500 Interner Serverfehler bei Passkeys und DiscourseConnect

j127 · 28. August 2024 um 21:49

I’ve set up Discourse Connect where I can log into another app with Discourse.

Everything works when I use passwords, but when I log in to Discourse with a passkey during the flow, I get a 500 error.

Internal server error modal

I see a 500 error in the NGINX logs:

POST /session/passkey/auth.json HTTP/2.0

and this in the Rails logs:

Started POST "/session/passkey/auth.json" for <ip_address> at 2024-08-28 21:33:32 +0000
Processing by SessionController#passkey_login as JSON
  Parameters: {"publicKeyCredential"=>{"signature"=>"...", "clientData"=>"...", "authenticatorData"=>"...", "credentialId"=>"...", "userHandle"=>"..."}}
start
Completed 500 Internal Server Error in 30ms (ActiveRecord: 0.0ms | Allocations: 4837)
done

I’m not sure where else to look for an error message.

Is it a bug, or do I need to do something else to get passkeys to work with Discourse Connect?

j127 · 31. August 2024 um 02:32

Is anyone out there using DiscourseConnect who could quickly check if passkeys work with it on their site?

I’m going to have to figure out a completely different approach if passkeys don’t work with DiscourseConnect.

supermathie · 31. August 2024 um 03:15

I actually can replicate the same failure, but it’s not specific to DiscourseConnect being in the flow.

My passkey login worked on meta.discourse.org but failed on our internal site.

What errors do you see in your tracebacks (/logs)?

I see:

NoMethodError (undefined method `ok' for false)
app/controllers/session_controller.rb:809:in `login'
app/controllers/session_controller.rb:399:in `passkey_login'
app/controllers/application_controller.rb:424:in `block in with_resolved_locale'
app/controllers/application_controller.rb:424:in `with_resolved_locale'
lib/middleware/omniauth_bypass_middleware.rb:64:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:393:in `call'
lib/middleware/csp_script_nonce_injector.rb:12:in `call'
config/initializers/008-rack-cors.rb:26:in `call'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:35:in `call_app'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:22:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
lib/middleware/processing_request.rb:12:in `call'
lib/middleware/request_tracker.rb:360:in `call'

@dev-managers passkey login is partially broken

j127 · 31. August 2024 um 05:42

Thanks for checking. Here’s what I see at /logs:

app/controllers/session_controller.rb:809:in `login'
app/controllers/session_controller.rb:399:in `passkey_login'
actionpack (7.1.4) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
actionpack (7.1.4) lib/abstract_controller/base.rb:224:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/rendering.rb:165:in `process_action'
actionpack (7.1.4) lib/abstract_controller/callbacks.rb:259:in `block in process_action'
activesupport (7.1.4) lib/active_support/callbacks.rb:121:in `block in run_callbacks'
app/controllers/application_controller.rb:424:in `block in with_resolved_locale'
i18n (1.14.5) lib/i18n.rb:351:in `with_locale'
app/controllers/application_controller.rb:424:in `with_resolved_locale'
activesupport (7.1.4) lib/active_support/callbacks.rb:130:in `block in run_callbacks'
activesupport (7.1.4) lib/active_support/callbacks.rb:141:in `run_callbacks'
actionpack (7.1.4) lib/abstract_controller/callbacks.rb:258:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/rescue.rb:25:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/instrumentation.rb:74:in `block in process_action'
activesupport (7.1.4) lib/active_support/notifications.rb:206:in `block in instrument'
activesupport (7.1.4) lib/active_support/notifications/instrumenter.rb:58:in `instrument'
activesupport (7.1.4) lib/active_support/notifications.rb:206:in `instrument'
actionpack (7.1.4) lib/action_controller/metal/instrumentation.rb:73:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/params_wrapper.rb:261:in `process_action'
activerecord (7.1.4) lib/active_record/railties/controller_runtime.rb:32:in `process_action'
actionpack (7.1.4) lib/abstract_controller/base.rb:160:in `process'
actionview (7.1.4) lib/action_view/rendering.rb:40:in `process'
rack-mini-profiler (3.3.1) lib/mini_profiler/profiling_methods.rb:89:in `block in profile_method'

