starred/pocket-id-pocket-id-1
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-09 14:53:00 +03:00
Code Issues 122 Packages Projects Releases 10 Wiki Activity

🐛 Bug Report: updating from 0.19.0 to 0.20.1 yields "Failed to lookup Client-side Discoverable Credential: record not found" errors #436

New Issue
Closed
opened 2025-10-08 00:08:36 +03:00 by OVERLORD · 15 comments
OVERLORD commented 2025-10-08 00:08:36 +03:00
Owner
Copy Link

Originally created by @jfroy on GitHub.

Reproduction steps

  • Install 0.19.0 using an sqlite db and complete initial setup to create a user and passkey.
  • Update to 0.20.1 and try to log in.

Expected behavior

It should log in.

Actual Behavior

Login fails. pocket-id logs "Failed to lookup Client-side Discoverable Credential: record not found".

Originally created by @jfroy on GitHub. ### Reproduction steps - Install 0.19.0 using an sqlite db and complete initial setup to create a user and passkey. - Update to 0.20.1 and try to log in. ### Expected behavior It should log in. ### Actual Behavior Login fails. pocket-id logs "Failed to lookup Client-side Discoverable Credential: record not found".
OVERLORD added the bug label 2025-10-08 00:08:36 +03:00
OVERLORD commented 2025-10-08 00:08:38 +03:00
Author
Owner
Copy Link

@s0up4200 commented on GitHub:

I gave it a go, but was unable to reproduce this. Starting with a new database on v0.19.0, I set up the passkey, then upgraded to 0.20.1. I can log in successfully using the passkey. I tested using Firefox with the 1Password extension. Do you see the credential stored in the database?

sqlite3 data/pocket-id.db "SELECT * FROM webauthn_credentials;"
@s0up4200 commented on GitHub: I gave it a go, but was unable to reproduce this. Starting with a new database on v0.19.0, I set up the passkey, then upgraded to 0.20.1. I can log in successfully using the passkey. I tested using Firefox with the 1Password extension. Do you see the credential stored in the database? ```bash sqlite3 data/pocket-id.db "SELECT * FROM webauthn_credentials;" ```
OVERLORD commented 2025-10-08 00:08:39 +03:00
Author
Owner
Copy Link

@jfroy commented on GitHub:

If you downgrade, does it work again? And did you change any configuration?

Downgrading works. I made no other change besides the container image.

@jfroy commented on GitHub: > If you downgrade, does it work again? And did you change any configuration? Downgrading works. I made no other change besides the container image.
OVERLORD commented 2025-10-08 00:08:39 +03:00
Author
Owner
Copy Link

@jfroy commented on GitHub:

I gave it a go, but was unable to reproduce this. Starting with a new database on v0.19.0, I set up the passkey, then upgraded to 0.20.1. I can log in successfully using the passkey. I tested using Firefox with the 1Password extension. Do you see the credential stored in the database?

sqlite3 data/pocket-id.db "SELECT * FROM webauthn_credentials;"

I can see a row in the database, yes. I am using a passkey stored in 1password. Tested with Chrome Linux, Chrome Mac, and Safari Mac.

@jfroy commented on GitHub: > I gave it a go, but was unable to reproduce this. Starting with a new database on v0.19.0, I set up the passkey, then upgraded to 0.20.1. I can log in successfully using the passkey. I tested using Firefox with the 1Password extension. Do you see the credential stored in the database? > > ```shell > sqlite3 data/pocket-id.db "SELECT * FROM webauthn_credentials;" > ``` I can see a row in the database, yes. I am using a passkey stored in 1password. Tested with Chrome Linux, Chrome Mac, and Safari Mac.
OVERLORD commented 2025-10-08 00:08:39 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

It's really strange, I can't reproduce this.

I've just set up a new instance with version 0.19.0, added a passkey with 1Password, upgraded to version 0.20.1 and tried to sign in with the passkey and it worked. These are the correct reproduction steps, right?

