Closed exalate-issue-sync[bot] closed 1 year ago
Oliver Matthews commented: leleueri
commented [on Jul 4|https://app.zenhub.com/workspaces/graviteeio---access-management-5b17f74af58c642fb89cc49f/issues/gravitee-io/issues/7967#issuecomment-1173746323]
Edit
{noformat}11:44:49.938 [vert.x-eventloop-thread-0] [] ERROR i.g.a.g.h.r.r.h.w.WebAuthnRegisterHandler - Unexpected exception io.vertx.ext.auth.webauthn.impl.attestation.AttestationException: AAGUID is not 00000000-0000-0000-0000-000000000000! at io.vertx.ext.auth.webauthn.impl.attestation.NoneAttestation.validate(NoneAttestation.java:46) at io.vertx.ext.auth.webauthn.impl.WebAuthnImpl.verifyWebAuthNCreate(WebAuthnImpl.java:535) at io.vertx.ext.auth.webauthn.impl.WebAuthnImpl.authenticate(WebAuthnImpl.java:382) at io.vertx.reactivex.ext.auth.authentication.AuthenticationProvider.authenticate(AuthenticationProvider.java:178) at io.gravitee.am.gateway.handler.root.resources.handler.webauthn.WebAuthnRegisterHandler.registerV1(WebAuthnRegisterHandler.java:185) at io.gravitee.am.gateway.handler.root.resources.handler.webauthn.WebAuthnRegisterHandler.register(WebAuthnRegisterHandler.java:81) at io.gravitee.am.gateway.handler.root.resources.handler.webauthn.WebAuthnRegisterHandler.handle(WebAuthnRegisterHandler.java:69) at io.gravitee.am.gateway.handler.root.resources.handler.webauthn.WebAuthnRegisterHandler.handle(WebAuthnRegisterHandler.java:44) at io.vertx.reactivex.ext.web.Route$1.handle(Route.java:181) at io.vertx.reactivex.ext.web.Route$1.handle(Route.java:179) at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212) at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:126) at io.vertx.ext.web.impl.RoutingContextWrapper.next(RoutingContextWrapper.java:201) at io.vertx.reactivex.ext.web.RoutingContext.next(RoutingContext.java:139) at io.gravitee.am.gateway.handler.root.resources.handler.webauthn.WebAuthnAccessHandler.handle(WebAuthnAccessHandler.java:52) at io.gravitee.am.gateway.handler.root.resources.handler.webauthn.WebAuthnAccessHandler.handle(WebAuthnAccessHandler.java:34) at io.vertx.reactivex.ext.web.Route$1.handle(Route.java:181) at io.vertx.reactivex.ext.web.Route$1.handle(Route.java:179) at io.vertx.ext.web.impl.RouteState.handleContext(RouteState.java:1212) at io.vertx.ext.web.impl.RoutingContextImplBase.iterateNext(RoutingContextImplBase.java:126){noformat}
Oliver Matthews commented: This is a known issue that selecting {{Attestation Conveyance Preference}} to {{None}} throws "AAGUID is not 00000000-0000-0000-0000-000000000000!" error.
It seems our implementation is as per the document and the device should not populate the aaguid. But in this case the device (for an example the mac I am using) is generating the aagid. As a result the vertx library throwing the error.
We should handle the error more gracefully rather than the service not unavailable error.
#7967
Expected Behavior
As a user, I should be able to successfully register and sign in using FIDO2 factor
Current Behavior
Given I have set Attestation Conveyance Preference = none in web auth
And I am trying to register FIDO2 factor
Then I am getting internal server error
Possible Solution
Steps to Reproduce (for bugs)