Hi Rúben Jimenez,
I have downloaded WebAuthNFido2 and used in my mobile application.I try use client action PasswordlessSignup to register a new user. Username created successfull and a record created Fido2User entity. But, data in StoredCredential entity haven't created, it empty.I checked error log at service center:
RequestUrl: https://mydomain/MyAuthApp/screenservices/WebAuthNFido2/ActionAttestAndSignUp (Method: POST)
-----
[1] One or more errors occurred.at ssWebAuthNFido2.RssExtensionFido2Extension.MssAttestation(HeContext heContext, String inParamAttestationResponseJson, String inParamOptionsJson, String& outParamStoredCredentialResultJson)at ssWebAuthNFido2.Actions.ActionAttestAndSignUp(HeContext heContext, String inParamNewCredential, String inParamOptionsJson, Byte[] inParamFido2UserId)[2] Missing or unknown attestation typeat Fido2NetLib.AuthenticatorAttestationResponse.<VerifyAsync>d__10.MoveNext()--- End of stack trace from previous location where exception was thrown ---at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task) at Fido2NetLib.Fido2.<MakeNewCredentialAsync>d__7.MoveNext()
[1] One or more errors occurred.at System.Threading.Tasks.Task`1.GetResultCore(Boolean waitCompletionNotification)at OutSystems.NssFido2Extension.CssFido2Extension.MssAttestation(String ssAttestationResponseJson, String ssOptionsJson, String& ssStoredCredentialResultJson)at ssWebAuthNFido2.RssExtensionFido2Extension.MssAttestation(HeContext heContext, String inParamAttestationResponseJson, String inParamOptionsJson, String& outParamStoredCredentialResultJson)[2] Missing or unknown attestation typeat Fido2NetLib.AuthenticatorAttestationResponse.<VerifyAsync>d__10.MoveNext()--- End of stack trace from previous location where exception was thrown ---at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)at Fido2NetLib.Fido2.<MakeNewCredentialAsync>d__7.MoveNext()
----
Please help me resolve this issue.
Thanks so much,
I have resolved this issue.
Cause: class AuthenticatorAttestationResponse.cs of Fido2NetLib hasn't verfied with AttestationObject.Fmt = "apple".
I have downloaded Fido2.dll version 2.0.2 and re-build Fido2Extension. And it hasn't occurred exceptions, issue resolved.This is source code of Fido2NetLib version 2.0.2
// 13. Determine the attestation statement format by performing a USASCII case-sensitive match on fmt against the set of supported WebAuthn Attestation Statement Format Identifier values.
// An up-to-date list of registered WebAuthn Attestation Statement Format Identifier values is maintained in the IANA registry of the same name
// https://www.w3.org/TR/webauthn/#defined-attestation-formats
AttestationVerifier verifier = AttestationObject.Fmt switch
{
// TODO: Better way to build these mappings?
"none" => new None(), // https://www.w3.org/TR/webauthn/#none-attestation
"tpm" => new Tpm(), // https://www.w3.org/TR/webauthn/#tpm-attestation
"android-key" => new AndroidKey(), // https://www.w3.org/TR/webauthn/#android-key-attestation
"android-safetynet" => new AndroidSafetyNet(), // https://www.w3.org/TR/webauthn/#android-safetynet-attestation
"fido-u2f" => new FidoU2f(), // https://www.w3.org/TR/webauthn/#fido-u2f-attestation
"packed" => new Packed(), // https://www.w3.org/TR/webauthn/#packed-attestation
"apple" => new Apple(), // https://www.w3.org/TR/webauthn/#apple-anonymous-attestation
_ => throw new Fido2VerificationException("Missing or unknown attestation type"),
};
Thanks !