From 627f4ffa39027be103dc74d575fd76477c22ec4f Mon Sep 17 00:00:00 2001 From: Andreas Coroiu Date: Fri, 10 Nov 2023 11:27:55 +0100 Subject: [PATCH] [PM-3936] [PM-4174] Update authenticator selection options (#3340) * [PM-3936] [PM-4174] feat: update `UserVerificationRequirement` and `requireResidentKey` * [PM-3936] fix: lint --- src/Core/Services/Implementations/UserService.cs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Core/Services/Implementations/UserService.cs b/src/Core/Services/Implementations/UserService.cs index 3792b30cf4..95ad5ac4c6 100644 --- a/src/Core/Services/Implementations/UserService.cs +++ b/src/Core/Services/Implementations/UserService.cs @@ -540,8 +540,8 @@ public class UserService : UserManager, IUserService, IDisposable var authenticatorSelection = new AuthenticatorSelection { AuthenticatorAttachment = null, - RequireResidentKey = false, // TODO: This is using the old residentKey selection variant, we need to update our lib so that we can set this to preferred - UserVerification = UserVerificationRequirement.Preferred + RequireResidentKey = true, + UserVerification = UserVerificationRequirement.Required }; var extensions = new AuthenticationExtensionsClientInputs { }; @@ -604,7 +604,7 @@ public class UserService : UserManager, IUserService, IDisposable { UserVerificationMethod = true }; - var options = _fido2.GetAssertionOptions(existingCredentials, UserVerificationRequirement.Preferred, exts); + var options = _fido2.GetAssertionOptions(existingCredentials, UserVerificationRequirement.Required, exts); // TODO: temp save options to user record somehow