Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Bug?]: Webauthn login is never prompted after scaffolding dbAuth #7751

Closed
1 task done
Leon-Sam opened this issue Mar 4, 2023 · 4 comments
Closed
1 task done

[Bug?]: Webauthn login is never prompted after scaffolding dbAuth #7751

Leon-Sam opened this issue Mar 4, 2023 · 4 comments
Assignees
Labels
bug/needs-info More information is needed for reproduction

Comments

@Leon-Sam
Copy link
Contributor

Leon-Sam commented Mar 4, 2023

What's not working?

After doing a standard issue dbAuth scaffold and when logging in using dBAuth , normal username/password works fine. But the prompt for registering WebAuthn never show ups.

I also smoke tested my browser to make sure it can actually do webauth via https://webauthn.io/ , and my browser is supported/works.

I was able to trace the issue down to the webAuthn.isSupported() function call. It always returns false.
So it seems like the exact method to detect support might have a bug in it.

const onSubmit = async (data) => {
   const webAuthnSupported = await webAuthn.isSupported()
   console.log('is webauthn supported on submit:', webAuthnSupported) //THIS RETURNS False
   }

I made a quick repo with debug statements. You can find the link below. I'll be chipping away at this, but I wanted to put this up for others to know

How do we reproduce the bug?

Link to test repo:
REPO

Commands to replicate:

  1. yarn create redwood-app ./redwoodblog
  2. cd ./redwoodblog
  3. yarn redwood generate page home /
  4. yarn rw g dbAuth --webauthn
  5. yarn rw setup auth dbAuth "Click Y during webauthn prompt"
  6. "Add user schema described in generator for Users and UserCredential in the schema.prisma file"
  7. yarn rw prisma migrate dev
  8. yarn rw dev
  9. manually visit the /signup and /login endpoints and try to use webauthn

What's your environment? (If it applies)

System:
    OS: Linux 5.19 Ubuntu 22.04.1 LTS 22.04.1 LTS (Jammy Jellyfish)
    Shell: 5.1.16 - /bin/bash
  Binaries:
    Node: 18.14.2 - /tmp/xfs-6e247494/node
    Yarn: 3.4.1 - /tmp/xfs-6e247494/yarn
  Browsers:
    Chrome: 109.0.5414.119
  npmPackages:
    @redwoodjs/auth-dbauth-setup: 4.2.2 => 4.2.2 
    @redwoodjs/core: 4.2.2 => 4.2.2

Are you interested in working on this?

  • I'm interested in working on this
@Leon-Sam Leon-Sam added the bug/needs-info More information is needed for reproduction label Mar 4, 2023
@Leon-Sam
Copy link
Contributor Author

Leon-Sam commented Mar 4, 2023

I think I got this figured out!

The isSupported() function in dbAuth/web calls the platformAuthenicatorIsAvailable() from the 3rd party package.

Which only looks up for "Platform" authenticators ie (Apple Touch ID, Windows Hello etc). Ubuntu has no platform authentication to my knowledge, but can do 3rd party based hardware devices.

We should be calling browserSupportsWebAuthn() from the 3rd party library for the isSupported function in dbauth/webauthn.

Can somebody check/confirm my logic? Once confirmed, I'll make a PR for this.

@Tobbe
Copy link
Member

Tobbe commented Mar 5, 2023

@Leon-Sam I don't have a linux box to test on, but your logic sounds good to me! Please get started on a PR and I'll loop in @cannikin, who wrote dbAuth and its webauthn support

@cannikin
Copy link
Member

cannikin commented Mar 5, 2023

So platformAuthenticatorIsAvailable() calls browserSupportsWebAuthn() internally, but adds an additional check for the platform authenticator. I didn't realize that would exclude third party authenticators altogether! We'd love to get a PR that enables it for everyone, thanks!

@Leon-Sam
Copy link
Contributor Author

Leon-Sam commented Mar 8, 2023

Just posted up the PR, let me know if you need anything else from me

@jtoar jtoar closed this as completed Mar 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug/needs-info More information is needed for reproduction
Projects
None yet
Development

No branches or pull requests

4 participants