fix: breaking change in webauthn library

yilanboy · yilanboy · commit 34cfe3bc3cba · 2026-05-13T15:52:44.000+08:00
diff --git a/resources/views/pages/auth/⚡login.blade.php b/resources/views/pages/auth/⚡login.blade.php
@@ -22,7 +22,7 @@
 use Webauthn\Exception\AuthenticatorResponseVerificationException;
 use Webauthn\PublicKeyCredential;
 use Webauthn\PublicKeyCredentialRequestOptions;
-use Webauthn\PublicKeyCredentialSource;
+use Webauthn\CredentialRecord;
 use Symfony\Component\Serializer\Exception\ExceptionInterface as SerializerExceptionInterface;
 
 new #[Title('登入')]
@@ -95,16 +95,20 @@ public function loginWithPasskey(Serializer $serializer): void
 
             $rawId = json_decode($data['answer'], true)['rawId'];
 
-            $passkey = Passkey::query()->where('credential_id', $rawId)->where('owner_type', User::class)->first();
+            $passkey = Passkey::query()
+                ->where('credential_id', $rawId)
+                ->where('owner_type', User::class)
+                ->first();
+
 
             if (! $passkey) {
                 $this->dispatch('toast', status: 'danger', message: '密碼金鑰無效');
 
                 return;
             }
 
-            $publicKeyCredentialSource = $serializer->fromJson(json_encode($passkey->data),
-                PublicKeyCredentialSource::class);
+            $credentialRecord = $serializer->fromJson(json_encode($passkey->data),
+                CredentialRecord::class);
 
             $options = Session::get('passkey-authentication-options');
 
@@ -117,21 +121,23 @@ public function loginWithPasskey(Serializer $serializer): void
             $publicKeyCredentialRequestOptions = $serializer->fromJson($options,
                 PublicKeyCredentialRequestOptions::class);
 
-            AuthenticatorAssertionResponseValidator::create(new CeremonyStepManagerFactory()->requestCeremony())
-                ->check(
-                    publicKeyCredentialSource: $publicKeyCredentialSource,
-                    authenticatorAssertionResponse: $publicKeyCredential->response,
-                    publicKeyCredentialRequestOptions: $publicKeyCredentialRequestOptions,
-                    host: request()->getHost(),
-                    userHandle: null
-                );
+            $credentialRecord = AuthenticatorAssertionResponseValidator::create(
+                new CeremonyStepManagerFactory()->requestCeremony()
+            )->check(
+                credentialRecord: $credentialRecord,
+                authenticatorAssertionResponse: $publicKeyCredential->response,
+                publicKeyCredentialRequestOptions: $publicKeyCredentialRequestOptions,
+                host: request()->getHost(),
+                userHandle: null
+            );
         } catch (SerializerExceptionInterface|AuthenticatorResponseVerificationException) {
             $this->dispatch('toast', status: 'danger', message: '密碼金鑰無效');
 
             return;
         }
 
         $passkey->update([
+            'data'         => $serializer->toArray($credentialRecord),
             'last_used_at' => now(),
         ]);
 
