github-mirror/discourse
2
0
Fork 0
mirror of https://github.com/discourse/discourse.git synced 2025-05-28 22:08:01 +08:00
Code Issues Actions 1 Packages Projects Releases Wiki Activity

FIX: Catch error when unknown COSE algorithm is supplied for Security Key (#8649)

Browse Source 
Added a fix to gracefully error with a Webauthn::SecurityKeyError if somehow a user provides an unkown COSE algorithm when logging in with a security key.

If `COSE::Algorithm.find` returns nil we now fail gracefully and log the algorithm used along with the user ID and the security key params for debugging, as this will help us find other common algorithms to implement for webauthn
This commit is contained in:
Martin Brennan
2020-01-02 10:14:22 +10:00
committed by GitHub
parent 57081acc08
commit c031434b86
4 changed files with 22 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
lib/webauthn.rb
View File

@ -26,4 +26,5 @@ module Webauthn
class NotFoundError < SecurityKeyError; end
class OwnershipError < SecurityKeyError; end
class PublicKeyError < SecurityKeyError; end
class UnknownCOSEAlgorithmError < SecurityKeyError; end
end