diff --git a/web/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java b/web/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java index d8341b8ac4e..4dc7efc5a8d 100644 --- a/web/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java +++ b/web/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java @@ -183,7 +183,7 @@ public PublicKeyCredentialCreationOptions createPublicKeyCredentialCreationOptio List credentialRecords = this.userCredentials.findByUserId(userEntity.getId()); PublicKeyCredentialCreationOptions options = PublicKeyCredentialCreationOptions.builder() - .attestation(AttestationConveyancePreference.DIRECT) + .attestation(AttestationConveyancePreference.NONE) .pubKeyCredParams(PublicKeyCredentialParameters.EdDSA, PublicKeyCredentialParameters.ES256, PublicKeyCredentialParameters.RS256) .authenticatorSelection(authenticatorSelection) diff --git a/web/src/test/java/org/springframework/security/web/webauthn/api/TestPublicKeyCredentialCreationOptions.java b/web/src/test/java/org/springframework/security/web/webauthn/api/TestPublicKeyCredentialCreationOptions.java index 8e65a6a79de..715b09b6292 100644 --- a/web/src/test/java/org/springframework/security/web/webauthn/api/TestPublicKeyCredentialCreationOptions.java +++ b/web/src/test/java/org/springframework/security/web/webauthn/api/TestPublicKeyCredentialCreationOptions.java @@ -40,7 +40,7 @@ public static PublicKeyCredentialCreationOptions.PublicKeyCredentialCreationOpti ImmutableAuthenticationExtensionsClientInputs clientInputs = new ImmutableAuthenticationExtensionsClientInputs( ImmutableAuthenticationExtensionsClientInput.credProps); return PublicKeyCredentialCreationOptions.builder() - .attestation(AttestationConveyancePreference.DIRECT) + .attestation(AttestationConveyancePreference.NONE) .user(userEntity) .pubKeyCredParams(PublicKeyCredentialParameters.EdDSA, PublicKeyCredentialParameters.ES256, PublicKeyCredentialParameters.RS256) diff --git a/web/src/test/java/org/springframework/security/web/webauthn/jackson/JacksonTests.java b/web/src/test/java/org/springframework/security/web/webauthn/jackson/JacksonTests.java index 88ed4639ffb..bff4498ccf5 100644 --- a/web/src/test/java/org/springframework/security/web/webauthn/jackson/JacksonTests.java +++ b/web/src/test/java/org/springframework/security/web/webauthn/jackson/JacksonTests.java @@ -149,7 +149,7 @@ void readAuthenticationExtensionsClientOutputsWhenFieldAfter() throws Exception void writePublicKeyCredentialCreationOptions() throws Exception { String expected = """ { - "attestation": "direct", + "attestation": "none", "authenticatorSelection": { "residentKey": "required" }, diff --git a/web/src/test/java/org/springframework/security/web/webauthn/registration/PublicKeyCredentialCreationOptionsFilterTests.java b/web/src/test/java/org/springframework/security/web/webauthn/registration/PublicKeyCredentialCreationOptionsFilterTests.java index 5caffc365bb..38a108844c6 100644 --- a/web/src/test/java/org/springframework/security/web/webauthn/registration/PublicKeyCredentialCreationOptionsFilterTests.java +++ b/web/src/test/java/org/springframework/security/web/webauthn/registration/PublicKeyCredentialCreationOptionsFilterTests.java @@ -153,7 +153,7 @@ void doFilterWhenNoCredentials() throws Exception { "residentKey": "required", "userVerification": "preferred" }, - "attestation": "direct", + "attestation": "none", "extensions": { "credProps": true }