Improve consistency of Base64URL usage #59
Milestone
Comments
Firehed
added a commit
that referenced
this issue
Dec 3, 2023
…mat (#61) This reduces the need for RP servers to use internal methods by directly exposing the challenge as base64url, which is used by the (limited support) native formats as noted in #48 (a tool to produce the entire format will come as well!). Additionally, this matches up the storage id formats for both credential formats, which as-is would not function as expected (new authorizations would return a v2, and subsequently could fail to find an existing matching v1 format depending on the lookup approach) > [!WARNING] > BC BREAK: this changes the storage identifier for the older credential format. This was noted in tests as a pre-1.0 possibility. Fixes #59
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Some of the API is a little clumsy with data formats. In particular, the userHandle could be binary (depending on what was originally used during setup - for 99% of users, probably not), and the credential storage identifier on the v1 format is hex-encoded. With the Level 3 recommendations (#48), most things really want to be in B64U.
Note that if the storage id formats aren't identical across all versions (currently they are not!), there's potential for some really strange breakage. That should get rectified. It's somewhat inherently a BC break, but that's why no stable release has been tagged yet!
The text was updated successfully, but these errors were encountered: