Skip to content

Allow Custom PublicKeyCredentialRequestOptionsRepository in WebAuthnConfigurer #16874

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
BenEfrati opened this issue Apr 3, 2025 · 0 comments · May be fixed by #16911
Open

Allow Custom PublicKeyCredentialRequestOptionsRepository in WebAuthnConfigurer #16874

BenEfrati opened this issue Apr 3, 2025 · 0 comments · May be fixed by #16911
Labels
status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement

Comments

@BenEfrati
Copy link

Expected Behavior

As a developer, I would like to provide my own implementations for PublicKeyCredentialRequestOptionsRepository.

Current Behavior

Currently, there is no option to change the credentialRequestOptionsFilter and webAuthnAuthnFilter requestOptionsRepository. While this provides a default implementation, it lacks the flexibility to easily inject a custom PublicKeyCredentialRequestOptionsRepository for specific application needs.

Context

I'm trying to integrate WebAuthn into a Spring Security application and require a custom PublicKeyCredentialRequestOptionsRepository. The current configuration forces me to either accept the defaults or do workarounds.
#16369

Workarounds:

  • Manually retrieve the credentialRequestOptionsFilter and webAuthnAuthnFilter from the SecurityFilterChain to set the RequestOptionsRepository.
securityFilterChain.getFilters().stream()
                .filter(WebAuthnAuthenticationFilter.class::isInstance)
                .map(WebAuthnAuthenticationFilter.class::cast)
                .findFirst()
                .ifPresent(filter -> {
                    filter.setAuthenticationSuccessHandler(webAuthnAuthenticationSuccessHandler);
                    filter.setRequestOptionsRepository(databasePublicKeyCredentialRequestOptionsRepository);
                });
securityFilterChain.getFilters().stream()
                .filter(PublicKeyCredentialRequestOptionsFilter.class::isInstance)
                .map(PublicKeyCredentialRequestOptionsFilter.class::cast)
                .findFirst()
                .ifPresent(filter -> {
                    filter.setRequestOptionsRepository(databasePublicKeyCredentialRequestOptionsRepository);
                });
@BenEfrati BenEfrati added status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement labels Apr 3, 2025
BenEfrati added a commit to BenEfrati/spring-security that referenced this issue Apr 3, 2025
@BenEfrati
Allow Custom PublicKeyCredentialRequestOptionsRepository in WebAuthnC…
baf815f 
…onfigurer

Closes spring-projectsgh-16874
@BenEfrati BenEfrati linked a pull request Apr 9, 2025 that will close this issue
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status: waiting-for-triage An issue we've not yet triaged type: enhancement A general enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Set PublicKeyCredentialRequestOptionsRepository by DSL or Bean BenEfrati/spring-security
1 participant
@BenEfrati