nextcloud/twofactor_u2f

Registering Yubikey 5 fails

ravenpride opened this issue · 3 comments

Steps to reproduce

  1. Install Two-Factor U2F v5.0.1 on Nextcloud 17.0.2.
  2. Try to register the Yubikey.

Expected behaviour

Registration should succeed.

Actual behaviour

Registration hangs, progress indicator spins infinitely.

Server configuration

Operating system: Linux

Web server: NGINX

Database: MariaDB 10.4.11

PHP version: 7.3.13

Version: (see admin page) Nextcloud 17.0.2

Updated from an older version or fresh install: Fresh install

List of activated apps:

Accessibility 1.3.0 Offiziell
Activity 2.10.1 Offiziell
Auditing / Logging 1.7.0 Offiziell
Brute-force settings 1.4.0 Offiziell
Checksum 0.4.3
Collaborative tags 1.7.0 Offiziell
Default encryption module 2.5.0 Offiziell
Deleted files 1.7.0 Offiziell
External sites 3.4.1 Offiziell
External storage support 1.8.0 Offiziell
External user authentication 0.7.0
Extract 1.2.2
File access control 1.7.0 Offiziell
File sharing 1.9.0 Offiziell
First run wizard 2.6.0 Offiziell
Flow Upload 0.1.7
Gallery 18.4.0 Offiziell
Group folders 5.0.5 Offiziell
Log Reader 2.2.0 Offiziell
Maps 0.1.2 Offiziell
Markdown Editor 2.1.0
Monitoring 1.7.0 Offiziell
Music 0.12.1
Nextcloud announcements 1.6.0 Offiziell
Notes 3.1.1 Offiziell
Notifications 2.5.0 Offiziell
OCC Web 0.0.4
Password policy 1.7.0 Offiziell
PDF viewer 1.6.0 Offiziell
Photo Sphere Viewer 1.0.6
Quick notes 0.2.1
Right click 0.15.1 Offiziell
Share by mail 1.7.0 Offiziell
Text 1.1.1 Offiziell
Theming 1.8.0 Offiziell
Two Factor e-mail provider 1.0.0
Two-Factor TOTP Provider 4.1.1 Offiziell
Two-Factor U2F 5.0.1 Offiziell
Update notification 1.7.0 Offiziell
Versions 1.10.0 Offiziell
Video player 1.6.0 Offiziell
Viewer 1.2.0 Offiziell

The content of config/config.php:

<?php
$CONFIG = array (
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' =>
  array (
    0 =>
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 =>
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'instanceid' => 'xxxxx',
  'passwordsalt' => 'xxxxx',
  'secret' => 'xxxxx',
  'trusted_domains' =>
  array (
    0 => 'cloud.falk-online.eu',
  ),
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'mysql',
  'version' => '17.0.2.1',
  'overwrite.cli.url' => 'http://cloud.falk-online.eu',
  'dbname' => 'nextcloud',
  'dbhost' => 'mariadb',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'oc_admin',
  'dbpassword' => 'xxxxx',
  'installed' => true,
  'mail_from_address' => 'nextcloud',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => 'falk-online.eu',
  'mail_smtpauthtype' => 'PLAIN',
  'mail_smtpauth' => 1,
  'mail_smtphost' => 'zimbra.falk-online.eu',
  'mail_smtpport' => '587',
  'mail_smtpname' => 'xxx@xxx',
  'mail_smtppassword' => 'xxxxx',
  'mail_smtpsecure' => 'tls',
  'maintenance' => false,
  'theme' => '',
  'loglevel' => 2,
  'app_install_overwrite' =>
  array (
    0 => 'occweb',
  ),
);

Client configuration

Browser: Chrome (latest)

