Describe the Bug
When attempting to authenticate using the following method:
public PublicKeyCredentialUserEntity authenticate(RelyingPartyAuthenticationRequest request)
from Webauthn4JRelyingPartyOperations the process follows these steps:
- Retrieve an existing credential record:
CredentialRecord existingCredential = this.userCredentials.findByCredentialId(credentialId);
- Save the credential record:
this.userCredentials.save(userCredential);
However, the save method attempts to execute the following SQL insert:
// @formatter:off
private static final String SAVE_CREDENTIAL_RECORD_SQL = "INSERT INTO " + TABLE_NAME
+ " (" + COLUMN_NAMES + ") VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
This results in a duplicate primary key exception, as the credential record already exists in the database.
I don't know if I'm missing something.
Comment From: Borghii
@franticticktick can you revise it?
Comment From: franticticktick
Hi @Borghii , thanks for this catch :) it will be fixed via https://github.com/spring-projects/spring-security/pull/16621
Comment From: jzheaux
Thanks for reporting this, @Borghii. I'll close this in favor of @franticticktick's PR.