Closed c128128 closed 6 months ago
Hello @c128128, what's the JSON response that gets sent back to /authentication/verification
after you authenticate?
AUTHENTICATION OPTIONS
{
"challenge": "UWgQo34qUMGhspUuCGXz_aebiL0qmC70Fb11llGviYAIkx8XGmbuMRp52JPAmw9VBxK74JaJKkpHYWVosTAd8A",
"timeout": 60000,
"rpId": "webauthn.io",
"allowCredentials": [
{
"id": "aE3nK_bxTbi8Q8oIjPTauA",
"type": "public-key",
"transports": [
"internal",
"hybrid"
]
}
],
"userVerification": "preferred"
}
AUTHENTICATION RESPONSE
{
"id": "aE3nK_bxTbi8Q8oIjPTauA",
"rawId": "aE3nK_bxTbi8Q8oIjPTauA",
"response": {
"authenticatorData": "dKbqkhPJnC90siSSsyDPQCYqlMGpUKA5fyklC2CEHvAdAAAAAA",
"clientDataJSON": "eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiVVdnUW8zNHFVTUdoc3BVdUNHWHpfYWViaUwwcW1DNzBGYjExbGxHdmlZQUlreDhYR21idU1ScDUySlBBbXc5VkJ4Szc0SmFKS2twSFlXVm9zVEFkOEEiLCJvcmlnaW4iOiJodHRwczovL3dlYmF1dGhuLmlvIn0",
"signature": "MEYCIQDROvszXPDSu2tglRxNkheoUvlKcTrUvLXD4hAH4W8grgIhAJi6JBXAfnbvK-CsdTY_MhRh6fAbsHsS-Gw_g-D7rp2Y",
"userHandle": "hM�+��M��C�\b��ڸ"
},
"type": "public-key",
"clientExtensionResults": {},
"authenticatorAttachment": "platform"
}
Looks like it's not a problem with Credential ID
, but with userHandle
.
Hmm, what did you specify for user.id
in your registration options?
Looks like Credential ID is not parsed correctly. From
specs
it can beAt least 16 bytes that include at least 100 bits of entropy
but when we use a newly 16 bytes data (an UUID), we get this error (check image). But ifCredential ID
is a valid ASCII string that all is working as expected.