The larapass from darkghosthunter

JS helper: Mobile Safari invalid character '#' in function name

Hello and thanks for this amazing package,

During testing I identified that your Javascript helper is not interpreted correctly by the JS engine on Mobile safari (IOS 14)

I was able to fix the IOS issue by removing any # in function names.

Hope that help!

best regards

Laravel 8

Laravel 8 not supported

BUG: Invalid JSON text inserting credentials

It seems that the JSON type doesn't like none as a value for attestation_type

SQLSTATE[22032]: <>: 3140 Invalid JSON text: "Invalid value." at position 1 in value for column 'web_authn_credentials.attestation_type'. (SQL: insert into web_authn_credentials (id, user_handle, type, transports, attestation_type, trust_path, aaguid, public_key, counter, user_id, updated_at, created_at) values (q5Nd7GrQztOkUeWUXA-X_2XiJUc, 076f0803-2531-436d-ae4f-0e4f45a9f6e7, public-key, [], none, {"type":"Webauthn\TrustPath\EmptyTrustPath"}, 00000000-0000-0000-0000-000000000000, ����& �!X �d����"�������@�{0���p����`�x~��"X j��6���2�������6v��'"���:^b.:A�Y, 0, 1, 2021-06-12 13:11:26, 2021-06-12 13:11:26))

To make it work and test TouchID register and login I updated

   'attestation_type' => json_encode($source->getAttestationType()),

   public static function fromCredentialSource(CredentialSource $source)
    {
        return ($model = new static())->fill(
            [
                $model->getKeyName() => $source->getPublicKeyCredentialId(),
                'user_handle' => $source->getUserHandle(),
                'type' => $source->getType(),
                'transports' => $source->getTransports(),
                'attestation_type' => json_encode($source->getAttestationType()),
                'trust_path' => $source->getTrustPath()->jsonSerialize(),
                'aaguid' => $source->getAaguid()->toString(),
                'public_key' => $source->getCredentialPublicKey(),
                'counter' => $source->getCounter(),
            ]
        );
    }

Not sure if that's the proper fix, but it allowed me to test the process.

Confirm middleware and login issue

File: WebAuthnAssertValidator

public function validate(array $data)
    {
        if (!$assertion = $this->retrieveAssertion()) {
            return false;
        }
        try {
            $credentials = $this->loader->loadArray($data);
            $response = $credentials->getResponse();
            if (!$response instanceof AuthenticatorAssertionResponse) {
                return false;
            }
            return $this->validator->check(
                $credentials->getRawId(),
                $response,
                $this->retrieveAssertion(),
                $this->request,
                $response->getUserHandle(),
                [$this->getCurrentRpId($assertion)]
            );
        } catch (InvalidArgumentException $exception) {
            return false;
        } finally {
            $this->cache->forget($this->cacheKey());
        }
    }

i think this is some bug $response->getUserHandle(), allways null, no change to the setting will take effect.

but i change $response->getUserHandle(), -> request()->user()->userEntity()->getId(), all working fine..

I think I'm doing something wrong i use yubikeys and i'm tested default settings and change allmoust everything but no luck.

so i ask what needs to be done differently to get the result to $response->getUserHandle(),??

BLOB/TEXT column 'id' used in key specification without a key length

While trying to run migration 2020_07_24_075358_create_web_authn_tables I get following error

SQLSTATE[42000]: Syntax error or access violation: 1170 BLOB/TEXT column 'id' used in key specification without a key length (SQL: alter table `web_authn_credentials` add primary key `web_authn_credentials_id_user_id_primary`(`id`, `user_id`))

I'm running this in homestead with

$ mysql --version
mysql  Ver 15.1 Distrib 10.4.13-MariaDB, for debian-linux-gnu (x86_64) using readline 5.2

Any idea what would be sufficient key length?