Do you remember with which version of Pocket ID you've added your passkey?

What if you add a new passkey with version 0.20.1, can you sign in with it?

Also to make sure, you didn't change the database provider to Postgres, right?

@stonith404 commented on GitHub: It's really strange, I can't reproduce this. I've just set up a new instance with version 0.19.0, added a passkey with 1Password, upgraded to version 0.20.1 and tried to sign in with the passkey and it worked. These are the correct reproduction steps, right? Do you remember with which version of Pocket ID you've added your passkey? What if you add a new passkey with version 0.20.1, can you sign in with it? Also to make sure, you didn't change the database provider to Postgres, right?
OVERLORD commented 2025-10-08 00:08:39 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

If you downgrade, does it work again? And did you change any configuration?

@stonith404 commented on GitHub: If you downgrade, does it work again? And did you change any configuration?
OVERLORD commented 2025-10-08 00:08:41 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

@jfroy Any updates?

@stonith404 commented on GitHub: @jfroy Any updates?
OVERLORD commented 2025-10-08 00:08:42 +03:00
Author
Owner
Copy Link

@jfroy commented on GitHub:

The very first version I deployed was v0.15.0@sha256:b3afc293592a4d9a91fb1ca9d3f8c7ff96e5e0cd66a510046fbde944238410aa, and I likely created the only passkey in the database on that version.

I'll try registering a new passkey in 0.19.0 and see if I can upgrade and login.

@jfroy commented on GitHub: The very first version I deployed was `v0.15.0@sha256:b3afc293592a4d9a91fb1ca9d3f8c7ff96e5e0cd66a510046fbde944238410aa`, and I likely created the only passkey in the database on that version. I'll try registering a new passkey in 0.19.0 and see if I can upgrade and login.
OVERLORD commented 2025-10-08 00:08:42 +03:00
Author
Owner
Copy Link

@jfroy commented on GitHub:

I added a passkey using Safari with Apple's password manager in 0.19.0, upgraded to 0.21.0, and tried login in after erasing cookies. It also failed.

@jfroy commented on GitHub: I added a passkey using Safari with Apple's password manager in 0.19.0, upgraded to 0.21.0, and tried login in after erasing cookies. It also failed.
OVERLORD commented 2025-10-08 00:08:42 +03:00
Author
Owner
Copy Link

@jfroy commented on GitHub:

I added a new passkey in 0.19.0 and then upgraded to 0.21.0. I was unable the login. So to summarize, in my deployment, I've never been able to login with 0.21.1 using 1password chrome extension as the passkey provider.

I'm willing to share my sqlite db to see if you can gleam something from it.

@jfroy commented on GitHub: I added a new passkey in 0.19.0 and then upgraded to 0.21.0. I was unable the login. So to summarize, in my deployment, I've never been able to login with 0.21.1 using 1password chrome extension as the passkey provider. I'm willing to share my sqlite db to see if you can gleam something from it.
OVERLORD commented 2025-10-08 00:08:43 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

Okay strange. Thanks for helping to debug this.

Can you sign in with the passkey if you add a new passkey on v0.21.0?

It would be great if you could send me your Sqlite database. You can send it via Discord (stonith404) or email (elias
at-symbol eliasschneider.com).

Do you know how to remove the sensitive data or should I send you the Sqlite commands to obfuscate the sensitive data?

@stonith404 commented on GitHub: Okay strange. Thanks for helping to debug this. Can you sign in with the passkey if you add a new passkey on `v0.21.0`? It would be great if you could send me your Sqlite database. You can send it via Discord (stonith404) or email (elias at-symbol eliasschneider.com). Do you know how to remove the sensitive data or should I send you the Sqlite commands to obfuscate the sensitive data?
OVERLORD commented 2025-10-08 00:08:44 +03:00
Author
Owner
Copy Link

@jfroy commented on GitHub:

Okay strange. Thanks for helping to debug this.

Can you sign in with the passkey if you add a new passkey on v0.21.0?

