Discourse/discourse
Discourse/discourse
0
0
Fork 0
mirror of https://gh.wpcy.net/https://github.com/discourse/discourse.git synced 2026-05-02 05:06:51 +08:00
Code Packages Activity Actions
discourse/lib/discourse_webauthn
History
Exact
Keegan George eee6341054
FIX: passkey authentication fails for EdDSA-based authenticators (#38328) 
**Previously**, passkey authentication called
`cose_algorithm.hash_function` to verify signatures, but
`COSE::Algorithm::EdDSA` does not implement `hash_function` (EdDSA has
the hash built into the algorithm). This caused a `NoMethodError 500`
for any user who registered a passkey with an EdDSA-based authenticator.

**This commit** uses the COSE gem's own `cose_algorithm.verify` method,
which correctly dispatches signature verification for all algorithm
types — including EdDSA, which passes nil as the digest internally.
2026-03-06 13:51:58 -08:00
..
authentication_service.rb FIX: passkey authentication fails for EdDSA-based authenticators (#38328) 2026-03-06 13:51:58 -08:00
base_validation_service.rb SECURITY: Clear webauthn challenge from session after authenticating 2025-07-29 10:40:21 +08:00
challenge_generator.rb DEV: Rename SecureSession to ServerSession 2025-09-18 16:31:03 +02:00
registration_service.rb FIX: passkey registration failing when extension data included (#38266) 2026-03-05 09:51:04 -08:00