Erro Interno 500 no Servidor com Passkeys e DiscourseConnect

Configurei o Discourse Connect onde posso fazer login em outro aplicativo com o Discourse.

Tudo funciona quando uso senhas, mas quando faço login no Discourse com uma passkey durante o fluxo, recebo um erro 500.

Internal server error modal673×245 8.42 KB

Vejo um erro 500 nos logs do NGINX:

POST /session/passkey/auth.json HTTP/2.0

e isto nos logs do Rails:

Started POST "/session/passkey/auth.json" for <ip_address> at 2024-08-28 21:33:32 +0000
Processing by SessionController#passkey_login as JSON
  Parameters: {"publicKeyCredential"=>{"signature"=>"...", "clientData"=>"...", "authenticatorData"=>"...", "credentialId"=>"...", "userHandle"=>"..."}}
start
Completed 500 Internal Server Error in 30ms (ActiveRecord: 0.0ms | Allocations: 4837)
done

Não tenho certeza de onde mais procurar uma mensagem de erro.

É um bug, ou preciso fazer algo mais para que as passkeys funcionem com o Discourse Connect?

Alguém está usando o DiscourseConnect que poderia verificar rapidamente se as passkeys funcionam com ele em seu site?

Terei que encontrar uma abordagem completamente diferente se as passkeys não funcionarem com o DiscourseConnect.

Na verdade, consigo replicar a mesma falha, mas ela não é específica do DiscourseConnect estar no fluxo.

Meu login com passkey funcionou em meta.discourse.org, mas falhou em nosso site interno.

Quais erros vocês veem em seus tracebacks (/logs)?

Eu vejo:

NoMethodError (undefined method `ok' for false)
app/controllers/session_controller.rb:809:in `login'
app/controllers/session_controller.rb:399:in `passkey_login'
app/controllers/application_controller.rb:424:in `block in with_resolved_locale'
app/controllers/application_controller.rb:424:in `with_resolved_locale'
lib/middleware/omniauth_bypass_middleware.rb:64:in `call'
lib/middleware/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:393:in `call'
lib/middleware/csp_script_nonce_injector.rb:12:in `call'
config/initializers/008-rack-cors.rb:26:in `call'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:35:in `call_app'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:22:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
lib/middleware/processing_request.rb:12:in `call'
lib/middleware/request_tracker.rb:360:in `call'

@dev-managers o login com passkey está parcialmente quebrado

Obrigado por verificar. Veja o que vejo em /logs:

app/controllers/session_controller.rb:809:in `login'
app/controllers/session_controller.rb:399:in `passkey_login'
actionpack (7.1.4) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
actionpack (7.1.4) lib/abstract_controller/base.rb:224:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/rendering.rb:165:in `process_action'
actionpack (7.1.4) lib/abstract_controller/callbacks.rb:259:in `block in process_action'
activesupport (7.1.4) lib/active_support/callbacks.rb:121:in `block in run_callbacks'
app/controllers/application_controller.rb:424:in `block in with_resolved_locale'
i18n (1.14.5) lib/i18n.rb:351:in `with_locale'
app/controllers/application_controller.rb:424:in `with_resolved_locale'
activesupport (7.1.4) lib/active_support/callbacks.rb:130:in `block in run_callbacks'
activesupport (7.1.4) lib/active_support/callbacks.rb:141:in `run_callbacks'
actionpack (7.1.4) lib/abstract_controller/callbacks.rb:258:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/rescue.rb:25:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/instrumentation.rb:74:in `block in process_action'
activesupport (7.1.4) lib/active_support/notifications.rb:206:in `block in instrument'
activesupport (7.1.4) lib/active_support/notifications/instrumenter.rb:58:in `instrument'
activesupport (7.1.4) lib/active_support/notifications.rb:206:in `instrument'
actionpack (7.1.4) lib/action_controller/metal/instrumentation.rb:73:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/params_wrapper.rb:261:in `process_action'
activerecord (7.1.4) lib/active_record/railties/controller_runtime.rb:32:in `process_action'
actionpack (7.1.4) lib/abstract_controller/base.rb:160:in `process'
actionview (7.1.4) lib/action_view/rendering.rb:40:in `process'
rack-mini-profiler (3.3.1) lib/mini_profiler/profiling_methods.rb:89:in `block in profile_method'

actionpack (7.1.4) lib/action_controller/metal.rb:227:in `dispatch'
actionpack (7.1.4) lib/action_controller/metal.rb:309:in `dispatch'
actionpack (7.1.4) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'
actionpack (7.1.4) lib/action_dispatch/routing/route_set.rb:32:in `serve'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:51:in `block in serve'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:131:in `block in find_routes'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:124:in `each'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:124:in `find_routes'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:32:in `serve'
actionpack (7.1.4) lib/action_dispatch/routing/route_set.rb:882:in `call'
lib/middleware/omniauth_bypass_middleware.rb:64:in `call'
rack (2.2.9) lib/rack/tempfile_reaper.rb:15:in `call'
rack (2.2.9) lib/rack/conditional_get.rb:40:in `call'
rack (2.2.9) lib/rack/head.rb:12:in `call'
actionpack (7.1.4) lib/action_dispatch/http/permissions_policy.rb:36:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:393:in `call'
lib/middleware/csp_script_nonce_injector.rb:12:in `call'
config/initializers/008-rack-cors.rb:26:in `call'
rack (2.2.9) lib/rack/session/abstract/id.rb:266:in `context'
rack (2.2.9) lib/rack/session/abstract/id.rb:260:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/cookies.rb:689:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (7.1.4) lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack (7.1.4) lib/action_dispatch/middleware/callbacks.rb:28:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/debug_exceptions.rb:29:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/show_exceptions.rb:31:in `call'
logster (2.20.0) lib/logster/middleware/reporter.rb:40:in `call'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:35:in `call_app'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:22:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/request_id.rb:28:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
rack (2.2.9) lib/rack/method_override.rb:24:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/executor.rb:14:in `call'
rack (2.2.9) lib/rack/sendfile.rb:110:in `call'
rack-mini-profiler (3.3.1) lib/mini_profiler.rb:191:in `call'
lib/middleware/processing_request.rb:12:in `call'
message_bus (4.3.8) lib/message_bus/rack/middleware.rb:60:in `call'
lib/middleware/request_tracker.rb:360:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/remote_ip.rb:92:in `call'
railties (7.1.4) lib/rails/engine.rb:536:in `call'
railties (7.1.4) lib/rails/railtie.rb:226:in `public_send'
railties (7.1.4) lib/rails/railtie.rb:226:in `method_missing'
rack (2.2.9) lib/rack/urlmap.rb:74:in `block in call'
rack (2.2.9) lib/rack/urlmap.rb:58:in `each'
rack (2.2.9) lib/rack/urlmap.rb:58:in `call'
unicorn (6.1.0) lib/unicorn/http_server.rb:634:in `process_client'
unicorn (6.1.0) lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn (6.1.0) lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn (6.1.0) lib/unicorn/http_server.rb:143:in `start'
unicorn (6.1.0) bin/unicorn:128:in `<top (required)>'
vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `load'
vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `<main>'

Obrigado pelo relatório @j127, posso confirmar que este é um problema com o DiscourseConnect e estou trabalhando em uma correção.

Isso deve ser corrigido por FIX: Passkey login when Discourse used as SSO provider by pmusaraj · Pull Request #28672 · discourse/discourse · GitHub, obrigado novamente pelo relatório.

Obrigado pela rápida resposta.

Editar: Acabei de testar e agora funciona aqui.

Este tópico foi fechado automaticamente após 3 dias. Novas respostas não são mais permitidas.