Setting up Krypton with Twitter appears to be broken.

Question

Setting up Krypton with Twitter appears to be broken.

obra opened this issue 5 years ago · 14 comments

Over the past day or so, I've tried to set up Krypton with Twitter from both Chrome and Firefox on Linux about a dozen times. I can't make it go. :/

The Krypton app on iOS believes that setup works ok. In Chrome, I don't get any indicator that something happened. In Firefox, Twitter's auth dialog says " Invalid response, try again "

Is there anything I can do to give you more information to help fix this issue?

Answer 1 · 2019-08-05T19:43:29.000Z

PR #30 resolves this issue for me on Firefox. On Chrome, there's something else weird going on, though.

Answer 2 · 2020-02-21T12:07:30.000Z

I see this issue too, on firefox & chrome mac, what are the other issues you see?

Answer 3 · 2020-05-04T18:45:47.000Z

Any plans to fix this?

Answer 4 · 2020-05-14T22:18:26.000Z

Fixed in version 1.0.18!
Just released a Krypton for Firefox update with this fix: https://addons.mozilla.org/en-US/firefox/addon/krypton-authenticator/

Answer 5 · 2020-05-14T22:29:34.000Z

Well, the "Invalid response, try again" issue seems to be fixed, but I still can't get it to work with Twitter. I get to "Add the security key to your Twitter account" and Krypton pops up the notification for me to approve. I click Approve and the app says it's registered with twitter.com, but Twitter goes to a screen that says "Touch the security key one more time to verify this is really your security key", and I don't know how to do that with Krypton. There's no notification or prompt on the phone, so I'm just stuck and I have to cancel out of the process.

Edit: This is in Firefox on MacOS

Answer 6 · 2020-05-14T22:30:37.000Z

I just tried and it worked for me 🤷

Answer 7 · 2020-05-14T22:32:59.000Z

@DarwinAwardWinner: it should automatically request your device, i.e. there should be two popups one for registering and one for auth

Answer 8 · 2020-05-14T22:35:40.000Z

I only get one prompt. The only other Krypton notification is "Registered with twitter.com", which has no approve button on it (of course).

Answer 9 · 2020-05-14T22:37:28.000Z

Any console errors? Can you also confirm you’re on v1.0.18 (bottom of extension pop up window)

Answer 10 · 2020-05-14T22:37:44.000Z

Yes, I definitely updated, because the first time I tried I got the invalid response, and then I realized the extension wasn't updated yet and force-updated the extension and checked the version number. The behavior I describe is with version 1.0.18. I'll check for console errors.

Answer 11 · 2020-05-14T22:41:14.000Z

This console error looks possibly suspicious?

Content Security Policy: The page’s settings blocked the loading of a resource at inline (“script-src”). u2f_security_key_verification_page.ebf22294c589815f452f1c9d6af08489d88d6af0.js:1:57428

I guess I'll see if there's anything blocking certain scripts from running (maybe uBlock or FF's own tracking protection).

Answer 12 · 2020-05-14T22:43:50.000Z

Ok, doesn't look like tracking protection or uBlock has any effect. I'm not familiar with what Content Security Policy refers to, and I don't know if that error is even relevant.

Answer 13 · 2020-05-14T22:45:00.000Z

Can you re-pair your phone?

Answer 14 · 2020-05-14T22:46:50.000Z

Ok, re-pairing my phone seems to have fixed it. I successfully completed the setup process.