Skip to content
This repository has been archived by the owner on Nov 9, 2023. It is now read-only.

Multi-facet endpoint not working with JS API & Chrome 59 #161

Open
kspearrin opened this issue Jun 22, 2017 · 3 comments
Open

Multi-facet endpoint not working with JS API & Chrome 59 #161

kspearrin opened this issue Jun 22, 2017 · 3 comments

Comments

@kspearrin
Copy link

kspearrin commented Jun 22, 2017
edited
Loading

Using Chrome 59.0.3071.109. No extension.

Navigating to https://localhost:44377/app-id.json resolves the following JSON:

{"trustedFacets":[{"version":{"major":1,"minor":0},"ids":["https://localhost:4001"]}]}

Content-type is set to application/fido.trusted-apps+json

Screenshot:

image

image

My website invoking this is at https://localhost:4001/...

Code:

// Works as expected and I get response data in callback
doRegister({
   appId: 'https://localhost:4001',
   challenge: 'YEo8uW-0QfYrSudu1B_iLurfp7kG9ECbVuCE-GVNkmc'
   version: 'U2F_V2'
});

// Does NOT work. errorCode: 2 (bad request) in callback
doRegister({
   appId: 'https://localhost:44377/app-id.json',
   challenge: 'YEo8uW-0QfYrSudu1B_iLurfp7kG9ECbVuCE-GVNkmc'
   version: 'U2F_V2'
});

function doRegister(myChallenge) {
    window.u2f.register(myChallenge.appId, [{
        version: myChallenge.version,
        challenge: myChallenge.challenge
    }], [], function (data) {
        if (data.errorCode) {
            console.log('errorCode: ' + data.errorCode);
            return;
        }
        console.log('Response: ');
        console.log(JSON.stringify(data));
        return '';
    });
}

I am using the latest (as of today) api from https://github.com/google/u2f-ref-code/blob/master/u2f-gae-demo/war/js/u2f-api.js

Any ideas?
@kspearrin kspearrin changed the title Multi-facet endpoint not working with Chrome 59 Multi-facet endpoint not working with JS API & Chrome 59 Jun 22, 2017
@kspearrin
Copy link
Author

Looks like this question on SO is having the same problem: https://stackoverflow.com/questions/33610042/u2f-integration-with-multiple-facetids-without-chrome-extension-but-u2f-api-js

One of the answers suggests:

I guess you have different origins in your appId json, the origin of facetID must be the same as AppID, for example: all facetID in https://example.com/app-id.json must have the same origin of https://*.example.com

so in your case your trustFaceID should all belong to https://localhost:44300

Is this the case? I do not see that mentioned anywhere in the spec, however, the examples shown in the spec do follow that logic.

@yackermann
Copy link

@kspearrin Add your localhost CA cert into the browser

@xuwei2014
Copy link

@kspearrin Do you have solved this issue? I have the same problem with you.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kspearrin @yackermann @xuwei2014