-
-
Notifications
You must be signed in to change notification settings - Fork 444
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
What is needed to upgrade to webauthn 2.0.0+? #701
Comments
Hi Sergei, it would be nice if you could explore that and run tests with webauthn 2. I'm sure @jpaniagualaconich can help if you encounter serious issues. |
7 tasks
sergei-maertens
added a commit
that referenced
this issue
Feb 3, 2024
WebAuthn 2.0 refactored pydantic usage out of the codebase. For simplicity's sake, the minimum version is now set to 2.0 so that no compat layer is required. It appears that wat used to be Pydantic validation errors are now raised as InvalidJSONStructure exceptions, the form validation code is updated to reflect that.
sergei-maertens
added a commit
that referenced
this issue
Feb 3, 2024
This has changed in webauthn 2.0+ compared to 1.x
sergei-maertens
added a commit
that referenced
this issue
Feb 3, 2024
sergei-maertens
added a commit
that referenced
this issue
Feb 3, 2024
WebAuthn 2.0 refactored pydantic usage out of the codebase. For simplicity's sake, the minimum version is now set to 2.0 so that no compat layer is required. It appears that wat used to be Pydantic validation errors are now raised as InvalidJSONStructure exceptions, the form validation code is updated to reflect that.
sergei-maertens
added a commit
that referenced
this issue
Feb 3, 2024
This has changed in webauthn 2.0+ compared to 1.x
claudep
pushed a commit
that referenced
this issue
Feb 3, 2024
WebAuthn 2.0 refactored pydantic usage out of the codebase. For simplicity's sake, the minimum version is now set to 2.0 so that no compat layer is required. It appears that wat used to be Pydantic validation errors are now raised as InvalidJSONStructure exceptions, the form validation code is updated to reflect that.
claudep
pushed a commit
that referenced
this issue
Feb 3, 2024
This has changed in webauthn 2.0+ compared to 1.x
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
While investigating some conflicts in tooling in their Pydantic versions used, I noticed that webauthn 2.0.0 was released a couple weeks ago which dropped their dependency on Pydantic (which would solve my tooling issue). However, django-two-factor-auth pins webauthn on
<1.99
.Does anyone have an idea what's needed to support webauthn 2.0.0 and could they provide some guidance? I can probably allocate some $dayjob time as it would make our setup/needs simpler to achieve.
Expected Behavior
Use django-two-factor-auth with webauthn 2.0.0
Current Behavior
Only v1 of webauthn is supported.
Possible Solution
See if/how the breaking changes affect the usage in django-two-factor-auth and if necessary:
The latter option should be safe for project that use Pydantic themselves, they will now only need to explicitly declare their dependency.
Steps to Reproduce (for bugs)
n/a
Context
I'm trying to use the
bump-my-version
tool and django-two-factor-auth[webauthn] in the same virtualenv, but they have incompatible pydantic requirements.As a workaround, I can install/run bump-my-version from a different venv.
Your Environment
The text was updated successfully, but these errors were encountered: