Add serialize/deserialize PublicKeyCredentialCreationOptions support with ObjectMapper
#16434
Labels
Comments
rwinch
added
status: waiting-for-triage
|
I will give it a go. |
justincranford
added a commit
to justincranford/spring-security
that referenced
this issue
Jan 19, 2025
justincranford
added a commit
to justincranford/spring-security
that referenced
this issue
Jan 20, 2025
…icKeyCredentialRequestOptions support with ObjectMapper spring-projectsgh-16433 PublicKeyCredentialRequestOptions spring-projectsgh-16434 PublicKeyCredentialCreationOptions
justincranford
added a commit
to justincranford/spring-security
that referenced
this issue
Jan 20, 2025
…icKeyCredentialRequestOptions support with ObjectMapper spring-projectsgh-16433 PublicKeyCredentialRequestOptions spring-projectsgh-16434 PublicKeyCredentialCreationOptions
justincranford
added a commit
to justincranford/spring-security
that referenced
this issue
Jan 25, 2025
…icKeyCredentialRequestOptions support with ObjectMapper Signed-off-by: Justin Cranford <[email protected]> spring-projectsgh-16433 PublicKeyCredentialRequestOptions spring-projectsgh-16434 PublicKeyCredentialCreationOptions
justincranford
added a commit
to justincranford/spring-security
that referenced
this issue
Jan 25, 2025
…icKeyCredentialRequestOptions support with ObjectMapper Signed-off-by: Justin Cranford <[email protected]> spring-projectsgh-16433 PublicKeyCredentialRequestOptions spring-projectsgh-16434 PublicKeyCredentialCreationOptions
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Spring Security should add support for serialize/deserialize
PublicKeyCredentialCreationOptionswithObjectMapperso it is easier to persist with Spring Session.NOTE:
WebauthnJackson2Moduleis used for reading/writing to the HTTP Response which includes untrusted inputs. This means that it cannot enable default-typing otherwise it could create deserialization vulnerabilities.The text was updated successfully, but these errors were encountered: