From 12e24eab174ecab2050248962582908e31f15cd5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Zden=C4=9Bk=20=C4=8Cern=C3=BD?= <zdenek.cerny@wultra.com>
Date: Wed, 20 Nov 2024 12:32:00 +0100
Subject: [PATCH] fix #1776: Assertion of allowed credentials ID is always
 false

---
 .../app/server/service/fido2/PowerAuthAssertionProvider.java    | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/fido2/PowerAuthAssertionProvider.java b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/fido2/PowerAuthAssertionProvider.java
index 017146bef..a3e961d84 100644
--- a/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/fido2/PowerAuthAssertionProvider.java
+++ b/powerauth-java-server/src/main/java/io/getlime/security/powerauth/app/server/service/fido2/PowerAuthAssertionProvider.java
@@ -280,7 +280,7 @@ private Map<String, Object> prepareAdditionalData(
         final Map<String, Object> additionalData = new LinkedHashMap<>();
         additionalData.put(ATTR_ACTIVATION_ID, authenticatorDetail.getActivationId());
         additionalData.put(ATTR_APPLICATION_ID, authenticatorDetail.getApplicationId());
-        additionalData.put(ATTR_CREDENTIAL_ID, authenticatorData.getAttestedCredentialData().getCredentialId());
+        additionalData.put(ATTR_CREDENTIAL_ID, authenticatorDetail.getCredentialId());
         additionalData.put(ATTR_AUTH_FACTOR, supportedSignatureType(authenticatorDetail, authenticatorData.getFlags().isUserVerified()));
         additionalData.put(ATTR_ORIGIN, clientDataJSON.getOrigin());
         additionalData.put(ATTR_TOP_ORIGIN, clientDataJSON.getTopOrigin());