Closed theblackhole closed 2 years ago
@theblackhole
Thanks for reporting, i don't own a Yubikey to test, i am not sure if the Electron itself support U2F. There are very less people who are using this method to login. I can mention this in readme.
https://github.com/electron/electron/issues/3226
Some thoughts :
CTRL+SHIFT+I
worked well for me
- snap has less permission, did you granted the removable media permission to this app?
Yes that was my first thought
- CTRL+SHIFT+I worked well for me
Ah it works before I try to login, not when stuck in the loop. Unfortunatly, nothing in console.
- This is not the official google app, google is not going to offer any alternative auth method if they don't yet.
Sorry I wasn't clear. If U2F is not supported, the auth page will display an error + a link at the bottom where you can choose an alternate registered 2FA method. I saw something like that in the past, in an electron app, exactly like this comment from the issue you've linked : https://github.com/electron/electron/issues/3226#issuecomment-743223942
In your case the auth page thinks the U2F is supported but there's no prompt.
In the screenshot below : on the left, what it's doing, on the right, what it's supposed to do if U2F is supported, and on the previous link I posted, there's a screenshot to show what it's supposed to do when U2F isn't supported by the browser
- If you have a public electron app which works with U2F, let me know, i can look into source.
Yes, I'll try to find the one I saw in the past
Also I found related issues from the electron repo. It might be an issue with electron on *nix systems. https://github.com/electron/electron/issues/27355 https://github.com/electron/electron/issues/24573
Maybe in the past it simply wasn't supported, now it may be an OS specific issue.
@theblackhole
Google must be checking some JS APIs, something like:
if (!navigator.credentials || !navigator.credentials.create) {
//try navigator.credentials.get for login instead of create
//tell the user
}
https://stackoverflow.com/questions/35050276/check-browser-for-u2f-capability
If yes, we can PATCH those JS API (via preload script) in electron to make Google's check will fail, then it should prompt for alternate auth method.
If yes, we can PATCH those JS API (via preload script) in electron to make Google's check will fail, then it should prompt for alternate auth method.
That would be nice indeed :)
Also I tried a npm run start
from the sources and the issue is still present (and again, no error in the terminal or devtools console), so it's definitly not related to snap (I discoved the "u2f-devices" interface in the process. Might be useful for later https://snapcraft.io/docs/u2f-devices-interface)
- If you have a public electron app which works with U2F, let me know, i can look into source.page
I found the app I mentionned : https://github.com/yakyak/yakyak It doesn't work with U2F and prompt me to use alternate methods like https://github.com/electron/electron/issues/3226#issuecomment-743223942
The auth UI is different though, I wonder if it's another url or an older version
Thanks, i will go through this app soon
btw, it is using older version (11) of electron
https://github.com/yakyak/yakyak/blob/master/package.json#L87
https://github.com/electron/electron/pull/30438
Electron 16 is set to release on 2021-Nov-16
v2.13.0 has been released
Specs :
Issue :
Hello, I'm using U2F (Yubikey) with my google account and when I want to connect to google-chat-electron, its stuck at "checking your identity" (where you're supposed to have a message from the browser inviting you to plug your security key).
I found a workaroud by going to history > back then it offers me alternative 2FA methods (Authenticator codes, g.co/sc...) I can use.
I would love to help you debugging this issue but the usual shortcuts (F12 and ctrl + shift + I) doesn't work and there's nothing in the logs.
If you can't add U2F support, there might be a way to tell that the app don't support U2F so Google would offer alternate methods directly instead of being stuck in a loop. I think I saw that in another electron app but I forgot which one...