-
-
Notifications
You must be signed in to change notification settings - Fork 193
Use BCL Base64Url implementation #575
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conversation
@abergs Ready for review |
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## master #575 +/- ##
==========================================
- Coverage 76.93% 76.33% -0.60%
==========================================
Files 100 99 -1
Lines 2627 2590 -37
Branches 441 432 -9
==========================================
- Hits 2021 1977 -44
- Misses 498 503 +5
- Partials 108 110 +2 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
"id":"localhost"}, | ||
"user":{ | ||
"name":"aseigler", | ||
"id":"ABC", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NOTE: this is not a valid id, which should a valid Base64Url encoded byte array.
I'm a bit worried about the rough edges this will cause as it will undoubtedly cause in-production bugs for some payloads. I'm wondering if we could implement a fallback that causes less problems for consumers? |
I believe these "bugs" in production code should be fixed to be conformant with the WebAuthN specification. This is our last chance to fix this - and if we add a fallback, we may be allowing more clients to accidentally break compliance in the future. Let me add some better error messaging in this PR for now. If you think we should continue to fallback to allow Base64 content to be decoded on Base64Url typed properties, we can add a fallback in our Base64UrlConverter. We can also accept the break in 4.0, and add back the relaxed Base64 encoding behavior in 4.0.1, if this turns out to be a problem. |
I agree with and appreciate your concern, but I'm worried about teams/devs adapting to all of our breaking changes only to end up with the surprise that some passkeys are broken in production - which ultimately causes dissatisfaction with passkeys for both devs and end users. The amount of changes between v3 and v4 might make a simple rollback hard for many teams. I suggest we implement a temporary fallback configuration option for 4.0 rather than releasing it in a 4.0.1 patch, if possible? Proposed approach:
This gives us the benefits of the breaking change while providing a safety net for teams who need it. |
…when encountering invalid data
Agreed on the flag: How's this look: Base64UrlConverter.AllowRelaxedDecoding = true; as an escape hatch to fallback to the old decoding behavior. Encoding was always strict. |
Guessing: Build is failing because of missing dotnet format |
@abergs OK, ready for a second review now! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nicely done!
This PR removes our custom Base64Url class, and takes a dependency on the new BCL implementation. I'll update this next week with the RTM package.
NOTE: our current implementation was not strict and also decoded Base64 content. The new implementation throws when encountering content that is not properly encoded.
This PR fixes our test cases that were encoding Base64Url data as Base64.