Merged
Conversation
Member
nilsbehlen
commented
May 16, 2025
nilsbehlen
commented
- PIResponse class can return the transaction based on the mode/type, which currently are Push, WebAuthn, Passkey and OTP.
- HTTP request headers are logged
- WebAuthn class as derived class of Challenge has been removed to allow simple serialization of PIResponse
- allowCredentials for WebAuthnSignRequests are merged when the PIResponse object is created and the combined SignRequest is set to PIResponse.webAuthnSignRequest. WebAuthn challenges are not in the multi_challenge list anymore!
* PIResponse class can return the transaction based on the mode/type, which currently are Push, WebAuthn, Passkey and OTP. * HTTP request headers are logged * WebAuthn class as derived class of Challenge has been removed to allow simple serialization of PIResponse * allowCredentials for WebAuthnSignRequests are merged when the PIResponse object is created and the combined SignRequest is set to PIResponse.webAuthnSignRequest. WebAuthn challenges are not in the multi_challenge list anymore!
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR introduces several changes for version 1.4.0 aimed at improving how PIResponse handles various transaction types, refining HTTP header logging, and simplifying the code by removing the WebAuthn class. Key changes include:
- Updating PIResponse to return transaction IDs and merging WebAuthn sign requests.
- Removing the derived WebAuthn class and adjusting related API logic.
- Logging HTTP request headers in a cleaner format.
Reviewed Changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| src/test/java/org/privacyidea/TestWebAuthn.java | Commented-out code removed (was used to check WebAuthn instance behavior). |
| src/main/java/org/privacyidea/WebAuthn.java | Entire file removed to simplify serialization in PIResponse. |
| src/main/java/org/privacyidea/PIResponse.java | Added transaction ID getters and changed the behavior of webAuthnSignRequests method. |
| src/main/java/org/privacyidea/PIConstants.java | Updated constant "USERHANDLE" to follow camelCase. |
| src/main/java/org/privacyidea/JSONParser.java | Adjusted merging of WebAuthn sign requests by updating the method signature. |
| src/main/java/org/privacyidea/Endpoint.java | Modified HTTP header logging to remove newlines. |
| src/main/java/org/privacyidea/Challenge.java | Changed "attributes" from a List to a Map and updated related getters. |
| Changelog.md | Updated changelog to reflect the changes of version 1.4.0. |
the tests are bad currently
lukasmatusiewicz
approved these changes
May 19, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.