c# - Fido2 challenge not matching original challenge - Stack Overflow

admin管理员组

文章数量:1122846

I'm using Fido2.AspNet version 4.0.0-beta.16 to implement passwordless logins. When trying to register a user, I'm getting an exception saying:

Authenticator response challenge does not match original challenge

I'm calling fido2.RequestNewCredential, storing the result in a redis cache, then sending that back to the Angular application. The Angular app calls fido2Create from @ownid/webauthn. I then send the data property of that back to the server.

When I run this code on the server to complete registration, the exception is thrown

var options = await cache.GetStringAsync(...);

var makeNewCredentialParams = new MakeNewCredentialParams {
    AttestationResponse = request.AttestationResponse,
    IsCredentialIdUniqueToUserCallback = ...,
    OriginalOptions = CredentialCreateOptions.FromJson(options)
};

var credential = await fido2.MakeNewCredentialAsync(makeNewCredentialParams, cancellationToken);

This is all the Angular service is doing:

  async register(email: string) {
    const response = await lastValueFrom(this.#http.post('account/registerStart', email))
    const fido = await fido2Create(response, email)

    return await lastValueFrom(this.#http.post('account/registerEnd', { email, attestationResponse: fido.data })) as string
  }

本文标签： cFido2 challenge not matching original challengeStack Overflow