Erreur 500 Interne du Serveur avec Passkeys et DiscourseConnect

j127 · Août 28, 2024, 9:49

I’ve set up Discourse Connect where I can log into another app with Discourse.

Everything works when I use passwords, but when I log in to Discourse with a passkey during the flow, I get a 500 error.

Internal server error modal

I see a 500 error in the NGINX logs:

POST /session/passkey/auth.json HTTP/2.0

and this in the Rails logs:

Started POST "/session/passkey/auth.json" for <ip_address> at 2024-08-28 21:33:32 +0000
Processing by SessionController#passkey_login as JSON
  Parameters: {"publicKeyCredential"=>{"signature"=>"...", "clientData"=>"...", "authenticatorData"=>"...", "credentialId"=>"...", "userHandle"=>"..."}}
start
Completed 500 Internal Server Error in 30ms (ActiveRecord: 0.0ms | Allocations: 4837)
done

I’m not sure where else to look for an error message.

Is it a bug, or do I need to do something else to get passkeys to work with Discourse Connect?

j127 · Août 31, 2024, 2:32

Is anyone out there using DiscourseConnect who could quickly check if passkeys work with it on their site?

I’m going to have to figure out a completely different approach if passkeys don’t work with DiscourseConnect.

supermathie · Août 31, 2024, 3:15

I actually can replicate the same failure, but it’s not specific to DiscourseConnect being in the flow.

My passkey login worked on meta.discourse.org but failed on our internal site.

What errors do you see in your tracebacks (/logs)?

I see:

NoMethodError (undefined method `ok' for false)
app/controllers/session_controller.rb:809:in `login'
app/controllers/session_controller.rb:399:in `passkey_login'
app/controllers/application_controller.rb:424:in `block in with_resolved_locale'
app/controllers/application_controller.rb:424:in `with_resolved_locale'
lib/middleware/omniauth_bypass_middleware.rb:64:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:393:in `call'
lib/middleware/csp_script_nonce_injector.rb:12:in `call'
config/initializers/008-rack-cors.rb:26:in `call'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:35:in `call_app'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:22:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
lib/middleware/processing_request.rb:12:in `call'
lib/middleware/request_tracker.rb:360:in `call'

@dev-managers passkey login is partially broken

j127 · Août 31, 2024, 5:42

Thanks for checking. Here’s what I see at /logs:

app/controllers/session_controller.rb:809:in `login'
app/controllers/session_controller.rb:399:in `passkey_login'
actionpack (7.1.4) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
actionpack (7.1.4) lib/abstract_controller/base.rb:224:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/rendering.rb:165:in `process_action'
actionpack (7.1.4) lib/abstract_controller/callbacks.rb:259:in `block in process_action'
activesupport (7.1.4) lib/active_support/callbacks.rb:121:in `block in run_callbacks'
app/controllers/application_controller.rb:424:in `block in with_resolved_locale'
i18n (1.14.5) lib/i18n.rb:351:in `with_locale'
app/controllers/application_controller.rb:424:in `with_resolved_locale'
activesupport (7.1.4) lib/active_support/callbacks.rb:130:in `block in run_callbacks'
activesupport (7.1.4) lib/active_support/callbacks.rb:141:in `run_callbacks'
actionpack (7.1.4) lib/abstract_controller/callbacks.rb:258:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/rescue.rb:25:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/instrumentation.rb:74:in `block in process_action'
activesupport (7.1.4) lib/active_support/notifications.rb:206:in `block in instrument'
activesupport (7.1.4) lib/active_support/notifications/instrumenter.rb:58:in `instrument'
activesupport (7.1.4) lib/active_support/notifications.rb:206:in `instrument'
actionpack (7.1.4) lib/action_controller/metal/instrumentation.rb:73:in `process_action'
actionpack (7.1.4) lib/action_controller/metal/params_wrapper.rb:261:in `process_action'
activerecord (7.1.4) lib/active_record/railties/controller_runtime.rb:32:in `process_action'
actionpack (7.1.4) lib/abstract_controller/base.rb:160:in `process'
actionview (7.1.4) lib/action_view/rendering.rb:40:in `process'
rack-mini-profiler (3.3.1) lib/mini_profiler/profiling_methods.rb:89:in `block in profile_method'

