search

instipod / DuoUniversalKeycloakAuthenticator

Keycloak Authenticator for Duo's new Universal Prompt
GNU General Public License v3.0
50 stars 16 forks source link

Security key creation fails #21

Closed Syncrro closed 10 months ago

Syncrro commented 10 months ago

Description

This authenticator introduces an error for security key creation, therefore passkeys can't be used. Tested against: DUKA 1.0.7 with keycloak 22.0.5 DUKA 1.0.8-SNAPSHOT with keycloak 23.0.3

To Reproduce

  1. create an authentication flow which uses the WebAuthnPasswordless Authenticator image

  2. go to: https://<your-domain>/realms/<realm>/account/#/security/signingin

  3. Set up Security key -> follow setup -> Internal server error

Keycloak log

2023-12-20 13:58:27,275 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-14) Uncaught server error: java.lang.NoSuchMethodError: 'com.fasterxml.jackson.core.io.ContentReference com.fasterxml.jackson.dataformat.cbor.CBORFactory._createContentReference(java.lang.Object, int, int)'
        at com.fasterxml.jackson.dataformat.cbor.CBORFactory.createParser(CBORFactory.java:336)
        at com.fasterxml.jackson.dataformat.cbor.CBORFactory.createParser(CBORFactory.java:330)
        at com.fasterxml.jackson.dataformat.cbor.CBORFactory.createParser(CBORFactory.java:27)
        at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3833)
        at com.webauthn4j.converter.util.CborConverter.readValue(CborConverter.java:55)
        at com.webauthn4j.converter.AttestationObjectConverter.convert(AttestationObjectConverter.java:77)
        at com.webauthn4j.WebAuthnRegistrationManager.parse(WebAuthnRegistrationManager.java:183)
        at org.keycloak.authentication.requiredactions.WebAuthnRegister.processAction(WebAuthnRegister.java:236)
        at org.keycloak.services.resources.LoginActionsService.processRequireAction(LoginActionsService.java:1090)
        at org.keycloak.services.resources.LoginActionsService.requiredActionPOST(LoginActionsService.java:1025)
        at org.keycloak.services.resources.LoginActionsService$quarkusrestinvoker$requiredActionPOST_677a8efd4e80bfe1b3aa5a0d6fca2043252c9624.invoke(Unknown Source)
        at org.jboss.resteasy.reactive.server.handlers.InvocationHandler.handle(InvocationHandler.java:29)
        at io.quarkus.resteasy.reactive.server.runtime.QuarkusResteasyReactiveRequestContext.invokeHandler(QuarkusResteasyReactiveRequestContext.java:141)
        at org.jboss.resteasy.reactive.common.core.AbstractResteasyReactiveContext.run(AbstractResteasyReactiveContext.java:145)
        at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:576)
        at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2513)
        at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1538)
        at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29)
        at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29)
        at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30)
        at java.base/java.lang.Thread.run(Thread.java:840)
instipod commented 10 months ago

Fixed in 1.0.8 Final, thanks for reporting!

Syncrro commented 10 months ago

Thank you both for the quick fix. Merry Christmas