jasonh9
commented
5 years ago I wasn't able to get it paired with webauthn.io,
chrome version : 74.0.3729.169 (Official Build) (64-bit)
android sdk: API 28 android 9
Open jasonh9 opened 5 years ago
jasonh9
commented
5 years ago I wasn't able to get it paired with webauthn.io,
chrome version : 74.0.3729.169 (Official Build) (64-bit)
android sdk: API 28 android 9
GitPointer
commented
5 years ago @jasonh9 - I also faced the paring issue on chrome with windows. To do the paring on Mac you can follow the below steps:
Trojan295
commented
5 years ago I personally have to pair my phone via the Windows pairing. When my phone receives the intent BluetoothDevice.ACTION_PAIRING_REQUEST it has the extra EXTRA_PAIRING_VARIANT set to 3. https://developer.android.com/reference/android/bluetooth/BluetoothDevice#EXTRA_PAIRING_VARIANT states it can only have the value 0 or 2, so I'm confused. Finally Android shows a prompt with a random passkey, but I already had to put a passkey, cause Chrome sends the pairing request after asking for the passkey.
On the other hand, I don't know how to handle the pairing in the application, without passing it to the Android system.
An another issue I have, is that on Chrome, if I go directly to https://webauthn.io and try to register, then it doesn't work. I first need to use chrome://bluetooth-internals to connect to the device and then, in a new tab, open https://webauthn.io and it works. Don't know why, but the Chrome bluetooth authentication prompt doesn't connect to my device.
chellams
commented
5 years ago @jasonh9 I faced the same issue. As per documentation, If you are using Chrome, you need to add service data to your Advertising packets. Please check here for more information.
trialsNow
commented
5 years ago Did anyone face this issue? I launched webauthn.io in chrome and try to register. It starts to look through security key via bluetooth .. and android prints this, the user is denied
2019-07-02 14:27:56.752 18284-18298/org.myhightech.u2ftoken V/BLEProfile: onCharacteristicWriteRequest characteristic: f1d0fff1-deaa-ecee-b42f-c9ba7ed623bb, value: [-125, 0, -82, 1, -91, 1, 88, 32, -30, -89, 12, 76, 114, 106, 61, -70, 40, 114, 92, 41, 64, 81, -92, 73, -120, -80, 30, 68, -44, -8, -48, -46, -107, -8, 6, -31, -42, -33, -119, -55, 2, -94, 98, 105, 100, 108, 119, 101, 98, 97, 117, 116, 104, 110, 46, 111, 114, 103, 100, 110, 97, 109, 101, 108, 87, 101, 98, 65, 117, 116, 104, 110, 46, 111, 114, 103, 3, -93, 98, 105, 100, 80, 15, -63, 58, -65, -25, -9, -9, 116, 104, 20, 36, 72, 63, -117, -9, -92, 100, 110, 97, 109, 101, 101, 107, 108, 106, 107, 106, 107, 100, 105, 115, 112, 108, 97, 121, 78, 97, 109, 101, 101, 107, 108, 106, 107, 106, 4, -126, -94, 99, 97, 108, 103, 38, 100, 116, 121, 112, 101, 106, 112, 117, 98, 108, 105, 99, 45, 107, 101, 121, -94, 99, 97, 108, 103, 57, 1, 0, 100, 116, 121, 112, 101, 106, 112, 117, 98, 108, 105, 99, 45, 107, 101, 121, 5, -128]
2019-07-02 14:27:56.752 18284-18298/org.myhightech.u2ftoken V/FIDO2AuthenticatorService: getCharacteristics
2019-07-02 14:27:56.752 18284-18298/org.myhightech.u2ftoken V/FIDO2AuthenticatorService: onCharacteristicsWrite U2F_CONTROL_POINT recv
2019-07-02 14:27:56.757 18284-18298/org.myhightech.u2ftoken V/FIDO2AuthenticatorService: onCharacteristicsWrite FIDO2Packet received (-125)
2019-07-02 14:27:56.762 18284-18369/org.myhightech.u2ftoken V/FIDO2Token: dispatch, command 1
2019-07-02 14:27:56.820 18284-18369/org.myhightech.u2ftoken V/FIDO2Token: register FIDO2 token
2019-07-02 14:27:56.826 18284-18284/org.myhightech.u2ftoken V/FIDO2Token: denied called, user denied
2019-07-02 14:27:57.108 18284-18298/org.myhightech.u2ftoken D/BluetoothGattServer: onConnectionUpdated() - Device=8C:85:90:7A:D2:A6 interval=12 latency=0 timeout=200 status=0
2019-07-02 14:27:57.108 18284-18300/org.myhightech.u2ftoken D/BluetoothGattServer: onConnectionUpdated() - Device=8C:85:90:7A:D2:A6 interval=12 latency=0 timeout=200 status=0
2019-07-02 14:27:57.329 18284-18369/org.myhightech.u2ftoken V/FIDO2AuthenticatorService: sendKeepAlive
2019-07-02 14:27:57.346 18284-18369/org.myhightech.u2ftoken V/FIDO2Token: register, user denied```
Any idea why this is denied?@trialsNow what Android device are you using?
trialsNow
commented
5 years ago Android 9 Google Pixel
Trojan295
commented
5 years ago Hmm.. the biometric auth doesn't work for some reason. I will add an option to confirm the authentication by simply pressing a button, so you can test it without the biometric auth.
