Upgraded to 10 from 9 and iphone no longer to connect with chrome about simplewebauthn HOT 10 CLOSED

Hey all, I asked around last week and ended up reporting this as a Chromium issue here:

https://issues.chromium.org/issues/346835891

I'm still considering updating SimpleWebAuthn, but I also might just document this as a known issue with Chrome and advise RPs to set displayName to a non-empty string till Chrome gets fixed.

from simplewebauthn.

I see you're using server@10 but browser@9. I wonder if something during hybrid is falling over because user.id ends up greater than 64 bytes coming out of generateRegistrationOptions(). browser@9 treats user.id as a UTF-8 string, it's browser@10 that will correctly base64url-decode user.id to <= 64 bytes.

Can you provide the output of that call to generateRegistrationOptions()? I think that'll help troubleshoot things further.

from simplewebauthn.

Blah I’m sorry I copied it from the diff , browser was 10 , I’ll get that output here soon

from simplewebauthn.

updated to show thati was using the 10 V for the browser, let me see if i can get the output

from simplewebauthn.

// Registration Options
{
  "challenge": "B6pyIkuOvFU8tor2nDSs6aYyMEdrcws-P4KsVB6m6Ww",
  "rp": {
    "name": "EXTRACTED",
    "id": "EXTRACTED.loca.lt"
  },
  "user": {
    "id": "MHlWTmtiWDAwRnI",
    "name": "[email protected]",
    "displayName": ""
  },
  "pubKeyCredParams": [
    {
      "alg": -8,
      "type": "public-key"
    },
    {
      "alg": -7,
      "type": "public-key"
    },
    {
      "alg": -257,
      "type": "public-key"
    }
  ],
  "timeout": 60000,
  "attestation": "direct",
  "excludeCredentials": [],
  "authenticatorSelection": {
    "residentKey": "required",
    "userVerification": "required",
    "requireResidentKey": true
  },
  "extensions": {
    "credProps": true
  }
}

from simplewebauthn.

i went to https://webauthn.io/ the i noticed it had displayName set. so i added it and now it works. May want to mark that as non optional now?

from simplewebauthn.

Whoops, this is a case of me getting out ahead of browsers updating to reflect the latest behavior in the draft of WebAuthn L3 (we changed things to make it okay for displayName to be an empty string https://w3c.github.io/webauthn/#dom-publickeycredentialuserentity-displayname.) I must have caused this when I addressed #536. It seems I'll have to revert that change for now 😞

from simplewebauthn.

Hello @lukepolo, I confirmed the behavior on my end:

Setting a value for userDisplayName when calling generateRegistrationOptions() fixed it for me too:

I'll work to get a fix out for this over the weekend, thanks for your patience.

from simplewebauthn.

Hi @lukepolo thanks for Highlighting this. I also currently have this problem. @MasterKale Thanks for your prompt reaction to this ❤️.

from simplewebauthn.

Alright, I got around to updating the docs with temporary troubleshooting info for this issue:

https://simplewebauthn.dev/docs/packages/browser#startregistration-unexpectedly-errors-out-with-nowallowederror-after-scanning-qr-code

I'll update the guidance once the Chromium bug gets fixed (it'll stick around but at least I can say "this only affects Chrome older than xxx".)

I'm going to close this out for now. Thanks again for your patience.

from simplewebauthn.