Correct AuthenticatorAssertionRawResponse.Id type #513
Milestone
Comments
|
Since a major update is planned anyway, would you accept a PR amending that? |
|
@Regenhardt Yeah this is interesting and 4.0 would be a good opportunity to fix this. I do wonder about the implications that this will have though. |
|
@Regenhardt You're welcome to submit a PR and we can further discuss the feasibility |
Regenhardt
added a commit
to Regenhardt/fido2-net-lib
that referenced
this issue
Dec 30, 2024
RawId is decoded to the raw byte value, while Id is the same value in base64url-encoded form. passwordless-lib#513
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The
AuthenticatorAssertionRawResponseclass has twobyte[]membersIdandRawId. Both used, althoughRawIdis just checked for existence and in tests.As per MDN
Idis literally the base64url encoded value ofRawId, I thinkIdshould rather be a string and not base64url-decoded when received, but kept as string. The places currently using theIdproperty should useRawIdinstead.I just debugged into an assertion, and
IdandRawIddo indeed have the exact same value in the backend.The text was updated successfully, but these errors were encountered: