diff --git a/app/Http/Controllers/WebAuthn/WebAuthnLoginController.php b/app/Http/Controllers/WebAuthn/WebAuthnLoginController.php index 34b7d5b9014..18f7703b289 100644 --- a/app/Http/Controllers/WebAuthn/WebAuthnLoginController.php +++ b/app/Http/Controllers/WebAuthn/WebAuthnLoginController.php @@ -27,7 +27,15 @@ class WebAuthnLoginController */ public function options(AssertionRequest $request): Responsable { - return $request->toVerify($request->validate(['user_id' => 'sometimes|int'])['user_id'] ?? null); + $fields = $request->validate([ + 'user_id' => 'sometimes|int', + 'username' => 'sometimes|string', + ]); + + $username = $fields['username'] ?? null; + $authenticatable = $fields['user_id'] ?? ($username !== null ? ['username' => $username] : null); + + return $request->toVerify($authenticatable); } /** diff --git a/tests/Feature/WebAuthTest.php b/tests/Feature/WebAuthTest.php index 2efd76347f5..f1dedea0299 100644 --- a/tests/Feature/WebAuthTest.php +++ b/tests/Feature/WebAuthTest.php @@ -211,6 +211,34 @@ public function testWebAuthLoginOptions(): void ]); } + /** + * Testing the Login options. + * + * @return void + */ + public function testWebAuthLoginOptionsUsername(): void + { + $this->createCredentials(); + + // Generate a challenge for username = admin + $response = $this->postJson('/api/WebAuthn::login/options', ['username' => 'admin']); + $this->assertOk($response); + + $challengeRetrieved = Session::get(config('webauthn.challenge.key')); + $clg = $challengeRetrieved->data->toBase64Url(); + + $response->assertJson([ + 'timeout' => 60000, + 'challenge' => $clg, + 'allowCredentials' => [ + 0 => [ + 'id' => '_Xlz-khgFhDdkvOWyy_YqC54ExkYyp1o6HAQiybqLST-9RGBndpgI06TQygIYI7ZL2dayCMYm6J1-bXyl72obA', + 'type' => 'public-key', + ], + ], + ]); + } + /** * Testing the Login interface. *