WebAuthn: removed username cookie

Author: FroMage

security-webauthn-quickstart/src/main/java/org/acme/security/webauthn/LoginResource.java

@@ -67,7 +67,7 @@ public Response register(@RestForm String userName,
         }
         try {
             // store the user
-        	WebAuthnCredentialRecord credentialRecord = this.webAuthnSecurity.register(webAuthnResponse, ctx).await().indefinitely();
+            WebAuthnCredentialRecord credentialRecord = this.webAuthnSecurity.register(userName, webAuthnResponse, ctx).await().indefinitely();
             User newUser = new User();
             newUser.userName = credentialRecord.getUserName();
             WebAuthnCredential credential = new WebAuthnCredential(credentialRecord, newUser);

security-webauthn-quickstart/src/test/java/org/acme/security/webauthn/test/WebAuthnResourceTest.java

@@ -51,7 +51,7 @@ private void testWebAuthn(String userName, User user, Endpoint endpoint) {
         String challenge = WebAuthnEndpointHelper.obtainRegistrationChallenge(userName, cookieFilter);
         JsonObject registrationJson = token.makeRegistrationJson(challenge);
         if(endpoint == Endpoint.DEFAULT)
-            WebAuthnEndpointHelper.invokeRegistration(registrationJson, cookieFilter);
+            WebAuthnEndpointHelper.invokeRegistration(userName, registrationJson, cookieFilter);
         else {
             invokeCustomEndpoint("/register", cookieFilter, request -> {
                 WebAuthnEndpointHelper.addWebAuthnRegistrationFormParameters(request, registrationJson);
@@ -100,7 +100,6 @@ private void invokeCustomEndpoint(String uri, Filter cookieFilter, Consumer<Requ
         .statusCode(200)
         .log().ifValidationFails()
         .cookie(WebAuthnEndpointHelper.getChallengeCookie(), Matchers.is(""))
-        .cookie(WebAuthnEndpointHelper.getChallengeUsernameCookie(), Matchers.is(""))
         .cookie(WebAuthnEndpointHelper.getMainCookie(), Matchers.notNullValue());
     }
 

security-webauthn-reactive-quickstart/src/main/java/org/acme/security/webauthn/LoginResource.java

@@ -74,7 +74,7 @@ public Uni<Response> register(@RestForm String userName,
                 // Duplicate user
                 return Uni.createFrom().item(Response.status(Status.BAD_REQUEST).build());
             }
-            Uni<WebAuthnCredentialRecord> credentialRecord = this.webAuthnSecurity.register(webAuthnResponse, ctx);
+            Uni<WebAuthnCredentialRecord> credentialRecord = this.webAuthnSecurity.register(userName, webAuthnResponse, ctx);
 
             return credentialRecord
                     // store the user

security-webauthn-reactive-quickstart/src/test/java/org/acme/security/webauthn/test/WebAuthnResourceTest.java

@@ -51,7 +51,7 @@ private void testWebAuthn(String userName, User user, Endpoint endpoint) {
         String challenge = WebAuthnEndpointHelper.obtainRegistrationChallenge(userName, cookieFilter);
         JsonObject registrationJson = token.makeRegistrationJson(challenge);
         if(endpoint == Endpoint.DEFAULT)
-            WebAuthnEndpointHelper.invokeRegistration(registrationJson, cookieFilter);
+            WebAuthnEndpointHelper.invokeRegistration(userName, registrationJson, cookieFilter);
         else {
             invokeCustomEndpoint("/register", cookieFilter, request -> {
                 WebAuthnEndpointHelper.addWebAuthnRegistrationFormParameters(request, registrationJson);
@@ -100,7 +100,6 @@ private void invokeCustomEndpoint(String uri, Filter cookieFilter, Consumer<Requ
         .statusCode(200)
         .log().ifValidationFails()
         .cookie(WebAuthnEndpointHelper.getChallengeCookie(), Matchers.is(""))
-        .cookie(WebAuthnEndpointHelper.getChallengeUsernameCookie(), Matchers.is(""))
         .cookie(WebAuthnEndpointHelper.getMainCookie(), Matchers.notNullValue());
     }