 1c04deb15..40d8d651f 100644
--- a/src/Common/Common.csproj
+++ b/src/Common/Common.csproj
@@ -5,8 +5,8 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <PackageReference Include="Fido2" Version="4.0.0-beta.13" />
-    <PackageReference Include="Fido2.Models" Version="4.0.0-beta.13" />
+    <PackageReference Include="Fido2" Version="4.0.0-beta.14" />
+    <PackageReference Include="Fido2.Models" Version="4.0.0-beta.14" />
     <PackageReference Include="HtmlSanitizer" Version="8.2.871-beta" />
     <PackageReference Include="MailKit" Version="4.8.0" />
     <PackageReference Include="Microsoft.AspNetCore.OpenApi" Version="8.0.10" />
@@ -18,7 +18,7 @@
     <PackageReference Include="Serilog.Sinks.Seq" Version="8.0.0" />
     <PackageReference Include="Swashbuckle.AspNetCore" Version="6.9.0" />
     <PackageReference Include="System.Configuration.ConfigurationManager" Version="8.0.1" />
-    <PackageReference Include="AWSSDK.SimpleEmailV2" Version="3.7.403.1" />
+    <PackageReference Include="AWSSDK.SimpleEmailV2" Version="3.7.404" />
     <PackageReference Include="SendGrid" Version="9.29.3" />
   </ItemGroup>
 
diff --git a/src/Service/Fido2Service.cs b/src/Service/Fido2Service.cs
index 6ea62733f..5ab3261d0 100644
--- a/src/Service/Fido2Service.cs
+++ b/src/Service/Fido2Service.cs
@@ -182,15 +182,21 @@ public async Task<TokenResponse> RegisterCompleteAsync(RegistrationCompleteDTO r
 
         var fido2 = GetFido2Instance(request, _metadataService);
 
-        MakeNewCredentialResult success;
+        RegisteredPublicKeyCredential success;
 
         try
         {
-            success = await fido2.MakeNewCredentialAsync(request.Response, session.Options, async (args, _) =>
+            var makeNewCredentialParams = new MakeNewCredentialParams
             {
-                bool exists = await _storage.ExistsAsync(args.CredentialId);
-                return !exists;
-            });
+                AttestationResponse = request.Response,
+                OriginalOptions = session.Options,
+                IsCredentialIdUniqueToUserCallback = async (args, _) =>
+                {
+                    bool exists = await _storage.ExistsAsync(args.CredentialId);
+                    return !exists;
+                }
+            };
+            success = await fido2.MakeNewCredentialAsync(makeNewCredentialParams);
         }
         catch (Fido2VerificationException e)
         {
@@ -204,13 +210,13 @@ public async Task<TokenResponse> RegisterCompleteAsync(RegistrationCompleteDTO r
         {
             var configuredAuthenticators = await _storage.GetAuthenticatorsAsync();
             var blacklist = configuredAuthenticators.Where(x => !x.IsAllowed).ToImmutableList();
-            if (blacklist.Any() && blacklist.Any(x => x.AaGuid == success.Result!.AaGuid))
+            if (blacklist.Any() && blacklist.Any(x => x.AaGuid == success.AaGuid))
             {
                 throw new ApiException("authenticator_not_allowed", "The authenticator is on the blocklist and is not allowed to be used for registration.", 400);
             }
 
             var whitelist = configuredAuthenticators.Where(x => x.IsAllowed).ToImmutableList();
-            if (whitelist.Any() && whitelist.All(x => x.AaGuid != success.Result!.AaGuid))
+            if (whitelist.Any() && whitelist.All(x => x.AaGuid != success.AaGuid))
             {
                 if (session.Options.Attestation == AttestationConveyancePreference.None)
                 {
@@ -220,7 +226,7 @@ public async Task<TokenResponse> RegisterCompleteAsync(RegistrationCompleteDTO r
             }
         }
 
-        var userId = Encoding.UTF8.GetString(success.Result.User.Id);
+        var userId = Encoding.UTF8.GetString(success.User.Id);
 
         // Add aliases
         try
@@ -237,25 +243,25 @@ public async Task<TokenResponse> RegisterCompleteAsync(RegistrationCompleteDTO r
         }
 
         var now = _timeProvider.GetUtcNow().UtcDateTime;
-        var descriptor = new PublicKeyCredentialDescriptor(success.Result.Id);
+        var descriptor = new PublicKeyCredentialDescriptor(success.Id);
 
         await _storage.AddCredentialToUser(session.Options.User, new StoredCredential
         {
             Descriptor = descriptor,
-            PublicKey = success.Result.PublicKey,
-            UserHandle = success.Result.User.Id,
-            SignatureCounter = success.Result.SignCount,
-            AttestationFmt = success.Result.AttestationFormat,
+            PublicKey = success.PublicKey,
+            UserHandle = success.User.Id,
+            SignatureCounter = success.SignCount,
+            AttestationFmt = success.AttestationFormat,
             CreatedAt = now,
             LastUsedAt = now,
             Device = deviceInfo,
             Country = country,
-            AaGuid = success.Result.AaGuid,
+            AaGuid = success.AaGuid,
             RPID = request.RPID,
             Origin = request.Origin,
             Nickname = request.Nickname,
-            BackupState = success.Result.IsBackedUp,
-            IsBackupEligible = success.Result.IsBackupEligible,
+            BackupState = success.IsBackedUp,
+            IsBackupEligible = success.IsBackupEligible,
             IsDiscoverable = request.Response.ClientExtensionResults?.CredProps?.Rk,
         });
 
