Hello everyone,
I was wondering if I can get some guidance with a problem running /assertion tests that I'm facing right now during FIDO 2.0 Server certification. I'm using WebAuthn.go (
https://github.com/duo-labs/webauthn) as dependency.
For /assertion/options (GetAssertion Request), the conformance tools asks for the Credential.ID to be base64URL(without padding). The only way to be compliant with that test is to strip characters (+,/,-,_, and =) from the ID. Is this a correct approach? As the ID is generated by WebAuthn.go dependency we are using. With that change the test run just fine.
Then, I'm facing a problem with /assertion/options (GetAssertion Response) in which the conformance tools only sends the first step to register the credential and our Server responds OK. The tool takes the response and returns this error "Error: the string "Error while getting assertion: Error: Credential with ID \"JCd7EmC8GAqk16Nty9tTUvviVCtckIlmIq31mWi3b4U\" does not exist!" was thrown, throw an Error :)"
I don't understand why attestation/options works just fine and then in assertion/result it fails.
Thanks in advance,
Gastón