Passwordless login redirect (but it doesn't work yet)

2026-03-27 11:31:44 +01:00 · 2023-09-26 16:08:46 +02:00
parent 7cc76c3e99
commit fc0af19981
2 changed files with 7 additions and 4 deletions
--- a/src/main/java/com/ysoft/geecon/OAuthResource.java
+++ b/src/main/java/com/ysoft/geecon/OAuthResource.java
@@ -14,6 +14,7 @@ import io.quarkus.runtime.util.StringUtil;
 import io.quarkus.security.webauthn.WebAuthnLoginResponse;
 import io.quarkus.security.webauthn.WebAuthnRegisterResponse;
 import io.quarkus.security.webauthn.WebAuthnSecurity;
 import io.smallrye.common.annotation.Blocking;
 import io.vertx.ext.auth.webauthn.Authenticator;
 import io.vertx.ext.web.RoutingContext;
 import jakarta.inject.Inject;
@@ -38,7 +39,6 @@ public class OAuthResource {
    SessionsRepo sessionsRepo;
    @Inject
    UriInfo uriInfo;
    @Inject
    WebAuthnSecurity webAuthnSecurity;
@@ -72,6 +72,7 @@ public class OAuthResource {
    @GET
    @Path("passwordless")
    @Produces(MediaType.TEXT_HTML)
    @Blocking
    public TemplateInstance getPasswordless(AuthParams params) {
        var client = validateClient(params);
        String sessionId = sessionsRepo.newAuthorizationSession(params, client);
@@ -82,6 +83,7 @@ public class OAuthResource {
    @Path("passwordless/register")
    @Produces(MediaType.TEXT_HTML)
    @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
    @Blocking
    public TemplateInstance registerPasswordless(@FormParam("sessionId") String sessionId,
                                                 @BeanParam WebAuthnRegisterResponse webAuthnResponse,
                                                 RoutingContext ctx) {
@@ -105,6 +107,7 @@ public class OAuthResource {
    @Path("passwordless/login")
    @Produces(MediaType.TEXT_HTML)
    @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
    @Blocking
    public TemplateInstance loginPasswordless(@FormParam("sessionId") String sessionId,
                                              @BeanParam WebAuthnLoginResponse webAuthnResponse,
                                              RoutingContext ctx) {
--- a/src/main/resources/templates/OAuthResource/loginPasswordless.html
+++ b/src/main/resources/templates/OAuthResource/loginPasswordless.html
@@ -116,7 +116,7 @@
 </div>
 <form action="#" method="POST">
-    <input name="sessionId" type="hidden" value="somesessionid">
+    <input name="sessionId" type="hidden" value="{sessionId}">
    <div id="form-generated"></div>
 </form>
 </div>
@@ -257,7 +257,7 @@
        result.replaceChildren();
        webAuthn.loginOnly({ name: userName })
            .then(body => {
-                form("/webauthn/login", {
+                form("/auth/passwordless/login", {
                    'webAuthnId': body.id,
                    'webAuthnRawId': body.rawId,
                    'webAuthnResponseClientDataJSON': body.response.clientDataJSON,
@@ -286,7 +286,7 @@
        webAuthn.registerOnly({ name: userName, displayName: userName /*firstName + " " + lastName*/})
            .then(body => {
-                form("/webauthn/register", {
+                form("/auth/passwordless/register", {
                    'webAuthnId': body.id,
                    'webAuthnRawId': body.rawId,
                    'webAuthnResponseAttestationObject': body.response.attestationObject,