Add 'REVOKED' status to authenticator status checks (#645)

marcriemer · Spomky · web-flow · commit 430c57cfc680 · 2025-01-04T10:47:58.000+01:00
This update includes the 'REVOKED' status in the list of valid authenticator status checks. It ensures proper handling and validation for revoked authenticators in metadata service processing.

Co-authored-by: Florent Morselli &lt;florent.morselli@spomky-labs.com&gt;
diff --git a/src/webauthn/src/MetadataService/Statement/StatusReport.php b/src/webauthn/src/MetadataService/Statement/StatusReport.php
@@ -63,6 +63,7 @@ public function isCompromised(): bool
             AuthenticatorStatus::USER_KEY_PHYSICAL_COMPROMISE,
             AuthenticatorStatus::USER_KEY_REMOTE_COMPROMISE,
             AuthenticatorStatus::USER_VERIFICATION_BYPASS,
+            AuthenticatorStatus::REVOKED,
         ], true);
     }
 

Original file line number	Diff line number	Diff line change
`@@ -63,6 +63,7 @@ public function isCompromised(): bool`
`63`	`63`	`AuthenticatorStatus::USER_KEY_PHYSICAL_COMPROMISE,`
`64`	`64`	`AuthenticatorStatus::USER_KEY_REMOTE_COMPROMISE,`
`65`	`65`	`AuthenticatorStatus::USER_VERIFICATION_BYPASS,`
	`66`	`+ AuthenticatorStatus::REVOKED,`
`66`	`67`	`], true);`
`67`	`68`	`}`
`68`	`69`