Fix credential parameters conversion to WebAuthn4j

ltanguy · web-flow · commit 92048529d22b · 2025-06-10T14:56:13.000+02:00
Replace comparison with != operator by an .equals() comparison based on text value.
The 2 objects have the same value in most setups, but not when used in conjunction with Spring Session for example, as the object in session is built for each request

Signed-off-by: ltanguy &lt;loeiz.tanguy@gmail.com&gt;
diff --git a/web/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java b/web/src/main/java/org/springframework/security/web/webauthn/management/Webauthn4JRelyingPartyOperations.java
@@ -304,7 +304,7 @@ private List<com.webauthn4j.data.PublicKeyCredentialParameters> convertCredentia
 
 	private com.webauthn4j.data.PublicKeyCredentialParameters convertParamToWebauthn4j(
 			PublicKeyCredentialParameters parameter) {
-		if (parameter.getType() != PublicKeyCredentialType.PUBLIC_KEY) {
+		if (!PublicKeyCredentialType.PUBLIC_KEY.getValue().equals(parameter.getType().getValue())) {
 			throw new IllegalArgumentException(
 					"Cannot convert unknown credential type " + parameter.getType() + " to webauthn4j");
 		}

Original file line number	Diff line number	Diff line change
`@@ -304,7 +304,7 @@ private List<com.webauthn4j.data.PublicKeyCredentialParameters> convertCredentia`
`304`	`304`
`305`	`305`	`private com.webauthn4j.data.PublicKeyCredentialParameters convertParamToWebauthn4j(`
`306`	`306`	`PublicKeyCredentialParameters parameter) {`
`307`		`- if (parameter.getType() != PublicKeyCredentialType.PUBLIC_KEY) {`
	`307`	`+ if (!PublicKeyCredentialType.PUBLIC_KEY.getValue().equals(parameter.getType().getValue())) {`
`308`	`308`	`throw new IllegalArgumentException(`
`309`	`309`	`"Cannot convert unknown credential type " + parameter.getType() + " to webauthn4j");`
`310`	`310`	`}`