Page MenuHomePhabricator
Create Task
Maniphest T427562

Users without passkeys and without passkey support in their browser cannot login
Closed, ResolvedPublicBUG REPORT
Actions

Description

Steps to replicate the issue (include links if applicable):

What happens?:
User doesn't have passkeys and using a browser that does not support passkeys, is unable to login and receives the error:

This browser does not support security key authentication, or it is not available for this website. Please try with a different browser.

The condition they hit seems to be !window.PublicKeyCredential which immediately throws an error.

What should have happened instead?:
Users with browsers not supported passykeys should continue to be able to use normal login

Software version (on Special:Version page; skip for WMF-hosted wikis like Wikipedia):

Other information (browser name/version, screenshots, etc.):

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
passwordlessLogin: Don't immediately error out in unsupported browsersmediawiki/extensions/OATHAuthwmf/1.47.0-wmf.4+9 -2
passwordlessLogin: Don't immediately error out in unsupported browsersmediawiki/extensions/OATHAuthmaster+9 -2
Customize query in gerrit

Related Objects

Event Timeline

TheDJ created this task.Thu, May 28, 8:08 PM
Restricted Application added a project: Product Safety and Integrity. · View Herald TranscriptThu, May 28, 8:08 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
TheDJ added a comment.EditedThu, May 28, 8:11 PM

@Catrope i took a quick gander at the repo, and you might have just fixed this potentially ? But i wanted to make sure that this is indeed the case.

Reedy updated the task description. (Show Details)Thu, May 28, 8:11 PM
Reedy moved this task from Backlog to Bugs on the MediaWiki-extensions-OATHAuth board.Thu, May 28, 8:14 PM
TheDJ updated the task description. (Show Details)Thu, May 28, 8:16 PM
Izno subscribed.Thu, May 28, 8:38 PM
Johannnes89 subscribed.Thu, May 28, 9:26 PM
gerritbot added a comment.Thu, May 28, 9:44 PM

Change #1295079 had a related patch set uploaded (by Catrope; author: Catrope):

[mediawiki/extensions/OATHAuth@master] passwordlessLogin: Don't immediately error out in unsupported browsers

https://gerrit.wikimedia.org/r/1295079

gerritbot added a project: Patch-For-Review.Thu, May 28, 9:44 PM
gerritbot added a comment.Thu, May 28, 10:10 PM

Change #1295079 merged by jenkins-bot:

[mediawiki/extensions/OATHAuth@master] passwordlessLogin: Don't immediately error out in unsupported browsers

https://gerrit.wikimedia.org/r/1295079

Maintenance_bot removed a project: Patch-For-Review.Thu, May 28, 10:31 PM
TheDJ awarded a token.Fri, May 29, 7:15 AM
gerritbot added a comment.Fri, May 29, 9:33 PM

Change #1295504 had a related patch set uploaded (by Catrope; author: Catrope):

[mediawiki/extensions/OATHAuth@wmf/1.47.0-wmf.4] passwordlessLogin: Don't immediately error out in unsupported browsers

https://gerrit.wikimedia.org/r/1295504

gerritbot added a project: Patch-For-Review.Fri, May 29, 9:33 PM
Pppery merged a task: T427718: Login not possible with the DuckDuckGo browser under Android (browser engine: Blink).Sat, May 30, 7:07 PM
Pppery added a subscriber: Raymond.
IKhitron subscribed.Mon, Jun 1, 10:34 AM
gerritbot added a comment.Mon, Jun 1, 8:05 PM

Change #1295504 merged by jenkins-bot:

[mediawiki/extensions/OATHAuth@wmf/1.47.0-wmf.4] passwordlessLogin: Don't immediately error out in unsupported browsers

https://gerrit.wikimedia.org/r/1295504

Stashbot added a comment.Mon, Jun 1, 8:05 PM

Mentioned in SAL (#wikimedia-operations) [2026-06-01T20:05:16Z] <catrope@deploy1003> Started scap sync-world: Backport for [[gerrit:1295504|passwordlessLogin: Don't immediately error out in unsupported browsers (T427562)]]

Stashbot added a comment.Mon, Jun 1, 8:07 PM

Mentioned in SAL (#wikimedia-operations) [2026-06-01T20:07:00Z] <catrope@deploy1003> catrope: Backport for [[gerrit:1295504|passwordlessLogin: Don't immediately error out in unsupported browsers (T427562)]] synced to the testservers (see https://wikitech.wikimedia.org/wiki/Mwdebug). Changes can now be verified there.

Stashbot added a comment.Mon, Jun 1, 8:12 PM

Mentioned in SAL (#wikimedia-operations) [2026-06-01T20:12:53Z] <catrope@deploy1003> Finished scap sync-world: Backport for [[gerrit:1295504|passwordlessLogin: Don't immediately error out in unsupported browsers (T427562)]] (duration: 07m 37s)

Maintenance_bot removed a project: Patch-For-Review.Mon, Jun 1, 8:31 PM
TheDJ closed this task as Resolved.Wed, Jun 3, 8:47 AM
TheDJ assigned this task to Catrope.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits