Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PM-5435] Handle Fido2VerificationException on WebAuthn 2FA #3615

Merged
merged 3 commits into from
Mar 4, 2024
Merged

[PM-5435] Handle Fido2VerificationException on WebAuthn 2FA #3615

merged 3 commits into from
Mar 4, 2024

Conversation

trmartin4
Copy link
Member

@trmartin4 trmartin4 commented Dec 23, 2023
edited

Type of change

- [X] Bug fix
- [ ] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [ ] Other

Objective

When there is an error validating the RPID during WebAuthn 2FA, the Fido2NetLib library throws a Fido2VerificationException. This exception was not being caught, and it was causing a 500 Unhandled exception response to the client.

The source for this verification shows when the exception is thrown.

Code changes

  • WebAuthnTokenProvider: Add try/catch around the verification call. Return false (not verified) if there is a verification exception.

Before you submit

  • Please check for formatting errors (dotnet format --verify-no-changes) (required)
  • If making database changes - make sure you also update Entity Framework queries and/or migrations
  • Please add unit tests where it makes sense to do so (encouraged but not required)
  • If this change requires a documentation update - notify the documentation team
  • If this change has particular deployment requirements - notify the DevOps team

@trmartin4 trmartin4 requested a review from a team as a code owner December 23, 2023 00:43
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Feb 21, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

@codecov Codecov
Copy link

codecov bot commented Feb 21, 2024

Codecov Report

Attention: 12 lines in your changes are missing coverage. Please review.

Comparison is base (70fac80) 36.36% compared to head (c4ba6ad) 36.36%.

Files Patch % Lines
src/Core/Auth/Identity/WebAuthnTokenProvider.cs 0.00% 12 Missing ⚠️
Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3615      +/-   ##
==========================================
- Coverage   36.36%   36.36%   -0.01%     
==========================================
  Files        1158     1158              
  Lines       55884    55888       +4     
  Branches     5376     5376              
==========================================
  Hits        20324    20324              
- Misses      34614    34618       +4     
  Partials      946      946

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@bitwarden-bot
Copy link

Logo
Checkmarx One – Scan Summary & Details6613baf2-ca54-4baf-8867-fd40fa121a2c

No New Or Fixed Issues Found

@trmartin4 trmartin4 merged commit 94d665e into main Mar 4, 2024
46 of 47 checks passed
@trmartin4 trmartin4 deleted the Auth/pm-5435/handle-fido2-exception branch March 4, 2024 16:43
@trmartin4 trmartin4 mentioned this pull request Mar 4, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JaredSnider-Bitwarden JaredSnider-Bitwarden JaredSnider-Bitwarden approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@trmartin4 @bitwarden-bot @JaredSnider-Bitwarden