actionpack (7.1.4) lib/action_controller/metal.rb:227:in `dispatch'
actionpack (7.1.4) lib/action_controller/metal.rb:309:in `dispatch'
actionpack (7.1.4) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'
actionpack (7.1.4) lib/action_dispatch/routing/route_set.rb:32:in `serve'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:51:in `block in serve'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:131:in `block in find_routes'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:124:in `each'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:124:in `find_routes'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:32:in `serve'
actionpack (7.1.4) lib/action_dispatch/routing/route_set.rb:882:in `call'
lib/middleware/omniauth_bypass_middleware.rb:64:in `call'
rack (2.2.9) lib/rack/tempfile_reaper.rb:15:in `call'
rack (2.2.9) lib/rack/conditional_get.rb:40:in `call'
rack (2.2.9) lib/rack/head.rb:12:in `call'
actionpack (7.1.4) lib/action_dispatch/http/permissions_policy.rb:36:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:393:in `call'
lib/middleware/csp_script_nonce_injector.rb:12:in `call'
config/initializers/008-rack-cors.rb:26:in `call'
rack (2.2.9) lib/rack/session/abstract/id.rb:266:in `context'
rack (2.2.9) lib/rack/session/abstract/id.rb:260:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/cookies.rb:689:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (7.1.4) lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack (7.1.4) lib/action_dispatch/middleware/callbacks.rb:28:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/debug_exceptions.rb:29:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/show_exceptions.rb:31:in `call'
logster (2.20.0) lib/logster/middleware/reporter.rb:40:in `call'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:35:in `call_app'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:22:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/request_id.rb:28:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
rack (2.2.9) lib/rack/method_override.rb:24:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/executor.rb:14:in `call'
rack (2.2.9) lib/rack/sendfile.rb:110:in `call'
rack-mini-profiler (3.3.1) lib/mini_profiler.rb:191:in `call'
lib/middleware/processing_request.rb:12:in `call'
message_bus (4.3.8) lib/message_bus/rack/middleware.rb:60:in `call'
lib/middleware/request_tracker.rb:360:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/remote_ip.rb:92:in `call'
railties (7.1.4) lib/rails/engine.rb:536:in `call'
railties (7.1.4) lib/rails/railtie.rb:226:in `public_send'
railties (7.1.4) lib/rails/railtie.rb:226:in `method_missing'
rack (2.2.9) lib/rack/urlmap.rb:74:in `block in call'
rack (2.2.9) lib/rack/urlmap.rb:58:in `each'
rack (2.2.9) lib/rack/urlmap.rb:58:in `call'
unicorn (6.1.0) lib/unicorn/http_server.rb:634:in `process_client'
unicorn (6.1.0) lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn (6.1.0) lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn (6.1.0) lib/unicorn/http_server.rb:143:in `start'
unicorn (6.1.0) bin/unicorn:128:in `<top (required)>'
vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `load'
vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `<main>'

pmusaraj · 3. September 2024 um 14:02

Thanks for the report @j127, I can confirm this is an issue with DiscourseConnect and am working on a fix.

pmusaraj · 3. September 2024 um 20:44

This should be fixed by FIX: Passkey login when Discourse used as SSO provider by pmusaraj · Pull Request #28672 · discourse/discourse · GitHub, thanks again for the report.

j127 · 3. September 2024 um 21:37

Thank you for the fast response.

Edit: I just tested it, and it works here now.

pmusaraj · 7. September 2024 um 12:00

This topic was automatically closed after 3 days. New replies are no longer allowed.

Thema		Antworten	Aufrufe
Error when create user passkey in browser Support passkey	9	89	18. August 2025
Passkey error Support passkey	11	130	19. April 2025
Locked out of a Discourse forum due to passkey bug? Bug passkey	8	175	28. April 2025
Passkey on DiscourseHub (iOS/iPadOS) works funny Bug discourse-hub , passkey	4	421	1. November 2023
Support passwordless login with Passkeys Feature completed , passkey	43	3684	17. November 2023

500 Interner Serverfehler bei Passkeys und DiscourseConnect

Verwandte Themen