Comments (17)
TheOneWithTheBraid
commented on August 19, 2024
1
In my case (unsure whether exactly related), this happened when I tried to add the same U2F device several times. In infinitely hanged without an error message.
from twofactor_u2f.
jakubgs
commented on August 19, 2024
1
I've added dome debugging prints to the code to check the values, and when the payload for POST request is:
The $arguments variable looks like this right before call to call_user_func_array():
[NULL, NULL, "yubikey"]
Where yubikey is the $name passed to finishRegister():
public function finishRegister(string $registrationData, string $clientData, string $name = null): JSONResponse {
return new JSONResponse($this->manager->finishRegistration($this->userSession->getUser(), $registrationData, $clientData, $name));
}So we're clearly missing $registrationData and $clientData.
from twofactor_u2f.
ChristophWurst
commented on August 19, 2024
See #690
from twofactor_u2f.
jakubgs
commented on August 19, 2024
I'm seeing the same issue, endless spinning and the error:
OCA\TwoFactorU2F\Controller\SettingsController::finishRegister():
Argument #1 ($registrationData) must be of type string, null given,
called in /var/www/html/lib/private/AppFramework/Http/Dispatcher.php
on line 217 in file /var/www/html/custom_apps/twofactor_u2f/lib/Controller/SettingsController.php line 65
And I already have overwriteprotocol: https set, so that's not it.
> php occ config:list | jq .system.overwriteprotocol
"https"
from twofactor_u2f.
jakubgs
commented on August 19, 2024
I can see the request to /index.php/apps/twofactor_u2f/settings/finishregister being made:
And the payload is there:
from twofactor_u2f.
jakubgs
commented on August 19, 2024
We can see saveRegistrationData is called from the AddDeviceDialog:
twofactor_u2f/src/components/AddDeviceDialog.vue
Lines 178 to 191 in 5fe47c0
Which created a
data object with the name attribute set to what the user provides, which then is sent via:twofactor_u2f/src/services/RegistrationService.js
Lines 32 to 37 in 7edb7f7
To the
/apps/twofactor_u2f/settings/finishregister endpoint. Which we can see happened above, as expected.
So the issue probably isn't on the frontend, meaning Vue/JS side.
from twofactor_u2f.
jakubgs
commented on August 19, 2024
This is the full error btw: https://gist.github.com/jakubgs/951909e3253baf46cc54e5a9521b255d
from twofactor_u2f.
jakubgs
commented on August 19, 2024
These three issues seem related:
They all include the must be of type string, null given error caused somewhere in the stack trace by lib/private/AppFramework/Http/Dispatcher.php, which seems to indicate the payload is lost somewhere along the way..
from twofactor_u2f.
aikitori
commented on August 19, 2024
I can't add a new WebAuthn device. Is this related or should i open a new issue?
Browser Log (Firefox):
starting webauthn registration AddDevice.vue:158
[DEBUG] settings: confirmed password
Object { app: "settings", uid: "user" }
ConsoleLogger.js:29:16
XHRPOSThttps://cloud.example.com/settings/api/personal/webauthn/registration
[HTTP/2 500 Internal Server Error 141ms]
[ERROR] settings: Error persisting webauthn registration
Object { app: "settings", uid: "user", error: Error }
ConsoleLogger.js:41:16
Error: Server-Fehler beim Versuch die WebAuthn-Geräte-Registrierung abzuschließen
e AddDevice.vue:195
u runtime.js:63
_invoke runtime.js:294
v runtime.js:119
x vue-settings-personal-webauthn.js:223
s vue-settings-personal-webauthn.js:223
promise callback*x vue-settings-personal-webauthn.js:223
a vue-settings-personal-webauthn.js:223
saveRegistrationData vue-settings-personal-webauthn.js:223
saveRegistrationData vue-settings-personal-webauthn.js:223
saveRegistrationData vue-settings-personal-webauthn.js:223
promise callback*submit AddDevice.vue:179
VueJS 28
start AddDevice.vue:116
promise callback*start AddDevice.vue:116
VueJS 2
AddDevice.vue:183
from twofactor_u2f.
jakubgs
commented on August 19, 2024
When I put a debug line here:
$this->logger->info("WTF param: $param -> '$value' ($type)");I can see that the arguments are all of type string but the first two are empty strings:
WTF param: registrationData -> '' (string)
WTF param: clientData -> '' (string)
WTF param: name -> 'yubikey' (string)
But then the first two empty strings somehow get turned into NULLs.
from twofactor_u2f.
