Authenticator break WebAuthn Support with Keycloak 24.0.x

[schneewe]

Issue: I cannot register a new Security Key when I have this authenticator in place. I tried creating a new container without this provider and Security registering is working again. So something strange with dependencies is going on here.

I really like this authenticator, but still need for some users the webauthn security key possibility.

Exception: 2024-03-30 10:04:06,892 ERROR [org.keycloak.services.error.KeycloakErrorHandler] (executor-thread-2) Uncaught server error: java.lang.NoSuchMethodError: 'void com.fasterxml.jackson.core.io.IOContext.close()' at com.fasterxml.jackson.dataformat.cbor.CBORParser.close(CBORParser.java:703) at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4833) at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3809) at com.webauthn4j.converter.util.CborConverter.readValue(CborConverter.java:65) at com.webauthn4j.converter.AttestedCredentialDataConverter.convertToCredentialPublicKey(AttestedCredentialDataConverter.java:133) at com.webauthn4j.converter.AttestedCredentialDataConverter.convert(AttestedCredentialDataConverter.java:95) at com.webauthn4j.converter.AuthenticatorDataConverter.convert(AuthenticatorDataConverter.java:123) at com.webauthn4j.converter.jackson.deserializer.cbor.AuthenticatorDataDeserializer.deserialize(AuthenticatorDataDeserializer.java:52) at com.webauthn4j.converter.jackson.deserializer.cbor.AuthenticatorDataDeserializer.deserialize(AuthenticatorDataDeserializer.java:34) at com.fasterxml.jackson.databind.deser.SettableBeanProperty.deserialize(SettableBeanProperty.java:545) at com.fasterxml.jackson.databind.deser.BeanDeserializer._deserializeWithErrorWrapping(BeanDeserializer.java:570) at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserializeUsingPropertyBasedWithExternalTypeId(BeanDeserializer.java:1049) at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserializeWithExternalTypeId(BeanDeserializer.java:947) at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserializeFromObject(BeanDeserializer.java:350) at com.fasterxml.jackson.databind.deser.BeanDeserializer.deserialize(BeanDeserializer.java:185) at com.fasterxml.jackson.databind.deser.DefaultDeserializationContext.readRootValue(DefaultDeserializationContext.java:323) at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4825) at com.fasterxml.jackson.databind.ObjectMapper.readValue(ObjectMapper.java:3833) at com.webauthn4j.converter.util.CborConverter.readValue(CborConverter.java:55) at com.webauthn4j.converter.AttestationObjectConverter.convert(AttestationObjectConverter.java:77) at com.webauthn4j.WebAuthnRegistrationManager.parse(WebAuthnRegistrationManager.java:183) at org.keycloak.authentication.requiredactions.WebAuthnRegister.processAction(WebAuthnRegister.java:236) at org.keycloak.services.resources.LoginActionsService.processRequireAction(LoginActionsService.java:1116) at org.keycloak.services.resources.LoginActionsService.requiredActionPOST(LoginActionsService.java:1051) at org.keycloak.services.resources.LoginActionsService$quarkusrestinvoker$requiredActionPOST_677a8efd4e80bfe1b3aa5a0d6fca2043252c9624.invoke(Unknown Source) at org.jboss.resteasy.reactive.server.handlers.InvocationHandler.handle(InvocationHandler.java:29) at io.quarkus.resteasy.reactive.server.runtime.QuarkusResteasyReactiveRequestContext.invokeHandler(QuarkusResteasyReactiveRequestContext.java:141) at org.jboss.resteasy.reactive.common.core.AbstractResteasyReactiveContext.run(AbstractResteasyReactiveContext.java:147) at io.quarkus.vertx.core.runtime.VertxCoreRecorder$14.runWith(VertxCoreRecorder.java:582) at org.jboss.threads.EnhancedQueueExecutor$Task.run(EnhancedQueueExecutor.java:2513) at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1538) at org.jboss.threads.DelegatingRunnable.run(DelegatingRunnable.java:29) at org.jboss.threads.ThreadLocalResettingRunnable.run(ThreadLocalResettingRunnable.java:29) at io.netty.util.concurrent.FastThreadLocalRunnable.run(FastThreadLocalRunnable.java:30) at java.base/java.lang.Thread.run(Thread.java:840) Suppressed: java.lang.NoSuchMethodError: 'void com.fasterxml.jackson.core.io.IOContext.close()' at com.fasterxml.jackson.dataformat.cbor.CBORParser.close(CBORParser.java:703) at com.fasterxml.jackson.databind.ObjectMapper._readMapAndClose(ObjectMapper.java:4833) ... 18 more

[instipod]

Can you test this again with release 1.0.9? I tested adding a security key using the account portal and was able to sign in using it.

[schneewe]

Oh yes, thank you very much, it's working now again. Tested with Keycloak 24.0.2