diff --git a/go.mod b/go.mod index 9bab6520..c72146f2 100644 --- a/go.mod +++ b/go.mod @@ -6,13 +6,13 @@ require ( github.com/Gurpartap/logrus-stack v0.0.0-20170710170904-89c00d8a28f4 github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d github.com/deckarep/golang-set v1.8.0 - github.com/duo-labs/webauthn v0.0.0-20210727191636-9f1b88ef44cc github.com/duosecurity/duo_api_golang v0.0.0-20220201180708-96a8851a8448 github.com/fasthttp/router v1.4.6 github.com/fasthttp/session/v2 v2.4.7 github.com/go-ldap/ldap/v3 v3.4.2 github.com/go-rod/rod v0.103.0 github.com/go-sql-driver/mysql v1.6.0 + github.com/go-webauthn/webauthn v0.2.1 github.com/golang-jwt/jwt/v4 v4.3.0 github.com/golang/mock v1.6.0 github.com/google/uuid v1.3.0 @@ -100,7 +100,7 @@ require ( go.opentelemetry.io/otel v0.20.0 // indirect go.opentelemetry.io/otel/metric v0.20.0 // indirect go.opentelemetry.io/otel/trace v0.20.0 // indirect - golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838 // indirect + golang.org/x/crypto v0.0.0-20220214200702-86341886e292 // indirect golang.org/x/mod v0.5.0 // indirect golang.org/x/net v0.0.0-20220111093109-d55c255bac03 // indirect golang.org/x/sys v0.0.0-20220111092808-5a964db01320 // indirect @@ -114,7 +114,6 @@ require ( ) replace ( - github.com/duo-labs/webauthn => github.com/authelia/webauthn v0.0.0-20220220015615-e607391e7e09 github.com/mattn/go-sqlite3 v2.0.3+incompatible => github.com/mattn/go-sqlite3 v1.14.11 github.com/tidwall/gjson => github.com/tidwall/gjson v1.11.0 ) diff --git a/go.sum b/go.sum index b74c894a..8da3c8a7 100644 --- a/go.sum +++ b/go.sum @@ -105,8 +105,6 @@ github.com/asaskevich/govalidator v0.0.0-20200108200545-475eaeb16496/go.mod h1:o github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535/go.mod h1:oGkLhpf+kjZl6xBf758TQhh5XrAeiJv/7FRz/2spLIg= github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d h1:Byv0BzEl3/e6D5CLfI0j/7hiIEtvGVFPCZ7Ei2oq8iQ= github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d/go.mod h1:WaHUgvxTVq04UNunO+XhnAqY/wQc+bxr74GqbsZ/Jqw= -github.com/authelia/webauthn v0.0.0-20220220015615-e607391e7e09 h1:QaQybILdKa95iPRh6nzNwyqjnRMFq/YFc2z7E5ikEdM= -github.com/authelia/webauthn v0.0.0-20220220015615-e607391e7e09/go.mod h1:mUL5Zt6ReLbdDClw2lvyl5apOOLyG0whwAxh550tXRE= github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU= github.com/aws/aws-sdk-go v1.23.19/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo= @@ -358,6 +356,8 @@ github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LB github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/go-test/deep v1.0.2-0.20181118220953-042da051cf31/go.mod h1:wGDj63lr65AM2AQyKZd/NYHGb0R+1RLqB8NKt3aSFNA= +github.com/go-webauthn/webauthn v0.2.1 h1:XPp/BGLMtOv5EV6ikh64W2jbOcV1E/Fk7hLpW2fMdfU= +github.com/go-webauthn/webauthn v0.2.1/go.mod h1:HEsRdJO1SDyHm9HfsgYwK/4h/qgKbmOQ3xBf4M+DSRg= github.com/gobuffalo/attrs v0.0.0-20190224210810-a9411de4debd/go.mod h1:4duuawTqi2wkkpB4ePgWMaai6/Kc6WEz83bhFwpHzj0= github.com/gobuffalo/attrs v0.1.0/go.mod h1:fmNpaWyHM0tRm8gCZWKx8yY9fvaNLo2PyzBNSrBZ5Hw= github.com/gobuffalo/buffalo v0.12.8-0.20181004233540-fac9bb505aa8/go.mod h1:sLyT7/dceRXJUxSsE813JTQtA3Eb1vjxWfo/N//vXIY= @@ -622,7 +622,6 @@ github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7a github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ= github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang-jwt/jwt/v4 v4.3.0 h1:kHL1vqdqWNfATmA0FNMdmZNMyZI1U6O31X4rlIPoBog= github.com/golang-jwt/jwt/v4 v4.3.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg= github.com/golang/freetype v0.0.0-20170609003504-e2365dfdc4a0/go.mod h1:E/TSTwGwJL78qG/PmXZO1EjYhfJinVAhrmmHX6Z8B9k= @@ -1562,8 +1561,8 @@ golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5y golang.org/x/crypto v0.0.0-20210711020723-a769d52b0f97/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20210817164053-32db794688a5/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220112180741-5e0467b6c7ce/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838 h1:71vQrMauZZhcTVK6KdYM+rklehEEwb3E+ZhaE5jrPrE= -golang.org/x/crypto v0.0.0-20220131195533-30dcbda58838/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= +golang.org/x/crypto v0.0.0-20220214200702-86341886e292 h1:f+lwQ+GtmgoY+A2YaQxlSOnDjXcQ7ZRLWOHbC6HtRqE= +golang.org/x/crypto v0.0.0-20220214200702-86341886e292/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= diff --git a/internal/configuration/schema/webauthn.go b/internal/configuration/schema/webauthn.go