diff options
| author | zeripath <art27@cantab.net> | 2022-01-15 16:52:56 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-01-15 17:52:56 +0100 |
| commit | d7c2a2951c6a0a85f43675c83d3d639cd50eccb4 (patch) | |
| tree | 52d4147b19fa6615f76fb3b8e8fadef948c5bd89 /models/auth | |
| parent | e239d354c9bd80cdc1606dabd7a4de62708b742e (diff) | |
| download | gitea-d7c2a2951c6a0a85f43675c83d3d639cd50eccb4.tar.gz gitea-d7c2a2951c6a0a85f43675c83d3d639cd50eccb4.zip | |
Webauthn nits (#18284)
This contains some additional fixes and small nits related to #17957
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Diffstat (limited to 'models/auth')
| -rw-r--r-- | models/auth/webauthn.go | 14 | ||||
| -rw-r--r-- | models/auth/webauthn_test.go | 4 |
2 files changed, 9 insertions, 9 deletions
diff --git a/models/auth/webauthn.go b/models/auth/webauthn.go index 75776f1e0e..9e09134662 100644 --- a/models/auth/webauthn.go +++ b/models/auth/webauthn.go @@ -6,7 +6,7 @@ package auth import ( "context" - "encoding/base64" + "encoding/base32" "fmt" "strings" @@ -94,7 +94,7 @@ type WebAuthnCredentialList []*WebAuthnCredential func (list WebAuthnCredentialList) ToCredentials() []webauthn.Credential { creds := make([]webauthn.Credential, 0, len(list)) for _, cred := range list { - credID, _ := base64.RawStdEncoding.DecodeString(cred.CredentialID) + credID, _ := base32.HexEncoding.DecodeString(cred.CredentialID) creds = append(creds, webauthn.Credential{ ID: credID, PublicKey: cred.PublicKey, @@ -164,13 +164,13 @@ func HasWebAuthnRegistrationsByUID(uid int64) (bool, error) { } // GetWebAuthnCredentialByCredID returns WebAuthn credential by credential ID -func GetWebAuthnCredentialByCredID(credID string) (*WebAuthnCredential, error) { - return getWebAuthnCredentialByCredID(db.DefaultContext, credID) +func GetWebAuthnCredentialByCredID(userID int64, credID string) (*WebAuthnCredential, error) { + return getWebAuthnCredentialByCredID(db.DefaultContext, userID, credID) } -func getWebAuthnCredentialByCredID(ctx context.Context, credID string) (*WebAuthnCredential, error) { +func getWebAuthnCredentialByCredID(ctx context.Context, userID int64, credID string) (*WebAuthnCredential, error) { cred := new(WebAuthnCredential) - if found, err := db.GetEngine(ctx).Where("credential_id = ?", credID).Get(cred); err != nil { + if found, err := db.GetEngine(ctx).Where("user_id = ? AND credential_id = ?", userID, credID).Get(cred); err != nil { return nil, err } else if !found { return nil, ErrWebAuthnCredentialNotExist{CredentialID: credID} @@ -187,7 +187,7 @@ func createCredential(ctx context.Context, userID int64, name string, cred *weba c := &WebAuthnCredential{ UserID: userID, Name: name, - CredentialID: base64.RawStdEncoding.EncodeToString(cred.ID), + CredentialID: base32.HexEncoding.EncodeToString(cred.ID), PublicKey: cred.PublicKey, AttestationType: cred.AttestationType, AAGUID: cred.Authenticator.AAGUID, diff --git a/models/auth/webauthn_test.go b/models/auth/webauthn_test.go index 572636dbbf..216bf11080 100644 --- a/models/auth/webauthn_test.go +++ b/models/auth/webauthn_test.go @@ -5,7 +5,7 @@ package auth import ( - "encoding/base64" + "encoding/base32" "testing" "code.gitea.io/gitea/models/unittest" @@ -61,7 +61,7 @@ func TestCreateCredential(t *testing.T) { res, err := CreateCredential(1, "WebAuthn Created Credential", &webauthn.Credential{ID: []byte("Test")}) assert.NoError(t, err) assert.Equal(t, "WebAuthn Created Credential", res.Name) - bs, err := base64.RawStdEncoding.DecodeString(res.CredentialID) + bs, err := base32.HexEncoding.DecodeString(res.CredentialID) assert.NoError(t, err) assert.Equal(t, []byte("Test"), bs) |