[Webkit-unassigned] [Bug 232950] New: WebAuthn navigator.credentials.create() fails with "NowAllowedError" after Touch ID interaction
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Nov 10 10:08:00 PST 2021
https://bugs.webkit.org/show_bug.cgi?id=232950
Bug ID: 232950
Summary: WebAuthn navigator.credentials.create() fails with
"NowAllowedError" after Touch ID interaction
Product: WebKit
Version: Safari 15
Hardware: Mac (Apple Silicon)
OS: macOS 12
Status: NEW
Severity: Normal
Priority: P2
Component: WebKit Misc.
Assignee: webkit-unassigned at lists.webkit.org
Reporter: matthew at millerti.me
Created attachment 443827
--> https://bugs.webkit.org/attachment.cgi?id=443827&action=review
Screencast of failing Touch ID registration
WebAuthn platform authenticator registration in macOS 12.0, Safari 15.0, on a new MacBook Pro with an M1 Pro appears to be broken. Triggering `navigator.credentials.create()` on a button click prompts me to allow use of Touch ID as expected, and when I click OK I'm prompted to interact with Touch ID as expected. Tapping my Touch ID sensor, though, shows a "The operation cannot be completed" modal, and a `NotAllowedError` exception is thrown.
I tested this scenario on https://example.simplewebauthn.dev. This exact same code works fine on my 2019 Intel i7 MBP - I am able to register Touch ID as expected.
These are the registration options I passed to `navigator.credentials.create()` (I used my @simplewebauthn/browser library to convert some of these values to buffers as needed before making the actual WebAuthn API request):
```
{
"challenge": "LHfdXxwvT9lCyG0w0zZ_x6FYNydqnyOsIreqO_ZIIU8",
"rp": {
"name": "SimpleWebAuthn Example",
"id": "example.simplewebauthn.dev"
},
"user": {
"id": "internalUserId",
"name": "user at example.simplewebauthn.dev",
"displayName": "user at example.simplewebauthn.dev"
},
"pubKeyCredParams": [
{
"alg": -7,
"type": "public-key"
},
{
"alg": -257,
"type": "public-key"
}
],
"timeout": 60000,
"attestation": "direct",
"excludeCredentials": [],
"authenticatorSelection": {
"userVerification": "preferred",
"requireResidentKey": false
}
}
```
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20211110/85af1280/attachment-0001.htm>
More information about the webkit-unassigned
mailing list