search

line / line-fido2-server

FIDO2(WebAuthn) server officially certified by FIDO Alliance and Relying Party examples.
Apache License 2.0
515 stars 94 forks source link

Error: ReferenceError: PublicKeyCredential is not defined #40

Closed huytungst closed 1 year ago

huytungst commented 1 year ago

When accessing the test website at "localhost:8080", all functions work normally.

However, when accessing the test website at 10.0.0.xxx:8080 (my IP address, with the same browser), an error occurs when making Registration challenge:

Error: ReferenceError: PublicKeyCredential is not defined

I attempted to add some configurations to the RPServer and Server's application.yml & application-local.yml files:

spring: cors: allowed-origins:

Despite the RPServer and Server being built successfully, but the issue persisted and could not be resolved.

Error: ReferenceError: PublicKeyCredential is not defined

kkk6285137 commented 1 year ago

http://10.0.0.xxx:8080/ is a http url,bug PublicKeyCredential need https。maybe by this is the reason。

https://developer.mozilla.org/en-US/docs/Web/API/PublicKeyCredential

huytungst commented 1 year ago

http://10.0.0.xxx:8080/ is a http url,bug PublicKeyCredential need https。maybe by this is the reason。

https://developer.mozilla.org/en-US/docs/Web/API/PublicKeyCredential

Thank you.

As you mentioned, the initial error might have occurred because I accessed the site using HTTP. After installing a self-signed certificate and accessing the site using HTTPS, the first error disappeared, but a new error message emerged: "Error: SecurityError: This is an invalid domain."

I have the following two conjectures:

  1. For the "PublicKeyCredential is not defined": This error may occur when trying to access the FIDO2/WebAuthn functionality over an insecure connection (HTTP). The WebAuthn API requires a secure context (HTTPS) to function properly. Setting up a self-signed SSL certificate and accessing the site via HTTPS can resolve this issue.

  2. For the "Invalid domain error": The WebAuthn API may have additional security requirements, including a valid domain name. Using an IP address may cause this error even with a SSL installed. Using a local domain name may resolve this issue.

But, even when accessing the site using a local domain, I'm unable to resolve the issue of being unable to access the page on an iOS device. It appears that iOS devices do not allow changing the local domain to point to the app's IP address. However, it is a separate issue, so I will close this issue #40 here.

Thank you for replying ~

kkk6285137 commented 1 year ago

I did solve this problem through a trusted https domain name.

hcwf commented 1 year ago

I did solve this problem through a trusted https domain name.

Is there any way to only host this locally within my LAN or do I need to use a valid domain to be able to use this server?