-
-
Notifications
You must be signed in to change notification settings - Fork 110
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WebAuthn - Cant register a device if Bitwarden extension is logged in #269
Comments
The error comes from the Bitwarden js. A fix will be released mid January, in version 2024.1 of BW (see bitwarden/clients#7141 (comment)) FYI, this only affects the registration process, so you can register your device using another browser or with the extension disabled, then go back to your daily setup for login, it should work. |
Go to bitwarden extension -> settings -> Options and Disable the box "Ask to save and use passkeys" This allows you to register without disabling the extension |
Version
5.0.2
Details & Steps to reproduce
After setting up 2FAuth getting a proper SSL. In Chrome & Brave when registering a new WebAuthn device I get a red banner that says: "Uknown Error". I tried in Edge and Firefox both worked and also on Mobile Safari. I also tried on another Edge profile and got the same error. After disabling extensions one by one being logged into Bitwarden produces the unknown error.
Disabling Bitwarden in Chrome and Brave also worked. Renabling it will work until you are logged in.
Tested
Expectation
Bowser popup "Windows Security" asking for PIN/Security Key or more choices etc.
Error & Logs
Execution environment
version: "3.9"
networks:
web:
external: true
services:
2fauth:
image: 2fauth/2fauth
container_name: 2fauth
volumes:
- ./2fauth:/2fauth
environment:
- APP_NAME=2FAuth
- APP_ENV=local
- SITE_OWNER=[scrubbed]
- APP_KEY=[scrubbed]
- APP_URL=https://[scrubbed]
- LOG_CHANNEL=daily
- LOG_LEVEL=notice
- DB_DATABASE="/srv/database/database.sqlite"
- CACHE_DRIVER=file
- SESSION_DRIVER=file
- AUTHENTICATION_GUARD=web-guard
- WEBAUTHN_NAME=2FAuth
- WEBAUTHN_USER_VERIFICATION=preferred
- TRUSTED_PROXIES=*
- BROADCAST_DRIVER=log
- QUEUE_DRIVER=sync
- SESSION_LIFETIME=120
- REDIS_HOST=127.0.0.1
- REDIS_PASSWORD=null
- REDIS_PORT=6379
- PUSHER_APP_ID=
- PUSHER_APP_KEY=
- PUSHER_APP_SECRET=
- PUSHER_APP_CLUSTER=mt1
- MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
- MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
- MIX_ENV=local
#- CF_DNS_API_TOKEN=[scrubbed]
networks:
- web
labels:
- traefik.enable=true
- traefik.http.routers.2fauth.rule=Host(
[scrubbed]
) || Path(/2fauth
)- traefik.http.routers.2fauth.entrypoints=websecure
- traefik.http.routers.2fauth.tls.certresolver=default
Containerization
Additional information
Tested with 5.0.0, 5.0.1, 5.0.2
Tested registering on: https://webauthn.io/ - I noticed Biwarden "hijacks" if you will the Passkey popup. When Bitwarden is not on the default popup is Browser/Web. I assume this initial passkey interaction is what's causing the issue.
The text was updated successfully, but these errors were encountered: