Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WebAuthn gives error: "Failed to execute 'atob' on 'Window': The string to be decoded is not correctly encoded." #1706

Closed
wsolara opened this issue Apr 4, 2023 · 11 comments · Fixed by #1721
Closed

WebAuthn gives error: "Failed to execute 'atob' on 'Window': The string to be decoded is not correctly encoded." #1706

wsolara opened this issue Apr 4, 2023 · 11 comments · Fixed by #1721
Assignees
@hsluoyz
Labels
bug Something isn't working released

Comments

@wsolara
Copy link

wsolara commented Apr 4, 2023
edited
Loading

Hello! I have the error when logging in with Webauthn or when adding a WebAuthn device.

Casdoor Version: v1.281.0

Browser Google Chrome Version: 111.0.5563.146

How to reproduce:

  1. Go to login page
  2. Select WebAuthn
  3. Enter username
  4. Click Sign in button
  5. Getting error in browser console:
    Uncaught (in promise) DOMException: Failed to execute 'atob' on 'Window': The string to be decoded is not correctly encoded. at rO (https://casdoor.vitim.io/static/js/main.a301da6f.js:2:3740754) at https://casdoor.vitim.io/static/js/main.a301da6f.js:2:3909520
  6. Step 4 and 5 can be repeated many times

Or another scenario:

  1. Go to user profile
  2. Click Add webauthn device button
  3. Getting error notification: "Failed to connect to server: InvalidCharacterError: Failed to execute 'atob' on 'Window': The string to be decoded is not correctly encoded.."

Recording how to reproduce it:
out_webauthn.webm
@casbin-bot
Copy link
Contributor

@seriouszyx @ComradeProgrammer @Resulte

@casbin-bot casbin-bot added the bug Something isn't working label Apr 4, 2023
@hsluoyz
Copy link
Member

hsluoyz commented Apr 5, 2023

@wsolara hi, can you check starting from which release version this problem happens?

@wsolara
Copy link
Author

wsolara commented Apr 5, 2023
edited
Loading

hsluoyz ok, I'll try

@wsolara
Copy link
Author

wsolara commented Apr 6, 2023
edited
Loading

@wsolara hi, can you check starting from which release version this problem happens?

hsluoyz Hello, I checked, in versions 1.260.0, 1.261.0 there is no such error, starting from version 1.262.0 there is the error

@hsluoyz
Copy link
Member

hsluoyz commented Apr 6, 2023

@wsolara are you sure that this PR: #1623 has caused this issue? I don't think that one line change has anything to do with WebAuthn..

@hsluoyz
Copy link
Member

hsluoyz commented Apr 7, 2023

ping @wsolara

@wsolara
Copy link
Author

wsolara commented Apr 7, 2023

@wsolara are you sure that this PR: #1623 has caused this issue? I don't think that one line change has anything to do with WebAuthn..

hsluoyz I can see from the commits that the webauthn library was changed here - v1.261.0...v1.262.0

@hsluoyz
Copy link
Member

hsluoyz commented Apr 7, 2023

@wsolara yes, good catch. We updated the webauthn library at that time and perhaps this action introduced this bug.

The original commit is: duo-labs/webauthn@a22482edaa3b

It is changed to: https://github.com/go-webauthn/webauthn/releases/tag/v0.8.2

Actually go-webauthn/webauthn is forked from duo-labs/webauthn. So can you check starting from which commit of go-webauthn/webauthn repo this issue happens? You can use binary-search. This will help us locate the problem.

@wsolara
Copy link
Author

wsolara commented Apr 7, 2023
edited
Loading

@wsolara yes, good catch. We updated the webauthn library at that time and perhaps this action introduced this bug.

The original commit is: duo-labs/webauthn@a22482edaa3b

It is changed to: https://github.com/go-webauthn/webauthn/releases/tag/v0.8.2

Actually go-webauthn/webauthn is forked from duo-labs/webauthn. So can you check starting from which commit of go-webauthn/webauthn repo this issue happens? You can use binary-search. This will help us locate the problem.

Ok, I will try

@XDTD
Copy link
Contributor

XDTD commented Apr 10, 2023
edited
Loading

@wsolara yes, good catch. We updated the webauthn library at that time and perhaps this action introduced this bug.
The original commit is: duo-labs/webauthn@a22482edaa3b
It is changed to: https://github.com/go-webauthn/webauthn/releases/tag/v0.8.2
Actually go-webauthn/webauthn is forked from duo-labs/webauthn. So can you check starting from which commit of go-webauthn/webauthn repo this issue happens? You can use binary-search. This will help us locate the problem.

Ok, I will try

I have tried using different versions of webauthn, and it seems that versions from this commit onwards can trigger this bug. To address this bug, you can specify the version of webauthn as v0.5.0 or an earlier in the go.mod file of casdoor. I will continue to investigate what has caused this problem.

@XDTD XDTD mentioned this issue Apr 10, 2023
Merged
@casbin-bot
Copy link
Contributor

🎉 This issue has been resolved in version 1.290.1 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@XDTD XDTD mentioned this issue Apr 12, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hsluoyz hsluoyz

Labels
bug Something isn't working released
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: rollback the version of webauthn in go mod to fix "atob" bug XDTD/casdoor
4 participants
@hsluoyz @XDTD @wsolara @casbin-bot