Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fido2 Assertion Fails: The operation either timed out or was not allowed #382

Open
TravisKool opened this issue Mar 5, 2023 · 4 comments
Open

Fido2 Assertion Fails: The operation either timed out or was not allowed #382

TravisKool opened this issue Mar 5, 2023 · 4 comments

Comments

@TravisKool
Copy link

TravisKool commented Mar 5, 2023
edited
Loading

I am using Blazor WASM .net 7 and have success with attestation / registration. I am testing using https://localhost . This issue happens on both Chrome and firefox latest versions when trying to "Login" and get the credentials..

I am successfully creating assertion options using this library, but when I call into the js method that calls navigator.credentials.get, it is failing. Prior to seeing the console exception, the authenticator pops up and seems to successfully scan my face (as it did during registration), then it pauses for 5 seconds and throws the jsexception seen below. Any thoughts?

Input captured in c# prior to the invoke. Note: I just used jsonConvert to obtain this output, so it's not base64url
image

invoke which seems to be working as the windows hello shows up
image

The js used to invoke the navigator
image

the error...
Microsoft.JSInterop.JSException: The operation either timed out or was not allowed. See: https://www.w3.org/TR/webauthn-2/#sctn-privacy-considerations-client. blazor.webassembly.js:1 undefined blazor.webassembly.js:1 at Microsoft.JSInterop.JSRuntime.<InvokeAsync>d__161[[Fido2NetLib.AuthenticatorAssertionRawResponse, Fido2.Models, Version=3.0.1.0, Culture=neutral, PublicKeyToken=null]].MoveNext()
blazor.webassembly.js:1 at WebAuthn.VerifyAsync(AssertionOptions options) in C:\git\EventFinder\Access.Web\Authentication\WebAuthn.cs:line 44
blazor.webassembly.js:1 at AuthenticationAccess.LoginAsync(String email) in C:\git\EventFinder\Access.Web\Authentication\AuthenticationAccess.cs:line 111
@nicowitteman
Copy link

Does it literally have "Ty…MBAAE=",?

@TravisKool
Copy link
Author

Hey Nico, I am not sure what that was, I re-did the test and used screenshots and updated my original comment. That does not appear to be there anymore -> still have the error.

@Regenhardt
Copy link
Contributor

Can you maybe make a public repo with minimal code to reproduce this error?

Also to debug this step a bit more I did the following:

  1. Add console.log('options:', options); right before the credentials.get call
  2. Add console.log('response:', retval); right before returning retval

This way, you can inspect the whole object in your browser console without potentially losing information through serialization.

@Regenhardt
Copy link
Contributor

@TravisKool have you found a solution? Otherwise, can you try using .NET 8 and directly use the Fido2.BlazorWebAssembly project for now?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@TravisKool @Regenhardt @nicowitteman