search

Laragear / webpass

The most simple WebAuthn (Passkeys) helper for browsers.
https://github.com/sponsors/DarkGhostHunter
MIT License
8 stars 0 forks source link

[2.0.1] AttestationCancelled: The credentials creation was not completed. #14

Closed Thotsuya closed 7 months ago

Thotsuya commented 7 months ago

Bundler & Interpreter

Vite 5.2.0 - Node 21.6.2

Browser & OS

Safari 17.4.1 - MacOs Ventura 13.6.6

Have you done this?

Expectation

When attesting I get the error AttestationCancelled: The credentials creation was not completed. I should be able to complete it, as I receive the attest options from the server

Description

I get the credentials creation prompt but then I get the error AttestationCancelled: The credentials creation was not completed.

const onSubmit = async (e) => {
        e.preventDefault();

        const webpass = Webpass.create({
            baseURL: 'http://localhost:8000',
            retry: 3,
            retryDelay: 500,
            headers: {
                "Accept": "application/json",
                "Content-Type": "application/json",
                "X-Requested-With": "XMLHttpRequest"
            },
        })

        const attestOptionsConfig = {
            path: "/webauthn/register/options",
            credentials: "include",
            findCsrfToken: true,
        }

        const attestConfig = {
            path: "/webauthn/register",
            credentials: "include",
            findCsrfToken: true,
            body: {
                alias: alias,
            }
        }

        if(!Webpass.isSupported()){
            alert("Webauthn is not supported in this browser");
            return;
        }

        const { data, success, error } = await webpass.attest(attestOptionsConfig, attestConfig)

        if(success) {
            alert("Passkey added successfully");
            console.log(data)
        }
        else {
            alert(error);
        }

    }

Looking through the package code, the error seems to be here:

let credentials: RegistrationResponseJSON

        try {
            credentials = await startRegistration(attestationOptions)
        } catch (cause) {
            throw newError("AttestationCancelled", "The credentials creation was not completed.", cause)
        }

Debugging, I get no cause in console, but I do get the attestation options 

[Debug] Attestation Options Received – {rp: {name: "langsys", id: "localhost"}, authenticatorSelection: {userVerification: "discouraged"}, user: {id: "0b7dc27555d24e0aa979759c35ebc307", name: "jarliev2@gmail.com", displayName: null}, …} (@laragear_webpass.js, line 1143)
{rp: {name: "langsys", id: "localhost"}, authenticatorSelection: {userVerification: "discouraged"}, user: {id: "0b7dc27555d24e0aa979759c35ebc307", name: "jarliev2@gmail.com", displayName: null}, pubKeyCredParams: [{type: "public-key", alg: -7}, {type: "public-key", alg: -257}, {type: "public-key", alg: -8}], attestation: "none", …}Object

Reproduction

const onSubmit = async (e) => {
        e.preventDefault();

        const webpass = Webpass.create({
            baseURL: 'http://localhost:8000',
            retry: 3,
            retryDelay: 500,
            headers: {
                "Accept": "application/json",
                "Content-Type": "application/json",
                "X-Requested-With": "XMLHttpRequest"
            },
        })

        const attestOptionsConfig = {
            path: "/webauthn/register/options",
            credentials: "include",
            findCsrfToken: true,
        }

        const attestConfig = {
            path: "/webauthn/register",
            credentials: "include",
            findCsrfToken: true,
            body: {
                alias: alias,
            }
        }

        if(!Webpass.isSupported()){
            alert("Webauthn is not supported in this browser");
            return;
        }

        const { data, success, error } = await webpass.attest(attestOptionsConfig, attestConfig)

        if(success) {
            alert("Passkey added successfully");
            console.log(data)
        }
        else {
            alert(error);
        }

    }

Stack trace & logs

No response

DarkGhostHunter commented 7 months ago

That's kind of weird since if there is an exception, the cause should be printed on the console for further debugging.

Did you try to use startRegistration(attestationOptions) directly and check where is the error?

Thotsuya commented 7 months ago

That's kind of weird since if there is an exception, the cause should be printed on the console for further debugging.

Did you try to use startRegistration(attestationOptions) directly and check where is the error?

After doing some research, the error seems to be because the passkey was already registered. After deleting the passkey from the database and icloud keychain it seems to work just fine

DarkGhostHunter commented 7 months ago

the passkey was already registered

Supposedly you can push an attestation options saying you don't want duplicates on the device by just pushing the credentials registered for the user. Supposedly the authenticator would return an UI error saying there is already a credential registered.