search

MasterKale / SimpleWebAuthn

WebAuthn, Simplified. A collection of TypeScript-first libraries for simpler WebAuthn integration. Supports modern browsers, Node, Deno, and more.
https://simplewebauthn.dev
MIT License
1.62k stars 137 forks source link

verifyRegistrationResponse() errors with "Insufficient data" #462

Closed Saif-Shines closed 1 year ago

Saif-Shines commented 1 year ago

Describe the issue

I am building a simple app to try web authn. During the registration, I followed I successfully generated registration options and passed them to verify them. Despite many efforts, always see verifyRegistrationResponse(..) returning Error: Insufficient data.

Code Samples + WebAuthn Options and Responses

The following the JSON that clients sends to the server as part of verification:

{
  id: "redacted", 
  rawId: "redacted",
  response: {
    attestationObject: "redacted",
    clientDataJSON: "redacted", 
    transports: ["hybrid", "internal"],
    publicKeyAlgorithm: -7, 
    publicKey: "redacted",
    authenticatorData: "redacted"
  },
  type: "public-key",
  clientExtensionResults: { 
    credProps: { rk: true }
  },
  authenticatorAttachment: "platform" 
}

Similarly, I do add all the options:

try {
    const options = {
      credential: data,
      expectedChallenge: `${expectedChallenge}`,
      expectedOrigin: `${expectedOrigin}`,
      expectedRPID: rpID,
      requireUserVerification: true,
    };
    verification = await SimpleWebAuthnServer.verifyRegistrationResponse(
      options
    );
  } catch (error) {
    console.log("error during registration verification", error.message);
    return res.status(400).send({ error: error.toString() });
  }

The following is the error I always see:

error during registration verification 224 |       const parser = c._parse()
225 |       let state = parser.next()
226 |       while (!state.done) {
227 |         const b = s.read(state.value)
228 |         if ((b == null) || (b.length !== state.value)) {
229 |           throw new Error('Insufficient data')
                    ^
error: Insufficient data
      at decodeAllSync (/Users/saifas/Masters/coffeemasters-authn/node_modules/cbor/lib/decoder.js:229:16)

Dependencies

SimpleWebAuthn Libraries

$ npm list --depth=0 | grep @simplewebauthn
├── @simplewebauthn/server@6.2.2
MasterKale commented 1 year ago

Hello @Saif-Shines, I notice you're using @simplewebauthn/server@6.2.2. The library has undergone extensive refactoring since November of last year. Please try updating to the latest @simplewebauthn/server@8.2.3 and see if the issue still persists.

MasterKale commented 1 year ago

It's been three weeks with no follow-up so I'm closing this issue out.

Saif-Shines commented 1 year ago

Sorry for no follow up, @MasterKale — updating it to latest has solved the problem.