index c1deea48..6a610448 100644 --- a/internal/configuration/schema/webauthn.go +++ b/internal/configuration/schema/webauthn.go @@ -3,7 +3,7 @@ package schema import ( "time" - "github.com/duo-labs/webauthn/protocol" + "github.com/go-webauthn/webauthn/protocol" ) // WebauthnConfiguration represents the webauthn config. diff --git a/internal/configuration/validator/const.go b/internal/configuration/validator/const.go index 9174732e..2c2540e4 100644 --- a/internal/configuration/validator/const.go +++ b/internal/configuration/validator/const.go @@ -3,7 +3,7 @@ package validator import ( "regexp" - "github.com/duo-labs/webauthn/protocol" + "github.com/go-webauthn/webauthn/protocol" "github.com/authelia/authelia/v4/internal/oidc" ) diff --git a/internal/configuration/validator/webauthn_test.go b/internal/configuration/validator/webauthn_test.go index 939152f2..bfa746a3 100644 --- a/internal/configuration/validator/webauthn_test.go +++ b/internal/configuration/validator/webauthn_test.go @@ -4,7 +4,7 @@ import ( "testing" "time" - "github.com/duo-labs/webauthn/protocol" + "github.com/go-webauthn/webauthn/protocol" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/internal/handlers/handler_register_webauthn.go b/internal/handlers/handler_register_webauthn.go index 53acb510..1d1510b5 100644 --- a/internal/handlers/handler_register_webauthn.go +++ b/internal/handlers/handler_register_webauthn.go @@ -3,8 +3,8 @@ package handlers import ( "bytes" - "github.com/duo-labs/webauthn/protocol" - "github.com/duo-labs/webauthn/webauthn" + "github.com/go-webauthn/webauthn/protocol" + "github.com/go-webauthn/webauthn/webauthn" "github.com/valyala/fasthttp" "github.com/authelia/authelia/v4/internal/middlewares" diff --git a/internal/handlers/handler_sign_webauthn.go b/internal/handlers/handler_sign_webauthn.go index 0cdb2213..1028da43 100644 --- a/internal/handlers/handler_sign_webauthn.go +++ b/internal/handlers/handler_sign_webauthn.go @@ -3,8 +3,8 @@ package handlers import ( "bytes" - "github.com/duo-labs/webauthn/protocol" - "github.com/duo-labs/webauthn/webauthn" + "github.com/go-webauthn/webauthn/protocol" + "github.com/go-webauthn/webauthn/webauthn" "github.com/authelia/authelia/v4/internal/middlewares" "github.com/authelia/authelia/v4/internal/models" diff --git a/internal/handlers/webauthn.go b/internal/handlers/webauthn.go index 509b24c3..906f6375 100644 --- a/internal/handlers/webauthn.go +++ b/internal/handlers/webauthn.go @@ -4,8 +4,8 @@ import ( "fmt" "net/url" - "github.com/duo-labs/webauthn/protocol" - "github.com/duo-labs/webauthn/webauthn" + "github.com/go-webauthn/webauthn/protocol" + "github.com/go-webauthn/webauthn/webauthn" "github.com/authelia/authelia/v4/internal/middlewares" "github.com/authelia/authelia/v4/internal/models" @@ -51,7 +51,7 @@ func newWebauthn(ctx *middlewares.AutheliaCtx) (w *webauthn.WebAuthn, err error) AuthenticatorSelection: protocol.AuthenticatorSelection{ AuthenticatorAttachment: protocol.CrossPlatform, UserVerification: ctx.Configuration.Webauthn.UserVerification, - RequireResidentKey: protocol.ResidentKeyUnrequired(), + RequireResidentKey: protocol.ResidentKeyNotRequired(), }, Timeout: int(ctx.Configuration.Webauthn.Timeout.Milliseconds()), diff --git a/internal/handlers/webauthn_test.go b/internal/handlers/webauthn_test.go index 0070bd87..d8d29e59 100644 --- a/internal/handlers/webauthn_test.go +++ b/internal/handlers/webauthn_test.go @@ -4,7 +4,7 @@ import ( "errors" "testing" - "github.com/duo-labs/webauthn/protocol" + "github.com/go-webauthn/webauthn/protocol" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" diff --git a/internal/models/webauthn.go b/internal/models/webauthn.go index 6166148b..093b7e31 100644 --- a/internal/models/webauthn.go +++ b/internal/models/webauthn.go @@ -5,8 +5,8 @@ import ( "strings" "time" - "github.com/duo-labs/webauthn/protocol" - "github.com/duo-labs/webauthn/webauthn" + "github.com/go-webauthn/webauthn/protocol" + "github.com/go-webauthn/webauthn/webauthn" "github.com/google/uuid" ) diff --git a/internal/session/types.go b/internal/session/types.go index f625a1b0..c74dcd5c 100644 --- a/internal/session/types.go +++ b/internal/session/types.go @@ -4,9 +4,9 @@ import ( "context" "time" - "github.com/duo-labs/webauthn/webauthn" "github.com/fasthttp/session/v2" "github.com/fasthttp/session/v2/providers/redis" + "github.com/go-webauthn/webauthn/webauthn" "github.com/sirupsen/logrus" "github.com/authelia/authelia/v4/internal/authentication"