From 9a5e8acb3e8e1fe217d3d488a5da637be97c2553 Mon Sep 17 00:00:00 2001
From: yush <yushuhao_code@163.com>
Date: Sun, 20 Aug 2023 12:50:19 +0800
Subject: [PATCH] Update FidoRegistrationController.java

---
 .../webauthn/controller/fido/FidoRegistrationController.java | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/server/src/main/java/org/orquanet/webauthn/controller/fido/FidoRegistrationController.java b/server/src/main/java/org/orquanet/webauthn/controller/fido/FidoRegistrationController.java
index f6c1935..c20fc9e 100644
--- a/server/src/main/java/org/orquanet/webauthn/controller/fido/FidoRegistrationController.java
+++ b/server/src/main/java/org/orquanet/webauthn/controller/fido/FidoRegistrationController.java
@@ -39,7 +39,6 @@
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpSession;
-import javax.websocket.server.PathParam;
 import java.util.*;
 import java.util.stream.Collectors;
 
@@ -131,7 +130,7 @@ public ResponseEntity<PublicKeyCredentialCreationOptions> register(@RequestBody
     @CrossOrigin(origins = "${webauthn.origins.allowed}", allowCredentials = "true", methods = {RequestMethod.POST})
     @PostMapping(path = "/registration/final/{id}", consumes = MediaType.APPLICATION_JSON_VALUE,produces = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(HttpStatus.CREATED)
-    public void registerFinal(@PathParam ("id") String id,@RequestBody AuthenticatorAttestationResponseWrapper authenticatorAttestationResponseWrapper, HttpServletRequest request) throws Exception {
+    public void registerFinal(@PathVariable ("id") String id,@RequestBody AuthenticatorAttestationResponseWrapper authenticatorAttestationResponseWrapper, HttpServletRequest request) throws Exception {
 
         HttpSession session = request.getSession();
         WebauthnSession webauthnSession = (WebauthnSession) session.getAttribute(REGISTRATION_SESSION_NAME);
@@ -139,7 +138,7 @@ public void registerFinal(@PathParam ("id") String id,@RequestBody Authenticator
 
         String fidoId = webauthnSession.getFidoUser().getFidoId();
 
-        if(fidoId == null || fidoId.equals(id)){
+        if(fidoId == null || !fidoId.equals(id)){
             throw new RegistrationException("Invalid Fido User Id");
         }