Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

The icon field of PublicKeyCredentialEntity has been removed from the specification #634

Closed
abcang opened this issue Jul 19, 2024 · 5 comments · Fixed by #635
Closed

The icon field of PublicKeyCredentialEntity has been removed from the specification #634

abcang opened this issue Jul 19, 2024 · 5 comments · Fixed by #635
Assignees
@Spomky
Milestone
5.1.0

Comments

@abcang
Copy link
Contributor

abcang commented Jul 19, 2024

Version(s) affected

5.0.0

Description

The icon field of PublicKeyCredentialEntity has been removed from the specification (w3c/webauthn#1337). So it can be removed from the implementation.

When using the WebauthnSerializerFactory serializer to serialize a PublicKeyCredentialRpEntity with an unspecified icon to JSON, the icon field appears as null. I am concerned that this may cause unexpected behavior.

How to reproduce

$factory = new Webauthn\Denormalizer\WebauthnSerializerFactory(
    new Webauthn\AttestationStatement\AttestationStatementSupportManager()
);
$serializer = $factory->create();

echo $serializer->serialize(
    Webauthn\PublicKeyCredentialRpEntity::create(
        'rp name',
        'rp.id'
    ),
    'json'
);

Output:

{"id":"rp.id","name":"rp name","icon":null}

Possible Solution

A tentative fix would be to create a Denormalizer to filter out nulls, similar to the PublicKeyCredentialUserEntity. A radical fix would be to remove the icon property from PublicKeyCredentialEntity.

Additional Context

No response
@Spomky
Copy link
Contributor

Spomky commented Jul 19, 2024
edited
Loading

Hi @abcang,

Indeed, I missed removing the icon field. This will be deprecated in the next minor release.
To fix that issue without any changes in this library, I recomment the use of the skip_null_values options:

<?php
use Symfony\Component\Serializer\Normalizer\AbstractObjectNormalizer;

$serializer->serialize(
    Webauthn\PublicKeyCredentialRpEntity::create(
        'rp name',
        'rp.id'
    ),
    'json',
    [AbstractObjectNormalizer::SKIP_NULL_VALUES => true]
);

The output will be as expected:

{"id":"rp.id","name":"rp name"}

@abcang
Copy link
Contributor Author

abcang commented Jul 19, 2024

Thank you very much! I will tentatively use that option.

@Spomky Spomky mentioned this issue Jul 19, 2024
Merged
4 tasks
@Spomky
Copy link
Contributor

Spomky commented Jul 20, 2024

The icon property will be marked as deprecated in 5.1.0 and removed in 6.0.0.

@Spomky Spomky closed this as completed Jul 20, 2024
@abcang
Copy link
Contributor Author

abcang commented Jul 20, 2024

Thank you!

@github-actions GitHub Actions
Copy link
Contributor

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 20, 2024
@Spomky Spomky added this to the 5.1.0 milestone Jan 8, 2025
@Spomky Spomky self-assigned this Jan 8, 2025
@Spomky Spomky linked a pull request Jan 8, 2025 that will close this issue
Deprecate 'icon' parameter from PublicKeyCredentialCreationOptionsFac… #635
Merged
4 tasks
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Assignees

@Spomky Spomky

Labels
None yet
Projects
None yet
Milestone
5.1.0
Development

Successfully merging a pull request may close this issue.

Deprecate 'icon' parameter from PublicKeyCredentialCreationOptionsFac… web-auth/webauthn-framework
2 participants
@Spomky @abcang