search

Yubico / yubikit-android

Yubico Mobile Android SDK - YubiKit
Apache License 2.0
103 stars 38 forks source link

Error code: SECURITY_ERR error message: The incoming request cannot be validated #9

Closed fengchuanfang closed 4 years ago

fengchuanfang commented 4 years ago

This error might be caused by a missing or incorrect 'assetlinks.json' file. This file must contain an entry for this app to be allowed, with the following values: package_name: "com.yubico.yubikit.demo" sha256_cert_fingerprint: ["4D:FF:F8:BA:C0:0C:6E:27:BC:C8:9C:64:DC:83:44:AE:A7:75:EE:38:BE:DB:0C:60:1F:A4:E1:66:4A:CD:C2:03"] The file must be reachable at https://demo.yubico.com/.well-known/assetlinks.json sample: https://demo.yubico.com/.well-known/assetlinks.json com.yubico.yubikit.demo E/Fido2ViewModel: The incoming request cannot be validated com.yubico.yubikit.fido.exceptions.FidoSecurityException: The incoming request cannot be validated at com.yubico.yubikit.fido.Fido2ClientApi.parseError(Fido2ClientApi.java:232) at com.yubico.yubikit.fido.Fido2ClientApi.getAuthenticatorResponse(Fido2ClientApi.java:205) at com.yubico.yubikit.demo.fido.Fido2ViewModel.onActivityResult(Fido2ViewModel.kt:150) at com.yubico.yubikit.demo.fido.signin.BaseLoginFragment.onActivityResult(BaseLoginFragment.kt:121) at com.yubico.yubikit.demo.fido.FidoActivity.onActivityResult(FidoActivity.kt:31) at android.app.Activity.dispatchActivityResult(Activity.java:8292) at android.app.ActivityThread.deliverResults(ActivityThread.java:5090) at android.app.ActivityThread.handleSendResult(ActivityThread.java:5138) at android.app.servertransaction.ActivityResultItem.execute(ActivityResultItem.java:51) at android.app.servertransaction.TransactionExecutor.executeCallbacks(TransactionExecutor.java:135) at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:95) at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2147) at android.os.Handler.dispatchMessage(Handler.java:107) at android.os.Looper.loop(Looper.java:237) at android.app.ActivityThread.main(ActivityThread.java:7811) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1076)

imakhalova commented 4 years ago

Hello @fengchuanfang , thank you for your issue report. Do you have any other logs (not only from this application, but system output)? What error message you have you seen on UI?

Some information: this error means that there Google API returned SECURITY_ERR error code. We're aware of 1 of reasons why this happens: when server doesn't know about this application. But it seems like it's not your scenario. So it would be nice to figure out what is the root cause.

What device do you have? Does it have google play services installed?

imakhalova commented 4 years ago

I think one of the reasons for security error can also be unprotected phone. Do you have screen lock?

fengchuanfang commented 4 years ago

Clone the latest code and run it directly.Again, the error message is as follows

com.yubico.yubikit.demo E/Fido2ClientApi: Error code: SECURITY_ERR error message: The incoming request cannot be validated com.yubico.yubikit.demo E/Fido2ClientApi: This error might be caused by a missing or incorrect 'assetlinks.json' file. This file must contain an entry for this app to be allowed, with the following values: package_name: "com.yubico.yubikit.demo" sha256_cert_fingerprint: ["4D:FF:F8:BA:C0:0C:6E:27:BC:C8:9C:64:DC:83:44:AE:A7:75:EE:38:BE:DB:0C:60:1F:A4:E1:66:4A:CD:C2:03"] The file must be reachable at https://demo.yubico.com/.well-known/assetlinks.json sample: https://demo.yubico.com/.well-known/assetlinks.json com.yubico.yubikit.demo E/Fido2ViewModel: The incoming request cannot be validated com.yubico.yubikit.fido.exceptions.FidoSecurityException: The incoming request cannot be validated at com.yubico.yubikit.fido.Fido2ClientApi.parseError(Fido2ClientApi.java:270) at com.yubico.yubikit.fido.Fido2ClientApi.getAuthenticatorResponse(Fido2ClientApi.java:243) at com.yubico.yubikit.demo.fido.Fido2ViewModel.onActivityResult(Fido2ViewModel.kt:151) at com.yubico.yubikit.demo.fido.signin.BaseLoginFragment.onActivityResult(BaseLoginFragment.kt:119) at androidx.fragment.app.FragmentActivity.onActivityResult(FragmentActivity.java:170) at android.app.Activity.dispatchActivityResult(Activity.java:8292) at android.app.ActivityThread.deliverResults(ActivityThread.java:5090) at android.app.ActivityThread.handleSendResult(ActivityThread.java:5138) at android.app.servertransaction.ActivityResultItem.execute(ActivityResultItem.java:51) at android.app.servertransaction.TransactionExecutor.executeCallbacks(TransactionExecutor.java:135) at android.app.servertransaction.TransactionExecutor.execute(TransactionExecutor.java:95) at android.app.ActivityThread$H.handleMessage(ActivityThread.java:2147) at android.os.Handler.dispatchMessage(Handler.java:107) at android.os.Looper.loop(Looper.java:237) at android.app.ActivityThread.main(ActivityThread.java:7811) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.RuntimeInit$MethodAndArgsCaller.run(RuntimeInit.java:493) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1076)

fengchuanfang commented 4 years ago

Sorry, I have solved this problem, it is caused by the bad network