Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WebAuthn/U2F: Attestation Error: Relying Party ID not scoped to current #1751

Closed
nicokaiser opened this issue Feb 7, 2023 · 5 comments · Fixed by #1985
Closed

WebAuthn/U2F: Attestation Error: Relying Party ID not scoped to current #1751

nicokaiser opened this issue Feb 7, 2023 · 5 comments · Fixed by #1985
Labels
Documentation Missing documents and help

Comments

@nicokaiser
Copy link
Contributor

Detailed description of the problem [REQUIRED]

WebAuthn does not work.

Steps to reproduce the issue

Steps to reproduce the behavior:

  1. Log in
  2. Open Settings -> U2F
  3. Click "Register new device"
  4. Have the browser generate a new passkey
  5. WebAuthn::register API call returns Error 422
{"message":"Attestation Error: Relying Party ID not scoped to current.","errors":{"attestation":["Attestation Error: Relying Party ID not scoped to current."]}}

Browser and system

Chrome on macOS

The documentations does not say anything about the U2F feature, so it should be either fixed (and "just work"), or removed.
@ildyria
Copy link
Member

ildyria commented Feb 8, 2023
edited
Loading

If I am not wrong this is because the APP_URL is not set properly in the .env.

That being said, there have been some changes recently in Laragear and it seems that webAuthn uses has been restricted to a certain type of devices. I need to investigate that.

@ildyria ildyria added the Documentation Missing documents and help label Feb 8, 2023
@nicokaiser
Copy link
Contributor Author

Oh you are right, the APP_URL was not set, thanks for clarifying.

@nicokaiser
Copy link
Contributor Author

Would it make sense though to completely disable the WebAuthn feature if no APP_URL is set?

@ildyria
Copy link
Member

ildyria commented Feb 9, 2023

Would it make sense though to completely disable the WebAuthn feature if no APP_URL is set?

Not necessarily, but to have that info in the diagnostics yes.

@ildyria
Copy link
Member

ildyria commented Feb 13, 2023

Also to be added in https://lycheeorg.github.io/docs/faq_troubleshooting.html

@ildyria ildyria mentioned this issue Aug 21, 2023
Merged
ildyria added a commit that referenced this issue Aug 24, 2023
@ildyria @d7415
Fixes #1751 - Add error thrown if APP_URL does not match current url (#…
3dd7dcc 
…1985)

Co-authored-by: Martin Stone <1611702+d7415@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Documentation Missing documents and help
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixes #1751 - Add error thrown if APP_URL does not match current url LycheeOrg/Lychee
2 participants
@nicokaiser @ildyria