From a93017c887222261a9fbcf76a5b73abba9b376a4 Mon Sep 17 00:00:00 2001
From: Florent Morselli <florent.morselli@spomky-labs.com>
Date: Sat, 4 Jan 2025 10:42:15 +0100
Subject: [PATCH] Add 'REVOKED' status to authenticator status checks

This update includes the 'REVOKED' status in the list of valid authenticator status checks. It ensures proper handling and validation for revoked authenticators in metadata service processing.
---
 src/webauthn/src/MetadataService/Statement/StatusReport.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/webauthn/src/MetadataService/Statement/StatusReport.php b/src/webauthn/src/MetadataService/Statement/StatusReport.php
index c0cc4279..0ab13517 100644
--- a/src/webauthn/src/MetadataService/Statement/StatusReport.php
+++ b/src/webauthn/src/MetadataService/Statement/StatusReport.php
@@ -63,6 +63,7 @@ public function isCompromised(): bool
             AuthenticatorStatus::USER_KEY_PHYSICAL_COMPROMISE,
             AuthenticatorStatus::USER_KEY_REMOTE_COMPROMISE,
             AuthenticatorStatus::USER_VERIFICATION_BYPASS,
+            AuthenticatorStatus::REVOKED,
         ], true);
     }