From ce9626dc2c857f2bf6f9664c7c4e8cea75d92fdf Mon Sep 17 00:00:00 2001
From: bjoern-m <56024829+bjoern-m@users.noreply.github.com>
Date: Wed, 29 Jan 2025 09:49:03 +0100
Subject: [PATCH] fix: error handling when using zombie passkeys (#2034)

---
 .../action_webauthn_verify_assertion_response.go            | 2 +-
 .../login/hook_webauthn_generate_request_options_cond.go    | 2 +-
 backend/flowpilot/context_action_exec.go                    | 4 ----
 frontend/elements/src/contexts/AppProvider.tsx              | 6 +++++-
 4 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/backend/flow_api/flow/credential_usage/action_webauthn_verify_assertion_response.go b/backend/flow_api/flow/credential_usage/action_webauthn_verify_assertion_response.go
index a6f6970e4..e68014167 100644
--- a/backend/flow_api/flow/credential_usage/action_webauthn_verify_assertion_response.go
+++ b/backend/flow_api/flow/credential_usage/action_webauthn_verify_assertion_response.go
@@ -78,7 +78,7 @@ func (a WebauthnVerifyAssertionResponse) Execute(c flowpilot.ExecutionContext) e
 				return fmt.Errorf("could not create audit log: %w", err)
 			}
 
-			return c.Continue(shared.StateError)
+			return c.Continue(c.GetCurrentState())
 		}
 
 		return fmt.Errorf("failed to verify assertion response: %w", err)
diff --git a/backend/flow_api/flow/login/hook_webauthn_generate_request_options_cond.go b/backend/flow_api/flow/login/hook_webauthn_generate_request_options_cond.go
index 24024448e..6b01b4f2b 100644
--- a/backend/flow_api/flow/login/hook_webauthn_generate_request_options_cond.go
+++ b/backend/flow_api/flow/login/hook_webauthn_generate_request_options_cond.go
@@ -33,7 +33,7 @@ func (a WebauthnGenerateRequestOptionsForConditionalUi) Execute(c flowpilot.Hook
 		return fmt.Errorf("failed to generate webauthn request options: %w", err)
 	}
 
-	err = c.Stash().Set(shared.StashPathWebauthnSessionDataID, sessionDataModel.ID)
+	err = c.Stash().Set(shared.StashPathWebauthnSessionDataID, sessionDataModel.ID.String())
 	if err != nil {
 		return fmt.Errorf("failed to stash webauthn_session_data_id: %w", err)
 	}
diff --git a/backend/flowpilot/context_action_exec.go b/backend/flowpilot/context_action_exec.go
index 1c67bc798..4efd59b15 100644
--- a/backend/flowpilot/context_action_exec.go
+++ b/backend/flowpilot/context_action_exec.go
@@ -210,10 +210,6 @@ func (aec *defaultActionExecutionContext) Revert() error {
 }
 
 func (aec *defaultActionExecutionContext) Continue(stateNames ...StateName) error {
-	if aec.flowError != nil {
-		return aec.Error(aec.flowError)
-	}
-
 	for _, stateName := range stateNames {
 		if _, ok := aec.flow.stateDetails[stateName]; !ok {
 			return fmt.Errorf("cannot continue, state does not exist: %s", stateName)
diff --git a/frontend/elements/src/contexts/AppProvider.tsx b/frontend/elements/src/contexts/AppProvider.tsx
index caecc2515..b74bc136a 100644
--- a/frontend/elements/src/contexts/AppProvider.tsx
+++ b/frontend/elements/src/contexts/AppProvider.tsx
@@ -330,7 +330,11 @@ const AppProvider = ({
           });
         } catch (error) {
           const prevState = await state.actions.back(null).run();
-          setLoadingAction(null);
+          setUIState((prev) => ({
+            ...prev,
+            error: state.error,
+            loadingAction: null,
+          }));
           return hanko.flow.run(prevState, stateHandler);
         }