New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[FIDO] Fido doesn't seem to work anywhere #1821
Comments
Does your device has a PIN? @mar-v-in Line 156 in d63fed9
|
@ale5000-git My device does not have a pin, it only has touch authentication. |
However, indeed I did try this with a device that does have a PIN as well, which would be why the log I chose to focus on failed in this way. |
The experience with my Yubikey 5 NFC which does not have a PIN is the same, although I'm sure the logs may be a bit different. Let me try to get a log with that. The following is what happens when I try to register a device via webauthn.io on Firefox, this time without the device that has a PIN. Graphically there is no difference and the experience is the same. Tapping the device does nothing.
|
|
I disabled Require User Verification in the advanced settings of webauthn.io, the results are the same. The Firefox UI never asks me to press my key, as if it never saw it plugged in, in the first place. It remains asking me to plug in the authenticator, despite the GMS UI acknowledging that I have plugged it in.
|
Here are fuller logs, should anyone wish to debug further |
I guess I found the issue:
So it should work to use your key with webauthn.io in Chromium if "Require User Verification" is disabled (Chromium does correctly set the value of |
@mar-v-in What you say is true, it just worked with both NFC and USB, but only in Chromium. As for other programs, such as Bitwarden, or signing in with Google, the story is different. I cannot use FIDO to log into the webauthn given by Bitwarden, below is the log.
|
@MatthewCroughan |
@ale5000-git That may be true, but even if I try to login to the web interface via Chromium and use webauthn there, it throws the exact same set of errors. |
Yes, that seems to be another issue on microG FIDO implementation. |
@mar-v-in Is this likely to get resolved, or is it out of scope for the feature set that microG wants to implement? |
Both issues are going to be fixed / workarounded in the next release. |
@mar-v-in When do the nightly apks get built for https://microg.org/dl/core-nightly.apk ? I'm patiently waiting to try this out! Thanks for doing this so quickly <3 |
@mar-v-in It looks like the nightly APK still isn't updated. When does this APK get updated? |
Looks like the nightly APK just got updated. Quick turnaround! Thanks so much. |
Can you confirm that it works for you in all cases now? |
@ale5000-git @mar-v-in I can confirm that d01f371 fixes each and every one of my use-cases. Signing into Tailscale via Chromium via Google with NFC works fine, as does webauthn via my self-hosted Bitwarden. This is really great. I have also tested that it works fine with USB. |
Have you tested also with Firefox? |
It looks to work in exactly the same way with Firefox 107.1.0 from FFDownloader from F-Droid |
Good, thanks. |
Describe the bug
Whenever I try to use the new FIDO functionality via USB on v0.2.25.223616 or 2a19ef4, the transport handler crashes when indicating presence on the FIDO device. In the Android UI, nothing graphical can be seen, but the results of logcat show what is happening. The ultimate result is that FIDO doesn't work in any context. The system UI will allow me to attempt to add keys in Firefox or Chromium, but will not do anything when I press the key.
Logcat
To Reproduce
Steps to reproduce the behavior:
Expected behavior
I expect tapping the FIDO key to do something, but it does nothing.
System
Android Version: 12
Custom ROM: LineageOS 19.1
Additional context
I am using a Yubikey 5 NFC, and NFC/USB. NFC does not work either.
More Logcat that proves data is being sent back from the Yubikey and being handled
The text was updated successfully, but these errors were encountered: