Skip to content

Commit

Permalink
Handle zero matching credentials in allow_list
Browse files Browse the repository at this point in the history
  • Loading branch information
@dainnilsson
dainnilsson committed Oct 16, 2024
1 parent 696a16d commit 9b5b22e
Showing 1 changed file with 18 additions and 11 deletions.
29 changes: 18 additions & 11 deletions fido2/client.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -483,17 +483,24 @@ def _filter_creds(
version = None
matches = []
for chunk in chunks:
assertions = self.ctap2.get_assertions(
rp_id,
client_data_hash,
_cbor_list(chunk),
None,
{"up": False},
pin_auth,
version,
event=event,
on_keepalive=on_keepalive,
)
try:
assertions = self.ctap2.get_assertions(
rp_id,
client_data_hash,
_cbor_list(chunk),
None,
{"up": False},
pin_auth,
version,
event=event,
on_keepalive=on_keepalive,
)
except CtapError as e:
if e.code == CtapError.ERR.NO_CREDENTIALS:
# All creds in chunk are discarded
continue
raise

if len(chunk) == 1 and len(assertions) == 1:
# Credential ID might be omitted from assertions
matches.append(chunk[0])
Expand Down

0 comments on commit 9b5b22e

Please sign in to comment.