fixup! Add user verification to webauthn challenges

nextcloud · May 1, 2024 · 413b098 · 413b098
1 parent a7c5308
commit 413b098
Show file tree

Hide file tree

Showing 4 changed files with 6 additions and 6 deletions.
diff --git a/core/Migrations/Version29000Date20240324113502.php b/core/Migrations/Version29000Date20240324113502.php
@@ -40,7 +40,7 @@ public function changeSchema(IOutput $output, Closure $schemaClosure, array $opt
 		$schema = $schemaClosure();
 
 		$table = $schema->getTable('webauthn');
-		$table->addColumn('user_verification', Types::BOOLEAN, ['notnull' => true, 'default' => false]);
+		$table->addColumn('user_verification', Types::BOOLEAN, ['notnull' => false, 'default' => false]);
 		return $schema;
 	}
 }
diff --git a/lib/private/Authentication/WebAuthn/Db/PublicKeyCredentialEntity.php b/lib/private/Authentication/WebAuthn/Db/PublicKeyCredentialEntity.php
@@ -41,8 +41,8 @@
  * @method void setPublicKeyCredentialId(string $id);
  * @method string getData();
  * @method void setData(string $data);
- * @since 29.0.0
- * @method bool getUserVerification();
+ * @since 30.0.0
+ * @method bool|null getUserVerification();
  * @method void setUserVerification(bool $userVerification);
  */
 class PublicKeyCredentialEntity extends Entity implements JsonSerializable {
@@ -58,7 +58,7 @@ class PublicKeyCredentialEntity extends Entity implements JsonSerializable {
 	/** @var string */
 	protected $data;
 
-	/** @var bool */
+	/** @var bool|null */
 	protected $userVerification;
 
 	public function __construct() {

diff --git a/lib/private/Authentication/WebAuthn/Manager.php b/lib/private/Authentication/WebAuthn/Manager.php
@@ -150,7 +150,6 @@ public function finishRegister(PublicKeyCredentialCreationOptions $publicKeyCred
 			// Load the data
 			$publicKeyCredential = $publicKeyCredentialLoader->load($data);
 			$response = $publicKeyCredential->response;
-			$userVerification = $response->getAttestationObject()->getAuthData()->isUserVerified();
 
 			// Check if the response is an Authenticator Attestation Response
 			if (!$response instanceof AuthenticatorAttestationResponse) {
@@ -171,6 +170,7 @@ public function finishRegister(PublicKeyCredentialCreationOptions $publicKeyCred
 		}
 
 		// Persist the data
+		$userVerification = $response->attestationObject->authData->isUserVerified();
 		return $this->repository->saveAndReturnCredentialSource($publicKeyCredentialSource, $name, $userVerification);
 	}
 

diff --git a/version.php b/version.php
@@ -30,7 +30,7 @@
 // between betas, final and RCs. This is _not_ the public version number. Reset minor/patch level
 // when updating major/minor version number.
 
-$OC_Version = [30, 0, 0, 0];
+$OC_Version = [30, 0, 0, 1];
 
 // The human-readable string
 $OC_VersionString = '30.0.0 dev';