Fix WebAuthn not working after move to System.Text.Json (#1818)

2025-01-22 21:51:22 +01:00 · 2022-01-24 18:13:43 +01:00 · 2022-01-24 18:13:43 +01:00 · a9a5417350
commit a9a5417350
parent ac8ca46f0f
4 changed files with 14 additions and 7 deletions
--- a/src/Core/Core.csproj
+++ b/src/Core/Core.csproj
@ -25,7 +25,7 @@
    <PackageReference Include="Azure.Storage.Blobs" Version="12.10.0" />
    <PackageReference Include="Azure.Storage.Queues" Version="12.3.2" />
    <PackageReference Include="BitPay.Light" Version="1.0.1907" />
-    <PackageReference Include="Fido2.AspNet" Version="1.1.0" />
+    <PackageReference Include="Fido2.AspNet" Version="3.0.0-beta2" />
    <PackageReference Include="Handlebars.Net" Version="1.10.1" />
    <PackageReference Include="IdentityServer4.AccessTokenValidation" Version="3.0.1" />
    <PackageReference Include="MailKit" Version="2.8.0" />
--- a/src/Core/Entities/User.cs
+++ b/src/Core/Entities/User.cs
@ -132,6 +132,7 @@ namespace Bit.Core.Entities

        public void SetTwoFactorProviders(Dictionary<TwoFactorProviderType, TwoFactorProvider> providers)
        {
+            // When replacing with system.text remember to remove the extra serialization in WebAuthnTokenProvider.
            TwoFactorProviders = JsonHelpers.LegacySerialize(providers);
            _twoFactorProviders = providers;
        }
--- a/src/Core/Identity/WebAuthnTokenProvider.cs
+++ b/src/Core/Identity/WebAuthnTokenProvider.cs
@ -65,14 +65,14 @@ namespace Bit.Core.Identity

            var exts = new AuthenticationExtensionsClientInputs()
            {
-                UserVerificationIndex = true,
                UserVerificationMethod = true,
                AppID = CoreHelpers.U2fAppIdUrl(_globalSettings),
            };

            var options = _fido2.GetAssertionOptions(existingCredentials, UserVerificationRequirement.Discouraged, exts);

-            provider.MetaData["login"] = options;
+            // TODO: Remove this when newtonsoft legacy converters are gone
+            provider.MetaData["login"] = JsonSerializer.Serialize(options);

            var providers = user.GetTwoFactorProviders();
            providers[TwoFactorProviderType.WebAuthn] = provider;
@ -98,7 +98,8 @@ namespace Bit.Core.Identity
                return false;
            }

-            var clientResponse = JsonSerializer.Deserialize<AuthenticatorAssertionRawResponse>(token);
+            var clientResponse = JsonSerializer.Deserialize<AuthenticatorAssertionRawResponse>(token,
+                new JsonSerializerOptions { PropertyNameCaseInsensitive = true });

            var jsonOptions = provider.MetaData["login"].ToString();
            var options = AssertionOptions.FromJson(jsonOptions);
--- a/src/Core/Models/TwoFactorProvider.cs
+++ b/src/Core/Models/TwoFactorProvider.cs
@ -1,7 +1,7 @@
 using System;
 using System.Collections.Generic;
+using System.Text.Json;
 using Bit.Core.Enums;
-using Bit.Core.Utilities;
 using Fido2NetLib.Objects;

 namespace Bit.Core.Models
@ -24,8 +24,13 @@ namespace Bit.Core.Models
                }
                catch
                {
-                    // Handle newtonsoft parsing
-                    Descriptor = JsonHelpers.LegacyDeserialize<PublicKeyCredentialDescriptor>(o.Descriptor.ToString());
+                    // Fallback for older newtonsoft serialized tokens.
+                    if (o.Descriptor.Type == 0)
+                    {
+                        o.Descriptor.Type = "public-key";
+                    }
+                    Descriptor = JsonSerializer.Deserialize<PublicKeyCredentialDescriptor>(o.Descriptor.ToString(),
+                        new JsonSerializerOptions { PropertyNameCaseInsensitive = true });
                }
                PublicKey = o.PublicKey;
                UserHandle = o.UserHandle;