search

pallets-eco / flask-security

Quick and simple security for Flask applications
MIT License
635 stars 155 forks source link

Webauthn issue : 'AuthenticatorSelectionCriteria' is not defined #811

Closed level09 closed 1 year ago

level09 commented 1 year ago

Hi there,

When testing webauthn implementation, I followed the steps for creating the models, installing the additional webauthn lib and adding the necessary user attributes and configurations.

but when I go to the /wan-register page , after I add a name for a new security key and click submit, I get this error 

NameError: name 'AuthenticatorSelectionCriteria' is not defined

Have I missed any step in my implementation?

jwag956 commented 1 year ago

Did you get a backtrace?

Can you detail what versions of flask security and we within you are using?

level09 commented 1 year ago

Yup here is a traceback: 

  File "/Users/level09/projects/cro/env/lib/python3.10/site-packages/flask/app.py", line 2213, in __call__
    return self.wsgi_app(environ, start_response)
  File "/Users/level09/projects/cro/env/lib/python3.10/site-packages/flask/app.py", line 2193, in wsgi_app
    response = self.handle_exception(e)
  File "/Users/level09/projects/cro/env/lib/python3.10/site-packages/flask/app.py", line 2190, in wsgi_app
    response = self.full_dispatch_request()
  File "/Users/level09/projects/cro/env/lib/python3.10/site-packages/flask/app.py", line 1486, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/Users/level09/projects/cro/env/lib/python3.10/site-packages/flask/app.py", line 1484, in full_dispatch_request
    rv = self.dispatch_request()
  File "/Users/level09/projects/cro/env/lib/python3.10/site-packages/flask_debugtoolbar/__init__.py", line 142, in dispatch_request
    return view_func(**req.view_args)
  File "/Users/level09/projects/cro/env/lib/python3.10/site-packages/flask_security/decorators.py", line 384, in decorated_view
    return fn(*args, **kwargs)
  File "/Users/level09/projects/cro/env/lib/python3.10/site-packages/flask_security/webauthn.py", line 413, in webauthn_register
    ro = _security._webauthn_util.registration_options(
  File "/Users/level09/projects/cro/env/lib/python3.10/site-packages/flask_security/webauthn_util.py", line 70, in registration_options
    existing_options["authenticator_selection"] = self.authenticator_selection(
  File "/Users/level09/projects/cro/env/lib/python3.10/site-packages/flask_security/webauthn_util.py", line 100, in authenticator_selection
    select_criteria = AuthenticatorSelectionCriteria()
NameError: name 'AuthenticatorSelectionCriteria' is not defined

Running flask-security 5.2.0 and flask 2.3.2

jwag956 commented 1 year ago

Are you sure you have https://pypi.org/project/webauthn/ installed?

level09 commented 1 year ago

Yes I have webauthn 1.8.1 installed indeed, but you are right it looks as if there is a problem with the package itself.

I launched flask shell and did this simple import which caused this strange error: 

In [1]: from webauthn.helpers.structs import AuthenticatorSelectionCriteria
---------------------------------------------------------------------------
ImportError                               Traceback (most recent call last)
Cell In[1], line 1
----> 1 from webauthn.helpers.structs import AuthenticatorSelectionCriteria

File ~/projects/cro/env/lib/python3.11/site-packages/webauthn/__init__.py:1
----> 1 from .registration.generate_registration_options import generate_registration_options
      2 from .registration.verify_registration_response import verify_registration_response
      3 from .authentication.generate_authentication_options import (
      4     generate_authentication_options,
      5 )

File ~/projects/cro/env/lib/python3.11/site-packages/webauthn/registration/generate_registration_options.py:3
      1 from typing import List, Optional
----> 3 from webauthn.helpers import generate_challenge
      4 from webauthn.helpers.cose import COSEAlgorithmIdentifier
      5 from webauthn.helpers.structs import (
      6     AttestationConveyancePreference,
      7     AuthenticatorSelectionCriteria,
   (...)
     13     ResidentKeyRequirement,
     14 )

File ~/projects/cro/env/lib/python3.11/site-packages/webauthn/helpers/__init__.py:10
      8 from .hash_by_alg import hash_by_alg
      9 from .json_loads_base64url_to_bytes import json_loads_base64url_to_bytes
---> 10 from .options_to_json import options_to_json
     11 from .parse_attestation_object import parse_attestation_object
     12 from .parse_authenticator_data import parse_authenticator_data

File ~/projects/cro/env/lib/python3.11/site-packages/webauthn/helpers/options_to_json.py:3
      1 from typing import Union
----> 3 from .structs import (
      4     PublicKeyCredentialCreationOptions,
      5     PublicKeyCredentialRequestOptions,
      6 )
      9 def options_to_json(
     10     options: Union[
     11         PublicKeyCredentialCreationOptions,
     12         PublicKeyCredentialRequestOptions,
     13     ]
     14 ) -> str:
     15     """
     16     Prepare options for transmission to the front end as JSON
     17     """

File ~/projects/cro/env/lib/python3.11/site-packages/webauthn/helpers/structs.py:5
      2 from typing import List, Literal, Optional
      4 from pydantic import BaseModel, validator
----> 5 from pydantic.fields import ModelField
      7 from .bytes_to_base64url import bytes_to_base64url
      8 from .cose import COSEAlgorithmIdentifier

ImportError: cannot import name 'ModelField' from 'pydantic.fields' (/Users/level09/projects/cro/env/lib/python3.11/site-packages/pydantic/fields.py)

It seems as if there is some conflicting package names or something.

Perhaps I should check with the webauthn creator on this instead.

jwag956 commented 1 year ago

That's a recent issue - fixed in webauthn 1.9 - install that and see how it goes.

level09 commented 1 year ago

Oh that indeed fixes the bug.

Thanks for the hint. appreciate it 🙂