authenticate: fix internal url with webauthn (#3194) (#3195)

Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
2025-06-06 12:52:53 +02:00 · 2022-03-28 07:03:41 -06:00 · 2022-03-28 07:03:41 -06:00 · 95df8c5447
commit 95df8c5447
parent e55b581f61
4 changed files with 47 additions and 31 deletions
--- a/authenticate/handlers.go
+++ b/authenticate/handlers.go
@ -731,20 +731,26 @@ func (a *Authenticate) getWebauthnState(ctx context.Context) (*webauthn.State, e
 		return nil, err
 	}

+	internalAuthenticateURL, err := a.options.Load().GetInternalAuthenticateURL()
+	if err != nil {
+		return nil, err
+	}
+
 	pomeriumDomains, err := a.options.Load().GetAllRouteableHTTPDomains()
 	if err != nil {
 		return nil, err
 	}

 	return &webauthn.State{
-		AuthenticateURL: authenticateURL,
-		SharedKey:       state.sharedKey,
-		Client:          state.dataBrokerClient,
-		PomeriumDomains: pomeriumDomains,
-		Session:         s,
-		SessionState:    ss,
-		SessionStore:    state.sessionStore,
-		RelyingParty:    state.webauthnRelyingParty,
+		AuthenticateURL:         authenticateURL,
+		InternalAuthenticateURL: internalAuthenticateURL,
+		SharedKey:               state.sharedKey,
+		Client:                  state.dataBrokerClient,
+		PomeriumDomains:         pomeriumDomains,
+		Session:                 s,
+		SessionState:            ss,
+		SessionStore:            state.sessionStore,
+		RelyingParty:            state.webauthnRelyingParty,
 	}, nil
 }