Malformed UTF-8 characters, possibly incorrectly encoded

On following environment:

PHP 7.4.8
Laravel v7.21
Default configuration for larapass.php

On registration process, I got the error:

Response for /webauthn/register/options:

{"rp":{"name":"Laravel"},"pubKeyCredParams":[{"type":"public-key","alg":-7},{"type":"public-key","alg":-8},{"type":"public-key","alg":-35},{"type":"public-key","alg":-36},{"type":"public-key","alg":-257}],"challenge":"nB15sPSpNaZNc_qo3RexMg","attestation":"none","user":{"name":"[email protected]","id":"MzQ5MDE3ZTEtYjU2Zi00YWM0LTlkYjEtZmNmZGMyOGE2ZTg3","displayName":"admin"},"authenticatorSelection":{"requireResidentKey":false,"userVerification":"preferred"},"timeout":60000}

On /webauthn/register:

Expand

{ "message": "Malformed UTF-8 characters, possibly incorrectly encoded", "exception": "InvalidArgumentException", "file": "/var/www/vendor/laravel/framework/src/Illuminate/Http/JsonResponse.php", "line": 75, "trace": [ { "file": "/var/www/vendor/symfony/http-foundation/JsonResponse.php", "line": 50, "function": "setData", "class": "Illuminate\\Http\\JsonResponse", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Http/JsonResponse.php", "line": 31, "function": "__construct", "class": "Symfony\\Component\\HttpFoundation\\JsonResponse", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Foundation/Exceptions/Handler.php", "line": 474, "function": "__construct", "class": "Illuminate\\Http\\JsonResponse", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Foundation/Exceptions/Handler.php", "line": 209, "function": "prepareJsonResponse", "class": "Illuminate\\Foundation\\Exceptions\\Handler", "type": "->" }, { "file": "/var/www/app/Exceptions/Handler.php", "line": 53, "function": "render", "class": "Illuminate\\Foundation\\Exceptions\\Handler", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Routing/Pipeline.php", "line": 51, "function": "render", "class": "App\\Exceptions\\Handler", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 130, "function": "handleException", "class": "Illuminate\\Routing\\Pipeline", "type": "->" }, { "file": "/var/www/app/Http/Middleware/SetLocale.php", "line": 24, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "App\\Http\\Middleware\\SetLocale", "type": "->" }, { "file": "/var/www/app/Http/Middleware/AuthGates.php", "line": 32, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "App\\Http\\Middleware\\AuthGates", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php", "line": 41, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Illuminate\\Routing\\Middleware\\SubstituteBindings", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php", "line": 44, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Illuminate\\Auth\\Middleware\\Authenticate", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/VerifyCsrfToken.php", "line": 76, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\VerifyCsrfToken", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/View/Middleware/ShareErrorsFromSession.php", "line": 49, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Illuminate\\View\\Middleware\\ShareErrorsFromSession", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php", "line": 116, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Session/Middleware/StartSession.php", "line": 62, "function": "handleStatefulRequest", "class": "Illuminate\\Session\\Middleware\\StartSession", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Illuminate\\Session\\Middleware\\StartSession", "type": "->" }, { "file": "/var/www/vendor/stancl/tenancy/src/Middleware/PreventAccessFromCentralDomains.php", "line": 29, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Stancl\\Tenancy\\Middleware\\PreventAccessFromCentralDomains", "type": "->" }, { "file": "/var/www/vendor/stancl/tenancy/src/Middleware/IdentificationMiddleware.php", "line": 36, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/stancl/tenancy/src/Middleware/InitializeTenancyByDomain.php", "line": 38, "function": "initializeTenancy", "class": "Stancl\\Tenancy\\Middleware\\IdentificationMiddleware", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Stancl\\Tenancy\\Middleware\\InitializeTenancyByDomain", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/AddQueuedCookiesToResponse.php", "line": 37, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Illuminate\\Cookie\\Middleware\\AddQueuedCookiesToResponse", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Cookie/Middleware/EncryptCookies.php", "line": 66, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Illuminate\\Cookie\\Middleware\\EncryptCookies", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 103, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php", "line": 687, "function": "then", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php", "line": 662, "function": "runRouteWithinStack", "class": "Illuminate\\Routing\\Router", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php", "line": 628, "function": "runRoute", "class": "Illuminate\\Routing\\Router", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Routing/Router.php", "line": 617, "function": "dispatchToRoute", "class": "Illuminate\\Routing\\Router", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php", "line": 165, "function": "dispatch", "class": "Illuminate\\Routing\\Router", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 128, "function": "Illuminate\\Foundation\\Http\\{closure}", "class": "Illuminate\\Foundation\\Http\\Kernel", "type": "->" }, { "file": "/var/www/vendor/barryvdh/laravel-debugbar/src/Middleware/InjectDebugbar.php", "line": 65, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Barryvdh\\Debugbar\\Middleware\\InjectDebugbar", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php", "line": 21, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php", "line": 21, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php", "line": 27, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize", "type": "->" }, { "file": "/var/www/vendor/fruitcake/laravel-cors/src/HandleCors.php", "line": 37, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Fruitcake\\Cors\\HandleCors", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php", "line": 63, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode", "type": "->" }, { "file": "/var/www/vendor/fideloper/proxy/src/TrustProxies.php", "line": 57, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 167, "function": "handle", "class": "Fideloper\\Proxy\\TrustProxies", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php", "line": 103, "function": "Illuminate\\Pipeline\\{closure}", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php", "line": 140, "function": "then", "class": "Illuminate\\Pipeline\\Pipeline", "type": "->" }, { "file": "/var/www/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php", "line": 109, "function": "sendRequestThroughRouter", "class": "Illuminate\\Foundation\\Http\\Kernel", "type": "->" }, { "file": "/var/www/public/index.php", "line": 55, "function": "handle", "class": "Illuminate\\Foundation\\Http\\Kernel", "type": "->" } ] }