@@ -266,7 +272,7 @@ public async Task<TokenResponse> RegisterCompleteAsync(RegistrationCompleteDTO r
             Origin = request.Origin,
             RpId = session.Options.Rp.Id,
             Timestamp = _timeProvider.GetUtcNow().UtcDateTime,
-            CredentialId = success.Result.Id,
+            CredentialId = success.Id,
             Device = deviceInfo,
             Country = country,
             Nickname = request.Nickname,
@@ -383,13 +389,16 @@ public async Task<TokenResponse> SignInCompleteAsync(SignInCompleteDTO request,
 
         // Make the assertion
         var storedCredentials = (await _storage.GetCredentialsByUserIdAsync(request.Session)).Select(c => c.PublicKey).ToList();
-        var res = await fido2.MakeAssertionAsync(
-            request.Response,
-            authenticationSessionConfiguration.Options,
-            credential.PublicKey,
-            storedCredentials,
-            credential.SignatureCounter,
-            callback);
+        var makeAssertionParams = new MakeAssertionParams
+        {
+            AssertionResponse = request.Response,
+            OriginalOptions = authenticationSessionConfiguration.Options,
+            StoredPublicKey = credential.PublicKey,
+            StoredDevicePublicKeys = storedCredentials,
+            StoredSignatureCounter = credential.SignatureCounter,
+            IsUserHandleOwnerOfCredentialIdCallback = callback
+        };
+        var res = await fido2.MakeAssertionAsync(makeAssertionParams);
 
         // Store the updated counter
         await _storage.UpdateCredential(res.CredentialId, res.SignCount, country, device);
diff --git a/src/Service/Service.csproj b/src/Service/Service.csproj
index dd4392440..a10c20bb2 100644
--- a/src/Service/Service.csproj
+++ b/src/Service/Service.csproj
@@ -1,9 +1,9 @@
 <Project Sdk="Microsoft.NET.Sdk">
 
   <ItemGroup>
-    <PackageReference Include="Fido2" Version="4.0.0-beta.13" />
-    <PackageReference Include="Fido2.AspNet" Version="4.0.0-beta.13" />
-    <PackageReference Include="Fido2.Models" Version="4.0.0-beta.13" />
+    <PackageReference Include="Fido2" Version="4.0.0-beta.14" />
+    <PackageReference Include="Fido2.AspNet" Version="4.0.0-beta.14" />
+    <PackageReference Include="Fido2.Models" Version="4.0.0-beta.14" />
     <PackageReference Include="Humanizer.Core" Version="2.14.1" />
     <PackageReference Include="MessagePack" Version="2.5.187" />
     <PackageReference Include="MessagePackAnalyzer" Version="2.5.187">
diff --git a/tests/Api.IntegrationTests/Api.IntegrationTests.csproj b/tests/Api.IntegrationTests/Api.IntegrationTests.csproj
index 07bcf36d0..1f749dab2 100644
--- a/tests/Api.IntegrationTests/Api.IntegrationTests.csproj
+++ b/tests/Api.IntegrationTests/Api.IntegrationTests.csproj
@@ -7,7 +7,7 @@
     <PackageReference Include="Microsoft.AspNetCore.Mvc.Testing" Version="8.0.10"/>
     <PackageReference Include="Microsoft.Extensions.TimeProvider.Testing" Version="8.10.0" />
     <PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.11.1"/>
-    <PackageReference Include="Selenium.WebDriver" Version="4.25.0"/>
+    <PackageReference Include="Selenium.WebDriver" Version="4.26.1"/>
     <PackageReference Include="Testcontainers.MsSql" Version="3.10.0"/>
     <PackageReference Include="xunit" Version="2.9.2"/>
     <PackageReference Include="xunit.runner.visualstudio" Version="2.8.2">
diff --git a/tests/Api.IntegrationTests/Endpoints/SignIn/SignInTests.cs b/tests/Api.IntegrationTests/Endpoints/SignIn/SignInTests.cs
index bb79931e0..bed3a1869 100644
--- a/tests/Api.IntegrationTests/Endpoints/SignIn/SignInTests.cs
+++ b/tests/Api.IntegrationTests/Endpoints/SignIn/SignInTests.cs
@@ -42,7 +42,6 @@ public async Task I_can_retrieve_assertion_options_to_begin_sign_in()
         signInResponse.Should().NotBeNull();
         signInResponse!.Session.Should().StartWith("session_");
         signInResponse.Data.RpId.Should().Be(request.RPID);
-        signInResponse.Data.Status.Should().Be("ok");
     }
 
     [Fact]