actionpack (7.1.4) lib/action_controller/metal.rb:227:in `dispatch'
actionpack (7.1.4) lib/action_controller/metal.rb:309:in `dispatch'
actionpack (7.1.4) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'
actionpack (7.1.4) lib/action_dispatch/routing/route_set.rb:32:in `serve'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:51:in `block in serve'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:131:in `block in find_routes'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:124:in `each'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:124:in `find_routes'
actionpack (7.1.4) lib/action_dispatch/journey/router.rb:32:in `serve'
actionpack (7.1.4) lib/action_dispatch/routing/route_set.rb:882:in `call'
lib/middleware/omniauth_bypass_middleware.rb:64:in `call'
rack (2.2.9) lib/rack/tempfile_reaper.rb:15:in `call'
rack (2.2.9) lib/rack/conditional_get.rb:40:in `call'
rack (2.2.9) lib/rack/head.rb:12:in `call'
actionpack (7.1.4) lib/action_dispatch/http/permissions_policy.rb:36:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:393:in `call'
lib/middleware/csp_script_nonce_injector.rb:12:in `call'
config/initializers/008-rack-cors.rb:26:in `call'
rack (2.2.9) lib/rack/session/abstract/id.rb:266:in `context'
rack (2.2.9) lib/rack/session/abstract/id.rb:260:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/cookies.rb:689:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/callbacks.rb:29:in `block in call'
activesupport (7.1.4) lib/active_support/callbacks.rb:101:in `run_callbacks'
actionpack (7.1.4) lib/action_dispatch/middleware/callbacks.rb:28:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/debug_exceptions.rb:29:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/show_exceptions.rb:31:in `call'
logster (2.20.0) lib/logster/middleware/reporter.rb:40:in `call'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:35:in `call_app'
lib/freedom_patches/rails_rack_logger_from_rails_7_2.rb:22:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/request_id.rb:28:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
rack (2.2.9) lib/rack/method_override.rb:24:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/executor.rb:14:in `call'
rack (2.2.9) lib/rack/sendfile.rb:110:in `call'
rack-mini-profiler (3.3.1) lib/mini_profiler.rb:191:in `call'
lib/middleware/processing_request.rb:12:in `call'
message_bus (4.3.8) lib/message_bus/rack/middleware.rb:60:in `call'
lib/middleware/request_tracker.rb:360:in `call'
actionpack (7.1.4) lib/action_dispatch/middleware/remote_ip.rb:92:in `call'
railties (7.1.4) lib/rails/engine.rb:536:in `call'
railties (7.1.4) lib/rails/railtie.rb:226:in `public_send'
railties (7.1.4) lib/rails/railtie.rb:226:in `method_missing'
rack (2.2.9) lib/rack/urlmap.rb:74:in `block in call'
rack (2.2.9) lib/rack/urlmap.rb:58:in `each'
rack (2.2.9) lib/rack/urlmap.rb:58:in `call'
unicorn (6.1.0) lib/unicorn/http_server.rb:634:in `process_client'
unicorn (6.1.0) lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn (6.1.0) lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn (6.1.0) lib/unicorn/http_server.rb:143:in `start'
unicorn (6.1.0) bin/unicorn:128:in `<top (required)>'
vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `load'
vendor/bundle/ruby/3.3.0/bin/unicorn:25:in `<main>'

pmusaraj · Septembre 3, 2024, 2:02

Thanks for the report @j127, I can confirm this is an issue with DiscourseConnect and am working on a fix.

pmusaraj · Septembre 3, 2024, 8:44

This should be fixed by FIX: Passkey login when Discourse used as SSO provider by pmusaraj · Pull Request #28672 · discourse/discourse · GitHub, thanks again for the report.

j127 · Septembre 3, 2024, 9:37

Thank you for the fast response.

Edit: I just tested it, and it works here now.

pmusaraj · Septembre 7, 2024, 12:00

This topic was automatically closed after 3 days. New replies are no longer allowed.

Sujet		Réponses	Vues
Error when create user passkey in browser Support passkey	9	89	Août 18, 2025
Passkey error Support passkey	11	130	Avril 19, 2025
Locked out of a Discourse forum due to passkey bug? Bug passkey	8	175	Avril 28, 2025
Passkey on DiscourseHub (iOS/iPadOS) works funny Bug discourse-hub , passkey	4	421	Novembre 1, 2023
Support passwordless login with Passkeys Feature completed , passkey	43	3684	Novembre 17, 2023

Erreur 500 Interne du Serveur avec Passkeys et DiscourseConnect

Sujets connexes