I think that the reason may be the encoded id/rawId values, because the exception is thrown while attaching the credentials to the user.

As I saw, in

Larapass/src/WebAuthnAuthentication.php

Lines 87 to 92 in fcb0991

    
           public function addCredential(CredentialSource $source) : void 
        
           { 
        
               $this->webAuthnCredentials()->save( 
        
                   WebAuthnCredential::fromCredentialSource($source) 
        
               ); 
        
           }

and deeper in the code,

Larapass/src/WebAuthn/WebAuthnAttestValidator.php

Line 90 in 0734761

$credentials = $this->loader->loadArray($data)->getResponse();

while decoding $json['id'] and $json['rawId'] , we got a non UTF-8 string.

This provokes the following mysql error:

SQLSTATE[HY000]: General error: 1366 Incorrect string value: '\xFD\x81\x06[@z...' for column 'id' at row 1 (SQL: insert into `web_authn_credentials` (`id`, `user_handle`, `type`, `transports`, `attestation_type`, `trust_path`, `aaguid`, `public_key`, `counter`, `user_id`, `updated_at`, `created_at`) values (\t²ü\x06[@z!6\x18Bâ¥c\x192P´─╩6ÆÒÝÅ ╩WsE;É, 624905a3-f0ba-4ad1-8186-cc7b5da7cb37, public-key, [], none, {"type":"Webauthn\\TrustPath\\EmptyTrustPath"}, 00000000-0000-0000-0000-000000000000, Ñ\x01\x02\x03& \x01!X \x14bÿâ^a? TÂ×¤¨Æ\x18Y·┌©j¾\fr\x16ó░┌í├Ad"X èÄð|áı%Tàóês\x08Æø·F┌+\x04TG¶CK╬┬U┐\x19F=, 1, 1, 2020-07-29 07:01:07, 2020-07-29 07:01:07)) ◀SQLSTATE[HY000]: General error: 1366 Incorrect string value: '\xFD\x81\x06[@z...' for column 'id' at row 1 (SQL: insert into `web_authn_credentials` (`id`, `use...

Configuration 'cache' => env('WEBAUTHN_CACHE'),

Hi all
what this should be, i can't find help in the document?

[4.x] Next version, big rewrite.

As you can see, Larapass has no Laravel 9 support.

I'm holding updates back as until I finish a big rewrite. Once done, a new version will be up targeting Laravel 9, and will be available at Laragear.

If you want to speedy up development, you can hit me in Patreon.

Cross origin fetch fails

I've opened a PR which should fix it :) #18

Larapass and yobikey that supported?

Hi,

larapass support yobikey or google cloud key or something other secure usb keys ?

Yubikey: User handle is mandatory

I have an issue using Yubikeys.

I've created an example application with a fresh Laravel installation and breeze for authentication. My goal is to use this package for a second factor after login.

However, I've just followed your installation guide, use the default published controller and everything.

It works flawlessly with chromes "this device" feature (im on macOS). I can register new keys and login using them.
However, if I try to use Yubikeys, only the registration works. They are stored correctly in the database. When trying to login, I get a 422 response.

I've installed telescope and it shows that the package bails because of an "Assert\InvalidArgumentException: User handle is mandatory" error. The Database entry has the user_handle column filled.

