Update webauthn requirement from ==0.4.* to ==2.0.* (#3880)

* Get rid of unmaintained dependency python-u2flib-server * Update webauthn requirement from ==0.4.* to ==2.0.* * Fix tests * Update src/pretix/control/views/auth.py Co-authored-by: Richard Schreiber <schreiber@rami.io> * Update src/pretix/control/views/auth.py Co-authored-by: Richard Schreiber <schreiber@rami.io> * Update src/pretix/control/views/user.py Co-authored-by: Richard Schreiber <schreiber@rami.io> * Update src/pretix/control/views/user.py Co-authored-by: Richard Schreiber <schreiber@rami.io> * Update src/pretix/control/views/user.py Co-authored-by: Richard Schreiber <schreiber@rami.io> --------- Co-authored-by: Richard Schreiber <schreiber@rami.io>
2026-05-04 15:04:03 +00:00 · 2024-02-14 13:27:24 +01:00
parent 7b5ce5e198
commit 57738f19bf
8 changed files with 196 additions and 206 deletions
--- a/src/tests/control/test_auth.py
+++ b/src/tests/control/test_auth.py
@@ -45,6 +45,9 @@ from django.test import TestCase, override_settings
 from django.utils.timezone import now
 from django_otp.oath import TOTP
 from django_otp.plugins.otp_totp.models import TOTPDevice
+from webauthn.authentication.verify_authentication_response import (
+    VerifiedAuthentication,
+)

 from pretix.base.models import U2FDevice, User
 from pretix.helpers import security
@@ -382,7 +385,7 @@ class Login2FAFormTest(TestCase):
            raise Exception("Failed")

        m = self.monkeypatch
-        m.setattr("webauthn.WebAuthnAssertionResponse.verify", fail)
+        m.setattr("webauthn.verify_authentication_response", fail)
        U2FDevice.objects.create(
            user=self.user, name='test',
            json_data='{"appId": "https://local.pretix.eu", "keyHandle": '
@@ -403,7 +406,10 @@ class Login2FAFormTest(TestCase):

    def test_u2f_valid(self):
        m = self.monkeypatch
-        m.setattr("webauthn.WebAuthnAssertionResponse.verify", lambda *args, **kwargs: 1)
+        m.setattr("webauthn.verify_authentication_response",
+                  lambda *args, **kwargs: VerifiedAuthentication(
+                      b'', 1, 'single_device', True,
+                  ))

        U2FDevice.objects.create(
            user=self.user, name='test',
--- a/src/tests/control/test_user.py
+++ b/src/tests/control/test_user.py
@@ -40,7 +40,9 @@ from django_otp.oath import TOTP
 from django_otp.plugins.otp_static.models import StaticDevice
 from django_otp.plugins.otp_totp.models import TOTPDevice
 from tests.base import SoupTest, extract_form_fields
-from webauthn import WebAuthnCredential
+from webauthn.registration.verify_registration_response import (
+    VerifiedRegistration,
+)

 from pretix.base.models import (
    Event, Organizer, U2FDevice, User, WebAuthnDevice,
@@ -356,9 +358,9 @@ class UserSettings2FATest(SoupTest):
            }, follow=True)

        m = self.monkeypatch
-        m.setattr("webauthn.WebAuthnRegistrationResponse.verify",
-                  lambda *args, **kwargs: WebAuthnCredential(
-                      '', '', b'asd', b'foo', 1
+        m.setattr("webauthn.verify_registration_response",
+                  lambda *args, **kwargs: VerifiedRegistration(
+                      b'', b'', 1, '', 'foo', 'public-key', True, b'', 'single_device', True
                  ))

        d = WebAuthnDevice.objects.first()