Comments (5)
Ok thanks for this precision.
WebAuthn is now activated on my website. Thanks for your work.
I search a way to have only fingerprint without screen lock.
I read this
https://stackoverflow.com/questions/57279094/js-webauthn-how-to-disable-or-detect-screen-lock-pin-code-option
So maybe in the next release of Chrome.
Have a nice day :-)
from webauthn-framework.
rpId must be equal to host.
Ex: https://www.domain.net => rpId = www.domain.net => Works
https://www.domain.net => rpId = api.domain.net => don't work
from webauthn-framework.
Hi,
Either you don’t set the rpId i.e. the current domain is used or you set it on both attestation and assertion options.
I can see in the first options object it is not set ("rp":{"name":"xxxxx"}
) but it is in the other one ("rp":{"name":"xxxxx","id":"xxxxx.net"}
). This may be the reason for the exception.
I recommend to always set the domain to avoid any trouble. In your case and as you may have requests from www.domain.net
or api.domain.net
, you should set domain.net
("rp":{"name":"xxxxx","id":"domain.net"}
)
from webauthn-framework.
As noted in the SO question, the uvm extension is the way to go.
When available, you should only need an extension handler and reject if other methods than fingerprint are present.
from webauthn-framework.
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.
from webauthn-framework.
Related Issues (20)
- Secure Payment Request
- Webauthn\CollectedClientData::createFormJson not working HOT 2
- Paramater `residentKey` will be ignored when Initializing AuthenticatorSelectionCriteria HOT 4
- Can be removed in 4.8.x HOT 2
- MDS-Sentry Support
- Compatibility with php 7.4? HOT 4
- PublicKeyCredentialUserEntity::createFromArray uses wrong base64 decoder HOT 5
- Unable to create the response object when deserializing AttestationResponse HOT 2
- Webauthn 3
- backupEligible breakage in 4.8.0 HOT 1
- Please update docs for 4.8 (deprecations toward 5.0) HOT 6
- TypeError in AuthenticationExtensionsDenormalizer HOT 2
- Incorrect deprecations HOT 2
- How/where to report a security issue? HOT 3
- Supported versions? HOT 5
- Incorrect message for PropertyInfoExtractor HOT 3
- Move state validation back into the value objects HOT 3
- "Unable to create the response object" when adding a 1Password passkey HOT 5
- Rename Credential property `rawId` into `id` HOT 1
- WebauthnSerializerFactory cannot serialize PublicKeyCredentialCreationOptions and PublicKeyCredentialRequestOptions HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from webauthn-framework.