Stacktrace:

/var/www/html/vendor/beberlei/assert/lib/Assert/Assertion.php:642
/var/www/html/vendor/web-auth/webauthn-lib/src/AuthenticatorAssertionResponseValidator.php:125
/var/www/html/vendor/darkghosthunter/larapass/src/WebAuthn/WebAuthnAssertValidator.php:224
/var/www/html/vendor/darkghosthunter/larapass/src/Auth/EloquentWebAuthnProvider.php:85
/var/www/html/vendor/laravel/framework/src/Illuminate/Auth/SessionGuard.php:422
/var/www/html/vendor/laravel/framework/src/Illuminate/Auth/SessionGuard.php:371
/var/www/html/vendor/darkghosthunter/larapass/src/Http/AuthenticatesWebAuthn.php:120
/var/www/html/vendor/darkghosthunter/larapass/src/Http/AuthenticatesWebAuthn.php:90
---

Is there something I've misconfigured?

Thanks in advance!

Finger print scanner does not appear. How to fix?

I don't have much experience of webauthn.
My issue is I don't see fingerprint option in the window. (Check attached image) just only usb security key is appearing.
Issue Image : https://drive.google.com/file/d/1KYVs1tKeUe4MJ5_-Eo24RQc-5OXxf5Kr/view?usp=sharing
I get same results using bellow link. It just show only usb security key option. Please check.
https://webauthn.bin.coffee/

But I can fingerprint is working correctly bellow links.
https://webauthn.me/
https://webauthn.io/
My problem is why I don't see fingerprint and pin option when using larapass.

There is another issue the library is not working for browsers in mobile phones. Even Chrome.
I am waiting for solution.
Regards,
Pasindu.

Argument 1 passed to Webauthn\PublicKeyCredentialRpEntity::__construct() must be of the type string, null given

I just installed this package on a Laravel 7 project, when trying to migrate it gives the error, also the project is throwing Error 500.

The full log is:

PHP Fatal error:  Uncaught TypeError: Argument 1 passed to Webauthn\PublicKeyCredentialRpEntity::__construct() must be of the type string, null given, called in /home/douglas/repos/newproject/vendor/darkghosthunter/larapass/src/LarapassServiceProvider.php on line 145 and defined in /home/douglas/repos/newproject/vendor/web-auth/webauthn-lib/src/PublicKeyCredentialRpEntity.php:25
Stack trace:
#0 /home/douglas/repos/newproject/vendor/darkghosthunter/larapass/src/LarapassServiceProvider.php(145): Webauthn\PublicKeyCredentialRpEntity->__construct()
#1 /home/douglas/repos/newproject/vendor/laravel/framework/src/Illuminate/Container/Container.php(805): DarkGhostHunter\Larapass\LarapassServiceProvider::DarkGhostHunter\Larapass\{closure}()
#2 /home/douglas/repos/newproject/vendor/laravel/framework/src/Illuminate/Container/Container.php(691): Illuminate\Container\Container->build()
#3 /home/douglas/repos/newproject/vendor/laravel/framework/src/Illuminate/Foundation/Application.php(796): Illuminate\Container\Container->resol in /home/douglas/repos/newproject/vendor/web-auth/webauthn-lib/src/PublicKeyCredentialRpEntity.php on line 25

I've changed the web-authn version from 3.3.1 to 3.2 manually, made cache:clear route:clear and config:clear, deleted vendor folder and composer.lock and reinstalled everything and the same issue is happening.

Anyone is having the same issue?

Check if user has a device registered before showing a button

Hi,

Is it possible to check if the user has webauth enabled on this device to show a button on login for them to use the webauth login?

Webauthn working on Chrome(Desktop) but not on android

The package is working fine with Google Chrome Desktop on a Windows 10 PC using windows hello, however in android the devices register successfully as I can see the data on the log but when trying to login the userHandle says NULL while on the desktop the userHandle has the uuid.