@trialsNow I've tested it only on a OnePlus 5T and I don't have any other Android devices, so the only thing I could ask you is to make your hands dirty and debug/fix the code to make it work and maybe send a PR...
andreaulshagen
commented
5 years ago Thanks for the sample app, great help. I am not able to get past the 6 digit pin i webauthn.io. how are you able to do this?
Trojan295
commented
5 years ago @andreaulshagen, in fact I'm having the same problem. Android generates the pin code after you have to put it in the browser so it's not really working fine.
You can try to pair it via your standard OS method and then open try on webauthn.io. If you still have problems then try first https://googlechrome.github.io/samples/web-bluetooth/device-information-characteristics.html and check, if you are getting the Device Info. It's not really stable and sometimes the WebAuth BLE in doesn't connect to the device, but using the Web Bluetooth API you can establish the connection to the smartphone. After that try webauthn.io again.
@Chellapandi, is the problem @andreaulshagen has, solvable by setting the service data in the Advertising packets?
chellams
commented
5 years ago Hi All, When Chrome not able to find your BLE authenticator, you should try with service data. But I am not aware of these 6 digit PIN things. Sorry.
On Tue, 16 Jul, 2019, 7:07 PM Damian Czaja, notifications@github.com wrote:
@andreaulshagen https://github.com/andreaulshagen, in fact I'm having the same problem. Android generates the pin code after you have to put it in the browser so it's not really pairing.
You can try to pair it via your standard OS method and then open try on webauthn.io. If you still have problems then try first https://googlechrome.github.io/samples/web-bluetooth/device-information-characteristics.html and check, if you are getting the Device Info. It's not really stable and sometimes the WebAuth BLE in doesn't connect to the device, but using the Web Bluetooth API you can establish the connection to the smartphone. After that try webauthn.io again.
@Chellapandi https://github.com/Chellapandi, is the problem @andreaulshagen https://github.com/andreaulshagen has, solvable by setting the service data in the Advertising packets?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/Trojan295/android-webauthn-token/issues/1?email_source=notifications&email_token=AGLEFSGI5PTSM7IYD5VUPWTP7XFK7A5CNFSM4HZOPZU2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD2A343I#issuecomment-511819373, or mute the thread https://github.com/notifications/unsubscribe-auth/AGLEFSA3RG5UPTO2N5JWY6TP7XFK7ANCNFSM4HZOPZUQ .
andreaulshagen
commented
5 years ago Hi again, i managed to get past the 6 digit pin. As said i needed to connect through Bluetooth internal first. But that issue gone, it does not verify the token, it just times out. Do you have a solution for this?
Thanks.
Trojan295
commented
5 years ago @andreaulshagen, can you try to use the Bluetooth internals to connect to the device (GATT Connected should be connected and you should see the BLE services list). Don't know why, but Chrome isn't connecting to the device in BLE Web Authentication, so I have to establish an connection myself...
chellams
commented
5 years ago @andreaulshagen , Did you add .addServiceData(getPrimaryServiceUUID(), byteArrayOf(192.toByte())) to your advertise data? Just give a try with this. Its working form me.
mehakzahra1
commented
5 years ago I am also facing the pairing issue on chrome with Mac. I am using Mac Chrome version 75.0.3770.90 and I also tried a connection with chrome://bluetooth-internals/#adapter my device is listed on the panel but I am not able to pair it with WebAuthn.
Trojan295
commented
5 years ago @mehakzahra1 try to pair it using you OS, not via the browser. I wasn't able to get the pairing via browser working and I don't know, if it's a problem with the app or the browser. If you get the FIDO2 service listed in the chrome://bluetooth-internals, then it should be OK.
mehakzahra1
commented
5 years ago @Trojan295 thank you for the reply. I was trying to pair it via the browser. I will try to pair it via OS and share the logs.
mehakzahra1
commented
5 years ago @mehakzahra1 try to pair it using you OS, not via the browser. I wasn't able to get the pairing via browser working and I don't know, if it's a problem with the app or the browser. If you get the FIDO2 service listed in the chrome://bluetooth-internals, then it should be OK.
@Trojan295 I am able to pair it via OS and I am getting the fido2 service. Attached is the screenshot but I am not able to pair it via browser as I need to test this on webauth.io.
Trojan295
commented
5 years ago @mehakzahra1, after you successfully have the FIDO service in the bluetooth-internal and you test it on webauthn.io (in the same browser session) you are still asked for pairing?
mehakzahra1
commented
5 years ago @mehakzahra1, after you successfully have the FIDO service in the bluetooth-internal and you test it on webauthn.io (in the same browser session) you are still asked for pairing?
@Trojan295 thank you for the reply. I am able to pair it via OS but after Fido2 service success when I test it on webauthn.io on the same browser I am not able to see my device.
fabiogermann
commented
2 years ago for anyone looking for help on this topic: https://chromestatus.com/feature/4895365459345408 tl;dr: BLE authenticator support was removed from chrome.
forwarding the questions from the webauthn repo,