Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ValidateDiscoverableLogin hides handler error #140

Closed
leejuyuu opened this issue May 29, 2023 · 0 comments · Fixed by #142
Closed

ValidateDiscoverableLogin hides handler error #140

leejuyuu opened this issue May 29, 2023 · 0 comments · Fixed by #142
Labels
status/needs-triage Issues that need to be triaged. type/potential-bug Potential Bugs

Comments

@leejuyuu
Copy link

leejuyuu commented May 29, 2023
edited

Version

0.8.2

Description

The ValidateDiscoverableLogin method masks the underlying error message returned by DiscoverableUserHandler, which makes troubleshooting harder. Please consider methods like wrapping the error to allow the source problem to be exposed.

Reproduction

Run the following

code 
package main

import (
	"fmt"
	"log"

	"github.com/go-webauthn/webauthn/protocol"
	"github.com/go-webauthn/webauthn/webauthn"
)

func main() {
	wconfig := &webauthn.Config{
		RPDisplayName: "Go Webauthn",                               // Display Name for your site
		RPID:          "go-webauthn.local",                         // Generally the FQDN for your site
		RPOrigins:     []string{"https://login.go-webauthn.local"}, // The origin URLs allowed for WebAuthn requests
	}

	w, err := webauthn.New(wconfig)
	if err != nil {
		log.Fatal(err)
	}

	handler := func(rawID, userHandle []byte) (webauthn.User, error) {
		return nil, fmt.Errorf("Oops, bad things happened")
	}

	_, err = w.ValidateDiscoverableLogin(
		handler,
		webauthn.SessionData{},
		&protocol.ParsedCredentialAssertionData{Response: protocol.ParsedAssertionResponse{UserHandle: []byte{1, 2, 3}}},
	)
	log.Println(err)
}

type user struct {
	id                []byte
	displayName, name string
	credentials       []webauthn.Credential
}

func (u user) WebAuthnID() []byte {
	return u.id
}

func (u user) WebAuthnName() string {
	return u.name
}

func (u user) WebAuthnDisplayName() string {
	return u.displayName
}

func (u user) WebAuthnCredentials() []webauthn.Credential {
	return u.credentials
}

func (u user) WebAuthnIcon() string {
	return ""
}

The terminal will print something like

2023/05/29 12:48:41 Failed to lookup Client-side Discoverable Credential

which does not reveal the cause of the error.

Expectations

Maybe wrapping the error like

Failed to lookup Client-side Discoverable Credential: Oops, bad things happened

Documentation

No response
@leejuyuu leejuyuu added status/needs-triage Issues that need to be triaged. type/potential-bug Potential Bugs labels May 29, 2023
@james-d-elliott james-d-elliott mentioned this issue May 30, 2023
Merged
james-d-elliott added a commit that referenced this issue Jun 19, 2023
@james-d-elliott
fix: error hidden during discoverable login (#142)
a942e60 
This exposes the underlying error as a string. There needs to be some additional work in this area regardless as the idea would be to wrap the error but the current implementation doesn't explicitly implement this.

Fixes #140
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status/needs-triage Issues that need to be triaged. type/potential-bug Potential Bugs
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: error hidden during discoverable login go-webauthn/webauthn
1 participant
@leejuyuu