Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency webauthn to v2 #330

Closed
wants to merge 1 commit into from
Closed

chore(deps): update dependency webauthn to v2 #330

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 11, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
webauthn ==1.11.1 -> ==2.2.0 age adoption passing confidence

Release Notes

duo-labs/py_webauthn (webauthn)

v2.2.0

Compare Source

Changes:

  • All exceptions in webauthn.helpers.exceptions now subclass the new webauthn.helpers.exceptions.WebAuthnException base exception (#​219, h/t @​bschoenmaeckers)
  • Support has been added for the new "smart-card" transport (#​221)

v2.1.0

Compare Source

from webauthn.helpers import parse_registration_options_json

json_reg_options: dict = get_stored_registration_options(session_id)
parsed_reg_options: PublicKeyCredentialCreationOptions = parse_registration_options_json(
json_reg_options,
)


This same logic applies to calls to `PublicKeyCredentialRequestOptions.parse_obj()` - these calls can be replaced with the new `webauthn.helpers.parse_authentication_options_json()` in this release as well.

#### v2.0.0

**Changes:**

- See **Breaking Changes** below

**Breaking Changes:**

- [Pydantic](https://docs.pydantic.dev/latest/) is no longer used by py_webauthn. If your project
  calls any Pydantic-specific methods on classes provided by py_webauthn then you will need to
  refactor those calls accordingly. Typical use of py_webauthn should not need any major refactor
  related to this change, but please see **Breaking Changes** below ([#​195](https://togithub.com/duo-labs/py_webauthn/pull/195))
- `webauthn.helpers.generate_challenge()` now always generates 64 random bytes and no longer accepts any arguments. Refactor your existing calls to remove any arguments ([#​198](https://togithub.com/duo-labs/py_webauthn/pull/198))
- `webauthn.helpers.exceptions.InvalidClientDataJSONStructure` has been replaced by `webauthn.helpers.exceptions.InvalidJSONStructure` ([#​195](https://togithub.com/duo-labs/py_webauthn/pull/195))
- `webauthn.helpers.json_loads_base64url_to_bytes()` has been removed ([#​195](https://togithub.com/duo-labs/py_webauthn/pull/195))
- The `user_id` argument passed into `generate_registration_options()` is now `Optional[bytes]`
  instead of a required `str` value. A random sequence of 64 bytes will be generated for `user_id`
  if it is `None` ([#​197](https://togithub.com/duo-labs/py_webauthn/pull/197))
  - There are a few options available to refactor existing calls:

##### Option 1: Use the `base64url_to_bytes()` helper

If you already store your WebAuthn user ID bytes as base64url-encoded strings then you can simply decode these strings to bytes using an included helper:

**Before:**
```py
options = generate_registration_options(

### ...
    user_id: "3ZPk1HGhX_cul7z5UydfZE_vgnUYkOVshDNcvI1ILyQ",
)

After:

from webauthn.helpers import bytes_to_base64url

options = generate_registration_options(

### ...
    user_id: bytes_to_base64url("3ZPk1HGhX_cul7z5UydfZE_vgnUYkOVshDNcvI1ILyQ"),
)
Option 2: Generate unique WebAuthn-specific identifiers for existing and new users

WebAuthn strongly encourages Relying Parties to use 64 randomized bytes for every user ID you pass into navigator.credentials.create(). This would be a second identifier used exclusively for WebAuthn that you associate along with your typical internal user ID.

py_webauthn includes a generate_user_handle() helper that can simplify the task of creating this special user identifier for your existing users in one go:

from webauthn.helpers import generate_user_handle

v2.0.0

Compare Source

Changes:

  • See Breaking Changes below

Breaking Changes:

  • Pydantic is no longer used by py_webauthn. If your project
    calls any Pydantic-specific methods on classes provided by py_webauthn then you will need to
    refactor those calls accordingly. Typical use of py_webauthn should not need any major refactor
    related to this change, but please see Breaking Changes below (#​195)
  • webauthn.helpers.generate_challenge() now always generates 64 random bytes and no longer accepts any arguments. Refactor your existing calls to remove any arguments (#​198)
  • webauthn.helpers.exceptions.InvalidClientDataJSONStructure has been replaced by webauthn.helpers.exceptions.InvalidJSONStructure (#​195)
  • webauthn.helpers.json_loads_base64url_to_bytes() has been removed (#​195)
  • The user_id argument passed into generate_registration_options() is now Optional[bytes]
    instead of a required str value. A random sequence of 64 bytes will be generated for user_id
    if it is None (#​197)
    • There are a few options available to refactor existing calls:
Option 1: Use the base64url_to_bytes() helper

If you already store your WebAuthn user ID bytes as base64url-encoded strings then you can simply decode these strings to bytes using an included helper:

Before:

options = generate_registration_options(

### ...
    user_id: "3ZPk1HGhX_cul7z5UydfZE_vgnUYkOVshDNcvI1ILyQ",
)

After:

from webauthn.helpers import bytes_to_base64url

options = generate_registration_options(

### ...
    user_id: bytes_to_base64url("3ZPk1HGhX_cul7z5UydfZE_vgnUYkOVshDNcvI1ILyQ"),
)
Option 2: Generate unique WebAuthn-specific identifiers for existing and new users

WebAuthn strongly encourages Relying Parties to use 64 randomized bytes for every user ID you pass into navigator.credentials.create(). This would be a second identifier used exclusively for WebAuthn that you associate along with your typical internal user ID.

py_webauthn includes a generate_user_handle() helper that can simplify the task of creating this special user identifier for your existing users in one go:

from webauthn.helpers import generate_user_handle

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added breaking dependencies Pull requests that update a dependency file labels Jan 11, 2024
@codecov Codecov
Copy link

codecov bot commented Jan 11, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 81.59%. Comparing base (92a11f9) to head (1721744).
Report is 20 commits behind head on master.

Current head 1721744 differs from pull request most recent head fd300b7

Please upload reports for the commit fd300b7 to get more accurate results.

Additional details and impacted files 
@@           Coverage Diff           @@
##           master     #330   +/-   ##
=======================================
  Coverage   81.59%   81.59%           
=======================================
  Files          17       17           
  Lines        1092     1092           
  Branches      138      138           
=======================================
  Hits          891      891           
  Misses        170      170           
  Partials       31       31

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@renovate renovate bot force-pushed the renovate/webauthn-2.x branch from 2eb23ac to 94b001d Compare March 9, 2024 19:14
@renovate renovate bot force-pushed the renovate/webauthn-2.x branch 2 times, most recently from acb2fee to c4a72ad Compare April 1, 2024 22:34
@renovate renovate bot force-pushed the renovate/webauthn-2.x branch from c4a72ad to 1721744 Compare May 24, 2024 13:16
@renovate renovate bot force-pushed the renovate/webauthn-2.x branch from 1721744 to fd300b7 Compare June 25, 2024 18:17
@MBS9Admin
Copy link
Member

Closing PR in 7 days, this is a stale issue.

@MBS9Admin
Copy link
Member

Closed due to inactivity.

@MBS9Admin MBS9Admin closed this Nov 4, 2024
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Nov 4, 2024

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for any future 2.x releases. But if you manually upgrade to 2.x then Renovate will re-enable minor and patch updates automatically.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.

@renovate renovate bot deleted the renovate/webauthn-2.x branch November 4, 2024 09:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
breaking Closed on stale dependencies Pull requests that update a dependency file Stale
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@MBS9Admin