search

prefiks / u2f4moz

U2F support extension for Firefox
GNU Lesser General Public License v2.1
197 stars 15 forks source link

Does not work with trusted facets APP IDs #52

Closed BirknerAlex closed 7 years ago

BirknerAlex commented 7 years ago

Hello,

it seems like the Plugin isn't working with trusted facets APP ID URLs. If you have different applications and you want to use the same U2F tokens, you need to use a special URL which returns a JSON list with all allowed URLs.

If I try to register the U2F token on our website, I didn't get a error and the device isn't starting blinking. If I test it with the website URL instead of a trusted facets URL, its working.

More Information: https://fidoalliance.org/specs/fido-u2f-v1.0-ps-20141009/fido-appid-and-facets-ps-20141009.html

{
  "trustedFacets" : [{
    "version": { "major": 1, "minor" : 0 },
    "ids": [
       "https://register.example.com", // VALID, shares "example.com" label
       "https://fido.example.com",     // VALID, shares "example.com" label
       "https://www.example.com:444"   // VALID, port is not significant
    ]
  }]
}

As example, we use this URL as app id: https://api.nitrado.net/u2f_app_ids.json.

Thank you very much!

Regards, Alexander

BirknerAlex commented 7 years ago

Sorry! I've checked your source code and I found the solution. The Content-Type Header was missing. Seems like Chrome ignores it. :)

Added, works: headers['Content-Type'] = 'application/fido.trusted-apps+json'