Working Google Chrome with Windows 10:

array (
 'id' => 'dJjow4rF261_sEpbZKq1jPCsf122ssRZY9y4aL-qUnE',
 'rawId' => 'dJjow4rF261/sEpbZKq1jPCsf122ssRZY9y4aL+qUnE=',
 'response' =>
 array (
   'authenticatorData' => 'dVNCo7N4HwFvr8OfsnhZHulzNq/CpP4Dcq2AFBnmp4EFAAAAAg==',
   'clientDataJSON' => 'eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiLVE0ZWdMSTY5bHJMX0otN0xqY09IUSIsIm9yaWdpbiI6Imh0dHBzOi8vc3RhZ2luZy50dXJpY29pbi5uZXQiLCJjcm9zc09yaWdpbiI6ZmFsc2UsIm90aGVyX2tleXNfY2FuX2JlX2FkZGVkX2hlcmUiOiJkbyBub3QgY29tcGFyZSBjbGllbnREYXRhSlNPTiBhZ2FpbnN0IGEgdGVtcGxhdGUuIFNlZSBodHRwczovL2dvby5nbC95YWJQZXgifQ==',
   'signature' => 'odVDuyRMw9YIlx+mzhs76VcKSMvCc7C+TBKmdzZGzWLsuUdqWroAN14vxkuge2w+KKYQnfoXLUAazLe94MhIBBktAPaEvvgSPUq0DB98FMoCzI81BsB2Yi1m32KbPO+OtpEZeaWMeCSddtNTFMntb8vmorvYO1vTwQGBlJidQZS7b39Kh7ixW/G6S3YwwMHVtG/g12/JnpkpzjbzWGvrx7oHgt0vhUevnppuTZhilFvygUkRZeCspEr1KIhP+1w+xyGd4Auom+iXieuHV+hQCyfQc03e3ZO3uauqIwyrFue9CWNJ9tqAxkyupqgcf1BUJfBSLe9Dcr7cdNfjgrw0Ag==',
   'userHandle' => 'ZTc5MWJkZGEtYzRhMS00MjRiLTg2NjItZTU3YzRhYmIzNDVi',
 ),
 'type' => 'public-key',
)

Not Working Google Chrome on Android 10:

array (
  'id' => 'Aaf2Op4CSSB0SenC-JnJ9nGKfCLrq-OO_w2K_I2nYM6vOBWCvWr-r2ECE-1a6y0j93lQIk5rugYwoX37DHZoYig',
  'type' => 'public-key',
  'rawId' => 'Aaf2Op4CSSB0SenC+JnJ9nGKfCLrq+OO/w2K/I2nYM6vOBWCvWr+r2ECE+1a6y0j93lQIk5rugYwoX37DHZoYig=',
  'response' =>
  array (
    'clientDataJSON' => 'eyJ0eXBlIjoid2ViYXV0aG4uZ2V0IiwiY2hhbGxlbmdlIjoiY2dWcGxTa1lfd2N2RHdiYjBrQXRsQSIsIm9yaWdpbiI6Imh0dHBzOlwvXC9zdGFnaW5nLnR1cmljb2luLm5ldCIsImFuZHJvaWRQYWNrYWdlTmFtZSI6ImNvbS5hbmRyb2lkLmNocm9tZSJ9',
    'authenticatorData' => 'dVNCo7N4HwFvr8OfsnhZHulzNq/CpP4Dcq2AFBnmp4EFAAAAAg==',
    'signature' => 'MEUCICcWlIP3H2yeSXHKGTr3SRPS6ES+tRMpLIKv+y28XRzuAiEA3pqJEbBqnZNBjVl+4PNHk3vghKE7DEm7sDiBt5AbjAQ=',
    'userHandle' => NULL,
  ),
)

The userHandle index is empty so this leads to the library response 422

BUG: Invalid byte sequence for encoding "UTF-8"

When attempting to register my YubiKey using Larapass I run into the following error: "SQLSTATE[22021]: Character not in repertoire: 7 ERROR: invalid byte sequence for encoding "UTF8": 0xa5 (SQL: insert into "web_authn_credentials" ("id", "user_handle", "type", "transports", "attestation_type", "trust_path", "aaguid", "public_key", "counter", "user_id", "updated_at", "created_at") values (...)

This appears to be happening on the store of the model into the database (ONLY WHEN USING POSTGRES, not in MySQL) and I can't seem to patch it myself. I have verified that the database is using UTF-8 as its encoding. Any help would be greatly appreciated

Here are the versions I am using:
Laravel 8.x
Postgres 11.5
PHP 8.0

Login fails with eiter typeless or email

The registration of a device (android displaylock fingeprint) works perfectly and generates following database entry.

