fido2-net-lib icon indicating copy to clipboard operation
fido2-net-lib copied to clipboard

Published 20 hours ago verified publisher icon passwordless-lib

Correct AuthenticatorAssertionRawResponse.Id type

Open Regenhardt opened this issue 11 months ago • 0 comments

The AuthenticatorAssertionRawResponse class has two byte[] members Id and RawId. Both used, although RawId is just checked for existence and in tests.

As per MDN Id is literally the base64url encoded value of RawId, I think Id should rather be a string and not base64url-decoded when received, but kept as string. The places currently using the Id property should use RawId instead.

I just debugged into an assertion, and Id and RawId do indeed have the exact same value in the backend.

Regenhardt avatar Mar 06 '24 21:03 Regenhardt