mirror/Hangar
2
0
Fork 0
mirror of https://github.com/HangarMC/Hangar.git synced 2025-02-23 15:12:52 +08:00
Code Issues Packages Projects Releases Wiki Activity

make sure to properly update the sign count

Browse Source
This commit is contained in:
MiniDigger | Martin 2023-04-02 00:46:57 +02:00
parent 6697d7113a
commit 515ae82e68
2 changed files with 16 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
backend/src/main/java/io/papermc/hangar/components/auth/controller/LoginController.java
View File

@ -79,6 +79,8 @@ public class LoginController extends HangarComponent {
.response(pkc)
.build());
this.webAuthNService.updateCredential(userTable.getUserId(), result.getCredential().getCredentialId().getBase64(), result.getSignatureCount());
if (result.isSuccess()) {
return this.setAalAndLogin(userTable, 2);
}

14
backend/src/main/java/io/papermc/hangar/components/auth/service/WebAuthNService.java
View File

@ -115,6 +115,20 @@ public class WebAuthNService implements CredentialRepository {
return webAuthNCredential.pendingLogin();
}
public void updateCredential(final long userId, final String credentialId, final long signatureCount) {
final WebAuthNCredential webAuthNCredential = this.getWebAuthNCredential(userId);
final var any = webAuthNCredential.credentials().stream().filter(c -> c.id().equals(credentialId)).findAny();
if (any.isPresent()) {
final WebAuthNCredential.WebAuthNDevice oldDevice = any.get();
final WebAuthNCredential.Authenticator patchedAuthenticator = new WebAuthNCredential.Authenticator(oldDevice.authenticator().aaguid(), signatureCount, oldDevice.authenticator().cloneWarning());
final WebAuthNCredential.WebAuthNDevice patchedDevice = new WebAuthNCredential.WebAuthNDevice(oldDevice.id(), oldDevice.addedAt(), oldDevice.publicKey(), oldDevice.displayName(), patchedAuthenticator, oldDevice.isPasswordLess(), oldDevice.attestationType());
webAuthNCredential.credentials().remove(oldDevice);
webAuthNCredential.credentials().add(patchedDevice);
this.credentialsService.updateCredential(userId, webAuthNCredential);
}
}
private WebAuthNCredential getWebAuthNCredential(final long userId) {
final UserCredentialTable credential = this.credentialsService.getCredential(userId, CredentialType.WEBAUTHN);
if (credential == null) {