mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2024-12-26 07:05:57 -05:00
Fix incorrect WebAuthn origin
This mainly affects users running Vaultwarden under a subpath. Refs: * https://github.com/kanidm/webauthn-rs/blob/b2cbb34/src/core.rs#L941-L948 * https://github.com/kanidm/webauthn-rs/blob/b2cbb34/src/core.rs#L316 * https://w3c.github.io/webauthn/#dictionary-client-data
This commit is contained in:
parent
a23f4a704b
commit
0cdc0cb147
@ -22,12 +22,14 @@ pub fn routes() -> Vec<Route> {
|
|||||||
|
|
||||||
struct WebauthnConfig {
|
struct WebauthnConfig {
|
||||||
url: String,
|
url: String,
|
||||||
|
origin: String,
|
||||||
rpid: String,
|
rpid: String,
|
||||||
}
|
}
|
||||||
|
|
||||||
impl WebauthnConfig {
|
impl WebauthnConfig {
|
||||||
fn load() -> Webauthn<Self> {
|
fn load() -> Webauthn<Self> {
|
||||||
let domain = CONFIG.domain();
|
let domain = CONFIG.domain();
|
||||||
|
let domain_origin = CONFIG.domain_origin();
|
||||||
Webauthn::new(Self {
|
Webauthn::new(Self {
|
||||||
rpid: reqwest::Url::parse(&domain)
|
rpid: reqwest::Url::parse(&domain)
|
||||||
.map(|u| u.domain().map(str::to_owned))
|
.map(|u| u.domain().map(str::to_owned))
|
||||||
@ -35,6 +37,7 @@ impl WebauthnConfig {
|
|||||||
.flatten()
|
.flatten()
|
||||||
.unwrap_or_default(),
|
.unwrap_or_default(),
|
||||||
url: domain,
|
url: domain,
|
||||||
|
origin: domain_origin,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@ -45,7 +48,7 @@ impl webauthn_rs::WebauthnConfig for WebauthnConfig {
|
|||||||
}
|
}
|
||||||
|
|
||||||
fn get_origin(&self) -> &str {
|
fn get_origin(&self) -> &str {
|
||||||
&self.url
|
&self.origin
|
||||||
}
|
}
|
||||||
|
|
||||||
fn get_relying_party_id(&self) -> &str {
|
fn get_relying_party_id(&self) -> &str {
|
||||||
|
Loading…
Reference in New Issue
Block a user