jakubgs
commented on August 19, 2024
Specifically, I printed contents of $arguments before and after this line:
https://github.com/nextcloud/server/blob/v23.0.3/lib/private/AppFramework/Http/Dispatcher.php#L214
And it appears that the empty string in $value turns into NULL the moment this assignment in the loop takes place:
$arguments[] = $value;
Which as far as I can tell should not be happening:
https://user-images.githubusercontent.com/2212681/159962326-04aa86cd-79ba-4c5d-9864-c1f621f4dedd.png
But I lack the context to know if these should even be empty strings in the first place.
from twofactor_u2f.
jakubgs
commented on August 19, 2024
@ChristophWurst sorry for pinging you directly but I'd appreciate some insight here.
What are the expected values for $registrationData and $clientData? I assume it's not NULL, but is empty string valid?
My guess would be that no, but I lack the context to know what should be in those variables.
Are those variables supposed to be present in the JSON that is POSTed to the finishregister endpint?
If so then the issue must be on the client side since those are not visible when looking up the request in browser dev console.
from twofactor_u2f.
jakubgs
commented on August 19, 2024
Based on these lines it appears that the registrationData should contains something more:
twofactor_u2f/src/components/AddDeviceDialog.vue
Lines 178 to 180 in 5fe47c0
Correct?
So that would mean the issue is somewhere in the frontend JS?
Or maybe the issue is the browser not providing this data?
from twofactor_u2f.
jakubgs
commented on August 19, 2024
It appears to me that if something went wrong on client side we should see this error here:
twofactor_u2f/src/components/AddDeviceDialog.vue
Lines 110 to 116 in 5fe47c0
But instead what I get is:
Uncaught (in promise) Error: U2F device registration failed (error code unknown)
at a.rejectRegistration (AddDeviceDialog.vue:157:1)
at AddDeviceDialog.vue:135:1
Though I can see that there is a payload sent to the startregister endpoint:
from twofactor_u2f.
jakubgs
commented on August 19, 2024
And the error appears to be handled by this case:
twofactor_u2f/src/components/AddDeviceDialog.vue
Lines 153 to 159 in 5fe47c0
The
errorCode being the unknown fallback doesn't help debug this.from twofactor_u2f.
jakubgs
commented on August 19, 2024
I think the key to this issue is this error:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('chrome-extension://kmendfapggjehodndflmmgagdbamhnfd') does not match the recipient window's origin ('null').
(anonymous) @ generated-google-u2f-api.js:534
load (async)
r.getIframePort_ @ generated-google-u2f-api.js:532
(anonymous) @ generated-google-u2f-api.js:206
Which is described here:
But the thing is I already have overwriteprotocol: https set, as well as some other related settings:
'overwrite.cli.url' => 'https://localhost',
'overwritehost' => 'cloud.example.org',
'overwriteprotocol' => 'https',
'trusted_domains' =>
array (
0 => 'localhost',
1 => 'cloud.example.org',
2 => 'onlyoffice.example.org',
),
'trusted_proxies' =>
array (
0 => '127.0.0.1',
1 => '10.0.0.0/8',
2 => '172.17.0.0/16',
),But something is still missing. Maybe my trusted_proxies are incorrect.
from twofactor_u2f.
jakubgs
commented on August 19, 2024
I'm starting to think the most sensible thing is to just disable U2F extension in favor of WebAuthN since U2F is deprecated.
Because I really can't get this to work no matter how I change my reverse proxy setup.
from twofactor_u2f.
Related Issues (20)
- Support for NC24 and PHP8.1 HOT 7
- Webauthn in Nextcloud does only provide 1FA, not 2FA, thus it should not be recommended as a successor to this app HOT 2
- Replace lint.yml with split workflows HOT 1
- PHP with a version lower than 8.0 is required. HOT 2
- Trust browser after success HOT 1
- Can not add Yubico Key 5 NFC HOT 6
- How to disable ? HOT 1
- Verified working with GoTrust IdemKey HOT 2
- Issue with Safari HOT 5
- Use shared browserslist config
- Unable to Add YubiKey HOT 3
- Rename existing U2F device
- U2F device can not work with chromium-based Edge browser with Errorcode: unknown. HOT 7
- U2F API is being deprecated HOT 32
- Login hangs on Chrome (Android) HOT 2
- Please help me develop a two factor auth app
- Drop Nextcloud 20 support
- Using U2F along with WebDav/CalDav HOT 1
- Google Chrome U2F API decommission HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from twofactor_u2f.