Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error get_webauthn_challenge_without_user #8618

Closed
EmilZackrisson opened this issue Feb 21, 2024 · 3 comments · Fixed by #8625
Closed

Error get_webauthn_challenge_without_user #8618

EmilZackrisson opened this issue Feb 21, 2024 · 3 comments · Fixed by #8625

Comments

@EmilZackrisson
Copy link

Describe the bug
My passwordless login flow stopped working when I upgraded to 2024.2.0 from 2023.10

To Reproduce
Steps to reproduce the behavior:

  1. Try to login with passwordless login flow

Expected behavior
Be asked to authenticate passkey and be redirected to Authentik.

Screenshots
Screenshot 2024-02-21 at 17 09 47

Logs

Stacktrace from authentik 
Traceback (most recent call last):
  File "/authentik/flows/views/executor.py", line 291, in get
    stage_response = self.current_stage_view.dispatch(request)
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/ak-root/venv/lib/python3.12/site-packages/django/views/generic/base.py", line 143, in dispatch
    return handler(request, *args, **kwargs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/authentik/stages/authenticator_validate/stage.py", line 243, in get
    challenges = self.get_webauthn_challenge_without_user()
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/authentik/stages/authenticator_validate/stage.py", line 216, in get_webauthn_challenge_without_user
    "challenge": get_webauthn_challenge_without_user(
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/authentik/stages/authenticator_validate/challenge.py", line 72, in get_webauthn_challenge_without_user
    return loads(options_to_json(authentication_options))
                 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/ak-root/venv/lib/python3.12/site-packages/webauthn/helpers/options_to_json.py", line 118, in options_to_json
    auth_to_return["userVerification"] = options.user_verification.value
                                         ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
builtins.AttributeError: 'str' object has no attribute 'value'

Version and Deployment (please complete the following information):

  • authentik version: 2024.2.0
  • Deployment: kubernetes

Additional context
Passwordless login flow config:

context: {}
entries:
- attrs:
    authentication: none
    compatibility_mode: true
    denied_action: message_continue
    designation: authentication
    layout: stacked
    name: Passwordless
    policy_engine_mode: any
    title: "V\xE4lkommen till Authentik!"
  conditions: []
  id: null
  identifiers:
    pk: 7817f152-1a2a-40d4-bc2d-3c748ec68f00
    slug: passwordless
  model: authentik_flows.flow
  state: present
- attrs:
    configuration_stages:
    - 69a2222e-d308-429f-a82e-ba8a52cc3242
    device_classes:
    - webauthn
    last_auth_threshold: seconds=0
    not_configured_action: configure
    webauthn_user_verification: required
  conditions: []
  id: null
  identifiers:
    name: WebAuthn/Duo Auth Stage
    pk: dfa04982-91e4-4907-b9d2-cda07f082924
  model: authentik_stages_authenticator_validate.authenticatorvalidatestage
  state: present
- attrs:
    geoip_binding: no_binding
    network_binding: no_binding
    remember_me_offset: days=7
    session_duration: days=1
  conditions: []
  id: null
  identifiers:
    name: default-authentication-login
    pk: 1f10494c-5874-4542-af8e-3df41de6f5e1
  model: authentik_stages_user_login.userloginstage
  state: present
- attrs:
    evaluate_on_plan: true
    invalid_response_action: retry
    policy_engine_mode: any
  conditions: []
  id: null
  identifiers:
    order: 10
    pk: e7271a1d-8e30-4e74-9d90-9753930938fd
    stage: dfa04982-91e4-4907-b9d2-cda07f082924
    target: 7817f152-1a2a-40d4-bc2d-3c748ec68f00
  model: authentik_flows.flowstagebinding
  state: present
- attrs:
    evaluate_on_plan: true
    invalid_response_action: retry
    policy_engine_mode: any
  conditions: []
  id: null
  identifiers:
    order: 20
    pk: c328bc7b-e25b-45e2-bb0c-d5225cd7400d
    stage: 1f10494c-5874-4542-af8e-3df41de6f5e1
    target: 7817f152-1a2a-40d4-bc2d-3c748ec68f00
  model: authentik_flows.flowstagebinding
  state: present
metadata:
  labels:
    blueprints.goauthentik.io/generated: 'true'
  name: authentik Export - 2024-02-21 16:07:37.605830+00:00
version: 1
@strandundmeer
Copy link

Same for me, just upgraded to 2024.2 and passwordless login is broken with the same error message.

@fuomag9
Copy link

fuomag9 commented Feb 21, 2024

Same issue, passwordless login is now broken with 1password

@BeryJu BeryJu mentioned this issue Feb 21, 2024
Merged
6 tasks
@BeryJu
Copy link
Member

BeryJu commented Feb 21, 2024

once the PR above is merged you can use ghcr.io/goauthentik/dev-server:gh-version-2024.2, aside from that we'll release 2024.2.1 tomorrow

This was referenced Feb 22, 2024
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
4 participants
@fuomag9 @BeryJu @strandundmeer @EmilZackrisson