Forum Discussion

Former Member's avatar
Former Member
2 years ago

Passkey Implementation Issue: Illegal invocation

I'm having trouble with using 1Password with my passkey implementation.

This is the problematic code

try {
const credential = await navigator.credentials.create({ publicKey: { ... } })
const isAttestationResponse = credential.response instanceof AuthenticatorAttestationResponse // This fails in Firefox (Nightly)
if (!isAttestationResponse) throw 'Invalid attestation response'
const { response } = credential
const extensions = credential.getClientExtensionResults() // Working
const transports = response.getTransports() // Working
const spki = response.getPublicKey() // This fails in Chromium/Brave
} catch (error) {
// Illegal invocation
}

Screenshots of visual flow



This image is when tested via Firefox (Nightly)

I just joined the board and could only find so much info on if this is the expected behavior.
https://w3c.github.io/webauthn/#sctn-registering-a-new-credential using credential.response instanceof AuthenticatorAttestationResponse to complete step 3.
I'm sure there are work arounds but response.getPublicKey() makes it drastically easier to send data to the server and complete the registration process.
Is this the expected behavior?

1Password Version: 8.10.16
Extension Version: 2.15.1
OS Version: macOS 14.1
Browser: Brave and Firefox

browser extension

1 Reply

  • Former Member's avatar
    Former Member
    2 years ago

    Just would like to confirm this is a issue.

    According https://www.w3.org/TR/webauthn-2/#dom-authenticatorattestationresponse-getpublickey we should be able call these and not getting these errors. This is 1Password implementation issue that should be resolved.

    In particular the following are causing Illegal Invocation error.

    • getAuthenticatorData()
    • getPublicKey()
    • getPublicKeyAlgorithm()