INSERT INTO `web_authn_credentials` (`id`, `user_id`, `name`, `type`, `transports`, `attestation_type`, `trust_path`, `aaguid`, `public_key`, `counter`, `user_handle`, `created_at`, `updated_at`, `disabled_at`) VALUES

('AUlo', 1, NULL, 'public-key', '[]', 'none', '{\"type\":\"Webauthn\\\\TrustPath\\\\EmptyTrustPath\"}', '00000000-0000-0000-0000-000000000000', 0xae, 0, '1afgcc4a-92b7-465f-9967-09c28fgfb2c8', '2021-04-30 13:30:29', '2021-04-30 13:30:29', NULL);

(Data obfuscated :) )

But login with either email or typeless fails with following log entries:

[2021-04-30 15:59:04] local.INFO: Trying to load data from an array {"data":{"id":"lo","rawId":"AAlo=","response":{"authenticatorData":"AAg==","clientDataJSON":"In0=","signature":"Czg==","userHandle":""},"type":"public-key"}} 
[2021-04-30 15:59:04] local.INFO: The data has been loaded  
[2021-04-30 15:59:04] local.DEBUG: Public Key Credential {"publicKeyCredential":{"Webauthn\\PublicKeyCredential":"{}"}} 
[2021-04-30 15:59:04] local.INFO: Checking the authenticator assertion response {"credentialId":"\Z","authenticatorAssertionResponse":{"Webauthn\\AuthenticatorAssertionResponse":[]},"publicKeyCredentialRequestOptions":{"Webauthn\\PublicKeyCredentialRequestOptions":{"challenge":"E","userVerification":"preferred","allowCredentials":[{"type":"public-key","id":"lo"}],"timeout":60000}},"host":"somedomain.de","userHandle":""} 
[2021-04-30 15:59:04] local.ERROR: An error occurred {"exception":"[object] (Assert\\InvalidArgumentException(code: 33): Invalid user handle at vendor/beberlei/assert/lib/Assert/Assertion.php:2723)

(Data obfuscated :) )

Somehow no user handle is available to authenticate against. So maybe either the stored credential data is incorrect or something else is broken.

I followed the implementation guide exactly. (Laravel 8.38)
Any help ? Thanks

[SUGGESTION] Hacktoberfest ?

Hi @DarkGhostHunter, it might be worth to add "hacktoberfest" tag to your repo as this is great package !

LARAVEL 8 Support

i got this error when i want to install package in laravel 8

[InvalidArgumentException]
Package darkghosthunter/larapass has a PHP requirement incompatible with your PHP version, PHP extensions and Compo ser version

please fix this issue

Problems with MongoDB

I'm testing the package using MongoDB and jenssegers/mongodb as my default database.

The problem is that all models needs to extend from mongo class.

I'm able to make it work by updating src/Eloquent/WebAuthnCredential.php:
from use Illuminate\Database\Eloquent\Model; to use Jenssegers\Mongodb\Eloquent\Model;

so, my question: do you have any suggestion how/where i can override this class?
like copy to App\Models or something like that ...

Possible values for WEBAUTHN_CACHE?

Hi,

When using the Larapass config file, the challenge configuration includes 'cache' => env('WEBAUTHN_CACHE').
What are possible values for WEBAUTHN_CACHE? Same as CACHE_DRIVER? i.e file

Thx

Laravel 9 Support

Unable to install in Laravel 9

Registration Request sometimes returns empty response

I have a fresh laravel install with laravel/ui --auth initialized.

Then I pulled in your package as described and stuck at Point 5. Your javascript file won't be read from browser unless the # will be changed to '_' or something like that.

After that I changed the register form where the user can register (/register) and added your script to be called on submit. The only route that was called was /webauthn/register/options and it solved in a 401 Unauthorized. I think I did something wrong, but I did not see any. My case is to register a brand new unknown user to the app.

The bug from #14 did I fixed too.

Please help me.

List of authentication mechanisms

Do you know/have a list of hardware and software (e.g. Windows Hello, https://krypt.co/ ) solutions?

	public function addCredential(CredentialSource $source) : void
	{
	$this->webAuthnCredentials()->save(
	WebAuthnCredential::fromCredentialSource($source)
	);
	}

darkghosthunter / larapass Goto Github PK

larapass's People

Contributors

Stargazers

Watchers

Forkers

larapass's Issues

Recommend Projects

Recommend Topics

Recommend Org