Closed asimaranov closed 1 month ago
Hi @asimaranov
thank you for bringing this up! I'll have a look at it.
Hi team,
Just want to add my investigation onto the pile here - I printed out the output of NativePasskey.register()
which was relevantly:
{
"response": {
"clientDataJSON": "xxx",
"attestationObject": "xxx",
"transports": [
"internal",
"hybrid"
]
},
"authenticatorAttachment": "platform",
"clientExtensionResults": {
"credProps": {
"rk": false
}
},
"id": "AbUZWsr6+b94Aea2iNfDO+/wNAmkHKTA/SzjxmkiWi1Ph6LKzLFoQoY4gdyuZnlFJ4pjtWjz8lxtHIt9kL8Sl9c=",
"rawId": "AbUZWsr6+b94Aea2iNfDO+/wNAmkHKTA/SzjxmkiWi1Ph6LKzLFoQoY4gdyuZnlFJ4pjtWjz8lxtHIt9kL8Sl9c=",
"type": "public-key"
}
Note that I believe the above "proves" the assetlinks.json
configuration is valid as the passkey would not be created unless it can link it to a valid origin (which I have redacted here).
I then attempt to (using the exact same configuration) call Passkey.authenticate(requestJSON)
where requestJSON
is:
{
challenge: 'abc123',
allowCredentials: [
{
id: 'AbUZWsr6-b94Aea2iNfDO-_wNAmkHKTA_SzjxmkiWi1Ph6LKzLFoQoY4gdyuZnlFJ4pjtWjz8lxtHIt9kL8Sl9c',
type: "public-key",
transports: ["internal", "hybrid"],
}
],
"timeout": 1800000,
"userVerification": "required",
rpId: 'xxx',
}
But I also receive:
{"error": "NoCredentials", "message": "No viable credential is available for the user."}
I have also tried using a base64
formatted id (as opposed to the above base64url
formatted id). Am I correct in thinking this is related to this thread; or do I have a device-specific issue, or am I missing something else here...? I hope this helps nonetheless!
P.s. @asimaranov, how are you obtaining the stack trace - does it print out of React Native or are you doing something else in Android Studio?
This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.
This issue was closed because it has been stalled for 5 days with no activity.
Function
PasskeyAndroid.register
transforms the returnedcredentialId
from base64url to base64:When this
credentialId
is used later inauthenticate
, it's still transformed tobase64
format while android expectsbase64url
. Android fails to decode the credentialId if it ends with==
:And returns error:
Possible fixes: Return rawId with value returned by platform to use it in
authenticate
. Add base64 to base64url credentialId transformation based on current platform inauthenticate