Closed conanliuhuan closed 5 months ago
Without context, it's hard to determine the problem. Is it only for a specific authenticator? Does it work in the playground ? Where exactly does your passkey object come from? Is it related to your dev environment? ...
But basically, yeah, something look wrong with the key itself.
Without context, it's hard to determine the problem. Is it only for a specific authenticator? Does it work in the playground ? Where exactly does your passkey object come from? Is it related to your dev environment? ...
But basically, yeah, something look wrong with the key itself.
I create a smallest app only register and login, it still get error
Frontend:
<!DOCTYPE html>
<html>
<head>
<title></title>
<script src="https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js"></script>
</head>
<body>
<button onclick="register()">register</button>
<button onclick="login()">login</button>
<script type="module">
import { client } from 'https://cdn.jsdelivr.net/npm/@passwordless-id/webauthn@1.5.0/dist/webauthn.min.js'
var challenge = "a7c61ef9-dc23-4806-b486-2428938a547e";
window.register = ()=>{
client.register('sample_user_name', challenge, {
authenticatorType: "auto",
userVerification: "required",
timeout: 60000,
attestation: true,
debug: false,
})
.then(registration=>{
console.log(registration)
axios({
method: 'post',
url: '/register',
responseType: 'json',
data: {
registration,
}
})
.then(({data})=>{
console.log(data)
alert("request succeed")
})
.catch((err)=>{
console.log(err)
alert("request failed")
})
})
.catch((err)=>{
console.log(err)
alert("user/platform declined")
})
}
window.login = ()=>{
client.authenticate([], challenge, {
authenticatorType: "auto",
userVerification: "required",
timeout: 60000,
})
.then(authentication=>{
axios({
method: 'post',
url: '/login',
responseType: 'json',
data: {
authentication,
}
})
.then(({data})=>{
console.log(data)
alert("request succeed")
})
.catch((err)=>{
console.log(err)
alert("request failed")
})
})
.catch((err)=>{
console.log(err)
alert("user/platform declined")
})
}
</script>
</body>
</html>
Backend:
import fs from "fs"
import path from "path"
import express from "express"
import {server as webAuthnServer} from '@passwordless-id/webauthn';
var app = express();
app.use(express.json({limit: '5mb' }));
app.get('/', (req,res)=>{
res.type("text/html");
res.send( fs.readFileSync( path.join(process.cwd(),"./web.html") ,{encoding: 'utf-8'}) );
return;
})
var saved_credential = null;
var challenge = "a7c61ef9-dc23-4806-b486-2428938a547e";
app.post('/register',(req,res)=>{
var expected = {
challenge,
origin: "http://localhost:9999"
}
webAuthnServer.verifyRegistration(req.body.registration, expected)
.then(data=>{
// save key
saved_credential = data.credential;
res.json({
success: 1
});
})
.catch(()=>{
res.json({
success: 0
});
})
})
app.post('/login',(req,res)=>{
var credentialKey = saved_credential;
var expected = {
challenge,
origin: "http://localhost:9999",
userVerified: true,
}
webAuthnServer.verifyAuthentication(req.body.authentication, credentialKey, expected)
.then(data=>{
res.json({
success: 1
});
})
.catch(err=>{
console.log(err)
res.json({
success: 0
});
})
})
app.listen(9999,()=>{
console.log('http://localhost:9999')
})
Try this file: webauthn-test.zip
Node.js version: 20.11.1
Maybe there's something wrong with my Windows11, I tested it on MacOS 13.6, it works well
Strange... It looks like the following key cannot be interpreted as RS256 key, dunno why.
{
id: 'pADVavwUiRWK_Rf_9ZZEOuZBaogKqJB-pgTIO24Pnxs',
publicKey: 'MIIBIjANBgkqhkiG9w0BAQsFAAOCAQ8AMIIBCgKCAQEA2JrQ5S5fV3rOc0AmKg7ljFMMcmnA62tjxGl-UVQVo77hsMwPfQjAM6fM3zpdLMWVGT7DN3AyErA2xIIDTcgcLFV0jp0RKwlnNm1uBYXkMlu9qI8XEioeyrwErYbkTKNOvjg4iXL3UU2bDxwUxCFt9ReihjaInfyo3aBjzC22P_fzQf0CUnw6Vo0SeuFdRTX5f1ZQY-56sMnPMyNqB4CBN-ejo9POG8k5nDh0IvaT2x7yfDz_YsB1Smhpj67Cb-Dl-NbqvFjikeYTzeOITBOGCaElJfExupww1DzUY-N9XN2yhph_XP9LvUH6qxc7N_BcoOtfpsDDYrDJ_hyvG6aaOQIDAQAB',
algorithm: 'RS256'
}
I would be interested as well to know what went wrong with this "key".
My PC do not has TPM hardware. I replaced some system files when I was installing Windows 11. Maybe that caused the problem.
Code:
Console: