diff --git a/modules/setting/setting.go b/modules/setting/setting.go index 531d265c3a0..cdfa1130f2b 100644 --- a/modules/setting/setting.go +++ b/modules/setting/setting.go @@ -1061,11 +1061,14 @@ func loadFromConf(allowEmpty bool, extraConfig string) { } // FIXME: DEPRECATED to be removed in v1.18.0 + U2F.AppID = strings.TrimSuffix(AppURL, "/") if Cfg.Section("U2F").HasKey("APP_ID") { log.Error("Deprecated setting `[U2F]` `APP_ID` present. This fallback will be removed in v1.18.0") + U2F.AppID = Cfg.Section("U2F").Key("APP_ID").MustString(strings.TrimSuffix(AppURL, "/")) + } else if Cfg.Section("u2f").HasKey("APP_ID") { + log.Error("Deprecated setting `[u2]` `APP_ID` present. This fallback will be removed in v1.18.0") + U2F.AppID = Cfg.Section("u2f").Key("APP_ID").MustString(strings.TrimSuffix(AppURL, "/")) } - sec = Cfg.Section("U2F") - U2F.AppID = sec.Key("APP_ID").MustString(strings.TrimSuffix(AppURL, "/")) } func parseAuthorizedPrincipalsAllow(values []string) ([]string, bool) { diff --git a/web_src/js/features/user-auth-webauthn.js b/web_src/js/features/user-auth-webauthn.js index 4cb8c18219b..f11a49864de 100644 --- a/web_src/js/features/user-auth-webauthn.js +++ b/web_src/js/features/user-auth-webauthn.js @@ -24,6 +24,19 @@ export function initUserAuthWebAuthn() { .then((credential) => { verifyAssertion(credential); }).catch((err) => { + // Try again... without the appid + if (makeAssertionOptions.publicKey.extensions && makeAssertionOptions.publicKey.extensions.appid) { + delete makeAssertionOptions.publicKey.extensions['appid']; + navigator.credentials.get({ + publicKey: makeAssertionOptions.publicKey + }) + .then((credential) => { + verifyAssertion(credential); + }).catch((err) => { + webAuthnError('general', err.message); + }); + return; + } webAuthnError('general', err.message); }); }).fail(() => {