I'm using passwordless authentication (webauthn passkeys) with Nextcloud AIO and ran into some strange behavior.
Steps to reproduce
- register 2 different NFC passkeys with account using desktop web client
- also associate NFC fido u2f security key with account using desktop web client
- attempt to "log in with device" on Android chrome browser, be offered only usb authenticator option, no NFC
- attempt to "log in with device" on desktop web client and OS does not restrict NFC transport option
Expected behaviour
Android should offer NFC when I select "other device".
Actual behaviour
In looking at the codebase, it appears what should happen is that the authentication request should be made using the same transport which was used to register the token. No doubt this is to help reduce confusion when it comes to user prompts given by the OS in question. However, this is causing a problem as Android is not offering NFC as transport option and only allows me to select / use a USB security key.
Server configuration
Nextcloud AIO virtual machine image
Nextcloud version: Nextcloud Hub 10 (31.0.9)
I'm using passwordless authentication (webauthn passkeys) with Nextcloud AIO and ran into some strange behavior.
Steps to reproduce
Expected behaviour
Android should offer NFC when I select "other device".
Actual behaviour
In looking at the codebase, it appears what should happen is that the authentication request should be made using the same transport which was used to register the token. No doubt this is to help reduce confusion when it comes to user prompts given by the OS in question. However, this is causing a problem as Android is not offering NFC as transport option and only allows me to select / use a USB security key.
Server configuration
Nextcloud AIO virtual machine image
Nextcloud version: Nextcloud Hub 10 (31.0.9)