Well since I can't login with either 0.20 or 0.21, I can't add a passkey to test that :p

It would be great if you could send me your Sqlite database. You can send it via Discord (stonith404) or email (elias

at-symbol eliasschneider.com).

Do you know how to remove the sensitive data or should I send you the Sqlite commands to obfuscate the sensitive data?

I'll just invalidate/revoke the passkeys in the db, and other data is public already, so I'll just send it to you as-is.

@jfroy commented on GitHub: > Okay strange. Thanks for helping to debug this. > > > > Can you sign in with the passkey if you add a new passkey on `v0.21.0`? Well since I can't login with either 0.20 or 0.21, I can't add a passkey to test that :p > > > It would be great if you could send me your Sqlite database. You can send it via Discord (stonith404) or email (elias > > at-symbol eliasschneider.com). > > > > Do you know how to remove the sensitive data or should I send you the Sqlite commands to obfuscate the sensitive data? I'll just invalidate/revoke the passkeys in the db, and other data is public already, so I'll just send it to you as-is.
OVERLORD commented 2025-10-08 00:08:44 +03:00
Author
Owner
Copy Link

@jfroy commented on GitHub:

Figured it out, it was an operator error ahem. While preparing to send the db, I noticed the config/data PVC had 2 database files. 0.20 introduced Postgres support (#79) and as part of that change DB_PATH was renamed to SQLITE_DB_PATH. So when I was upgrading, it was basically switching to a new db.

@jfroy commented on GitHub: Figured it out, it was an operator error *ahem*. While preparing to send the db, I noticed the config/data PVC had _2_ database files. 0.20 introduced Postgres support (#79) and as part of that change `DB_PATH` was renamed to `SQLITE_DB_PATH`. So when I was upgrading, it was basically switching to a new db.
OVERLORD commented 2025-10-08 00:08:44 +03:00
Author
Owner
Copy Link

@jfroy commented on GitHub:

Well since I can't login with either 0.20 or 0.21, I can't add a passkey to test that :p

You could sign in on 0.19.0, upgrade to 0.21.0 and add a passkey. Or do you get logged out if you upgrade.

I get logged out (or the session cookie gets invalidated).

I'll just invalidate/revoke the passkeys in the db, and other data is public already, so I'll just send it to you as-is.

Great, thanks :)

@jfroy commented on GitHub: > > Well since I can't login with either 0.20 or 0.21, I can't add a passkey to test that :p > > You could sign in on `0.19.0`, upgrade to `0.21.0` and add a passkey. Or do you get logged out if you upgrade. I get logged out (or the session cookie gets invalidated). > > > I'll just invalidate/revoke the passkeys in the db, and other data is public already, so I'll just send it to you as-is. > > Great, thanks :)
OVERLORD commented 2025-10-08 00:08:45 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

Oh okay. Sorry, I should have mentioned this in the release notes.

@stonith404 commented on GitHub: Oh okay. Sorry, I should have mentioned this in the release notes.
OVERLORD commented 2025-10-08 00:08:45 +03:00
Author
Owner
Copy Link

@stonith404 commented on GitHub:

Well since I can't login with either 0.20 or 0.21, I can't add a passkey to test that :p

You could sign in on 0.19.0, upgrade to 0.21.0 and add a passkey. Or do you get logged out if you upgrade.

I'll just invalidate/revoke the passkeys in the db, and other data is public already, so I'll just send it to you as-is.

Great, thanks :)

@stonith404 commented on GitHub: > Well since I can't login with either 0.20 or 0.21, I can't add a passkey to test that :p You could sign in on `0.19.0`, upgrade to `0.21.0` and add a passkey. Or do you get logged out if you upgrade. > I'll just invalidate/revoke the passkeys in the db, and other data is public already, so I'll just send it to you as-is. Great, thanks :)
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
breaking
bug
documentation
feature
needs more upvotes
open to pull requests
pull-request
Mirrored from GitHub Pull Request
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/pocket-id-pocket-id-1#436
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?