Error interno del servidor 500 con Passkeys y DiscourseConnect

He configurado Discourse Connect, donde puedo iniciar sesión en otra aplicación con Discourse.

Todo funciona cuando uso contraseñas, pero cuando inicio sesión en Discourse con una passkey durante el proceso, obtengo un error 500.

Internal server error modal673×245 8.42 KB

Veo un error 500 en los registros de NGINX:

POST /session/passkey/auth.json HTTP/2.0

y esto en los registros de Rails:

Started POST "/session/passkey/auth.json" for <ip_address> at 2024-08-28 21:33:32 +0000
Processing by SessionController#passkey_login as JSON
  Parameters: {"publicKeyCredential"=>{"signature"=>"...", "clientData"=>"...", "authenticatorData"=>"...", "credentialId"=>"...", "userHandle"=>"..."}}
start
Completed 500 Internal Server Error in 30ms (ActiveRecord: 0.0ms | Allocations: 4837)
done

No estoy seguro de dónde más buscar un mensaje de error.

¿Es un error o necesito hacer algo más para que las passkeys funcionen con Discourse Connect?

¿Alguien está usando DiscourseConnect que pueda comprobar rápidamente si las passkeys funcionan con él en su sitio?

Tendré que encontrar un enfoque completamente diferente si las passkeys no funcionan con DiscourseConnect.

En realidad, puedo replicar la misma falla, pero no es específica de que DiscourseConnect esté en el flujo.

Mi inicio de sesión con passkey funcionó en meta.discourse.org pero falló en nuestro sitio interno.

¿Qué errores ven en sus tracebacks (/logs)?

Veo:

NoMethodError (método no definido `ok' para false)
app/controllers/session_controller.rb:809:in `login'
app/controllers/session_controller.rb:399:in `passkey_login'
app/controllers/application_controller.rb:424:in `block in with_resolved_locale'
app/controllers/application_controller.rb:424:in `with_resolved_locale'
lib/middleware/omniauth_bypass_middleware.rb:64:in `call'
lib/middleware/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:393:in `call'
lib/middleware/csp_script_nonce_injector.rb:12:in `call'
config/initializers/008-rack-cors.rb:26:in `call'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:35:in `call_app'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:22:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
lib/middleware/processing_request.rb:12:in `call'
lib/middleware/request_tracker.rb:360:in `call'

@dev-managers el inicio de sesión con passkey está parcialmente roto.

Gracias por revisar. Esto es lo que veo en /logs:

app/controllers/session_controller.rb:809:in `login'
app/controllers/session_controller.rb:399:in `passkey_login'
actionpack (7.1.4) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
actionpack (7.1.4) lib/abstract_controller/base.rb:224:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/rendering.rb:165:in `process_action'
actionpack (7.1.4) lib/abstract_controller/callbacks.rb:259:in `block in process_action'
activesupport (7.1.4) lib/active_support/callbacks.rb:121:in `block in run_callbacks'
app/controllers/application_controller.rb:424:in `block in with_resolved_locale'
i18n (1.14.5) lib/i18n.rb:351:in `with_locale'
app/controllers/application_controller.rb:424:in `with_resolved_locale'
activesupport (7.1.4) lib/active_support/callbacks.rb:130:in `block in run_callbacks'
activesupport (7.1.4) lib/active_support/callbacks.rb:141:in `run_callbacks'
actionpack (7.1.4) lib/abstract_controller/callbacks.rb:258:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/rescue.rb:25:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/instrumentation.rb:74:in `block in process_action'
activesupport (7.1.4) lib/active_support/notifications.rb:206:in `block in instrument'
activesupport (7.1.4) lib/active_support/notifications/instrumenter.rb:58:in `instrument'
activesupport (7.1.4) lib/active_support/notifications.rb:206:in `instrument'
actionpack (7.1.4) lib/action_controller/metal/instrumentation.rb:73:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/params_wrapper.rb:261:in `process_action'
activerecord (7.1.4) lib/active_record/railties/controller_runtime.rb:32:in `process_action'
actionpack (7.1.4) lib/abstract_controller/base.rb:160:in `process'
actionview (7.1.4) lib/action_view/rendering.rb:40:in `process'
rack-mini-profiler (3.3.1) lib/mini_profiler/profiling_methods.rb:89:in `block in profile_method'

actionpack (7.1.4) lib/action_controller/metal.rb:227:in `dispatch'
actionpack (7.1.4) lib/action_controller/metal.rb:309:in `dispatch'
actionpack (7.1.4) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'
actionpack (7.1.4) lib/action_dispatch/routing/route_set.rb:32:in `serve'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:51:in `block in serve'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:131:in `block in find_routes'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:124:in `each'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:124:in `find_routes'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:32:in `serve'
actionpack (7.1.4) lib/action_dispatch/routing/route_set.rb:882:in `call'
lib/middleware/omniauth_bypass_middleware.rb:64:in `call'
rack (2.2.9) lib/rack/tempfile_reaper.rb:15:in `call'
rack (2.2.9) lib/rack/conditional_get.rb:40:in `call'
rack (2.2.9) lib/rack/head.rb:12:in `call'
actionpack (7.1.4) lib/action_dispatch/http/permissions_policy.rb:36:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:393:in `call'
lib/middleware/csp_script_nonce_injector.rb:12:in `call'
config/initializers/008-rack-cors.rb:26:in `call'
rack (2.2.9) lib/rack/session/abstract/id.rb:266:in `context'
rack (2.2.9) lib/rack/session/abstract/id.rb:260:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/cookies.rb:689:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (7.1.4) lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack (7.1.4) lib/action_dispatch/middleware/callbacks.rb:28:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/debug_exceptions.rb:29:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/show_exceptions.rb:31:in `call'
logster (2.20.0) lib/logster/middleware/reporter.rb:40:in `call'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:35:in `call_app'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:22:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/request_id.rb:28:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
rack (2.2.9) lib/rack/method_override.rb:24:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/executor.rb:14:in `call'
rack (2.2.9) lib/rack/sendfile.rb:110:in `call'
rack-mini-profiler (3.3.1) lib/mini_profiler.rb:191:in `call'
lib/middleware/processing_request.rb:12:in `call'
message_bus (4.3.8) lib/message_bus/rack/middleware.rb:60:in `call'
lib/middleware/request_tracker.rb:360:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/remote_ip.rb:92:in `call'
railties (7.1.4) lib/rails/engine.rb:536:in `call'
railties (7.1.4) lib/rails/railtie.rb:226:in `public_send'
railties (7.1.4) lib/rails/railtie.rb:226:in `method_missing'
rack (2.2.9) lib/rack/urlmap.rb:74:in `block in call'
rack (2.2.9) lib/rack/urlmap.rb:58:in `each'
rack (2.2.9) lib/rack/urlmap.rb:58:in `call'
unicorn (6.1.0) lib/unicorn/http_server.rb:634:in `process_client'
unicorn (6.1.0) lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn (6.1.0) lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn (6.1.0) lib/unicorn/http_server.rb:143:in `start'
unicorn (6.1.0) bin/unicorn:128:in `<top (required)>'
vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `load'
vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `<main>'

Gracias por el informe @j127, puedo confirmar que es un problema con DiscourseConnect y estoy trabajando en una solución.

Esto debería solucionarse con FIX: Passkey login when Discourse used as SSO provider by pmusaraj · Pull Request #28672 · discourse/discourse · GitHub, gracias de nuevo por el informe.

Gracias por la rápida respuesta.

Editar: Acabo de probarlo y ahora funciona aquí.

Este tema se cerró automáticamente después de 3 días. Ya no se permiten nuevas respuestas.