Operating system: Windows 10

Logs

Web server error log
No errors during device registration
Server log (data/nextcloud.log)
{"reqId":"IthvDoW2n79IGcFkq3og","level":3,"time":"2020-01-04T10:56:47+00:00","remoteAddr":"37.201.144.92","user":"admin","app":"index","method":"POST","url":"\/apps\/twofactor_u2f\/settings\/finishregister","message":{"Exception":"Exception","Message":"Argument 1 passed to OCA\\TwoFactorU2F\\Controller\\SettingsController::finishRegister() must be of the type string, null given, called in \/var\/www\/html\/lib\/private\/AppFramework\/Http\/Dispatcher.php on line 170","Code":0,"Trace":[{"file":"\/var\/www\/html\/lib\/private\/AppFramework\/App.php","line":126,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\TwoFactorU2F\\Controller\\SettingsController"},"finishRegister"]},{"file":"\/var\/www\/html\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\TwoFactorU2F\\Controller\\SettingsController","finishRegister",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{"_route":"twofactor_u2f.settings.finishRegister"}]},{"function":"__invoke","class":"OC\\AppFramework\\Routing\\RouteActionHandler","type":"->","args":[{"_route":"twofactor_u2f.settings.finishRegister"}]},{"file":"\/var\/www\/html\/lib\/private\/Route\/Router.php","line":297,"function":"call_user_func","args":[{"__class__":"OC\\AppFramework\\Routing\\RouteActionHandler"},{"_route":"twofactor_u2f.settings.finishRegister"}]},{"file":"\/var\/www\/html\/lib\/base.php","line":997,"function":"match","class":"OC\\Route\\Router","type":"->","args":["\/apps\/twofactor_u2f\/settings\/finishregister"]},{"file":"\/var\/www\/html\/index.php","line":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\/var\/www\/html\/lib\/private\/AppFramework\/Http\/Dispatcher.php","Line":109,"Previous":{"Exception":"TypeError","Message":"Argument 1 passed to OCA\\TwoFactorU2F\\Controller\\SettingsController::finishRegister() must be of the type string, null given, called in \/var\/www\/html\/lib\/private\/AppFramework\/Http\/Dispatcher.php on line 170","Code":0,"Trace":[{"file":"\/var\/www\/html\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":170,"function":"finishRegister","class":"OCA\\TwoFactorU2F\\Controller\\SettingsController","type":"->","args":[null,null,"Yubikey"]},{"file":"\/var\/www\/html\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":99,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\TwoFactorU2F\\Controller\\SettingsController"},"finishRegister"]},{"file":"\/var\/www\/html\/lib\/private\/AppFramework\/App.php","line":126,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\TwoFactorU2F\\Controller\\SettingsController"},"finishRegister"]},{"file":"\/var\/www\/html\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\TwoFactorU2F\\Controller\\SettingsController","finishRegister",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{"_route":"twofactor_u2f.settings.finishRegister"}]},{"function":"__invoke","class":"OC\\AppFramework\\Routing\\RouteActionHandler","type":"->","args":[{"_route":"twofactor_u2f.settings.finishRegister"}]},{"file":"\/var\/www\/html\/lib\/private\/Route\/Router.php","line":297,"function":"call_user_func","args":[{"__class__":"OC\\AppFramework\\Routing\\RouteActionHandler"},{"_route":"twofactor_u2f.settings.finishRegister"}]},{"file":"\/var\/www\/html\/lib\/base.php","line":997,"function":"match","class":"OC\\Route\\Router","type":"->","args":["\/apps\/twofactor_u2f\/settings\/finishregister"]},{"file":"\/var\/www\/html\/index.php","line":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\/var\/www\/html\/custom_apps\/twofactor_u2f\/lib\/Controller\/SettingsController.php","Line":66},"CustomMessage":"--"},"userAgent":"Mozilla\/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/79.0.3945.88 Safari\/537.36","version":"17.0.2.1"}
Browser log
Insert your browser log here, this could for example include:

a) The javascript console log
AddDeviceDialog.vue:153 Uncaught (in promise) Error: Registrierung des U2F-Gerätes fehlgeschlagen (Fehler-Code  {errorCode})
    at a.rejectRegistration (AddDeviceDialog.vue:153)
    at AddDeviceDialog.vue:131
rejectRegistration @ AddDeviceDialog.vue:153
(anonymous) @ AddDeviceDialog.vue:131
Promise.catch (async)
register @ AddDeviceDialog.vue:131
Promise.then (async)
start @ AddDeviceDialog.vue:105
Gt @ vue.runtime.esm.js:1854
n @ vue.runtime.esm.js:2179
Sr.i._wrapper @ vue.runtime.esm.js:6911
xhr.js:172 POST https://cloud.falk-online.eu/apps/twofactor_u2f/settings/finishregister 500
(anonymous) @ xhr.js:172
t.exports @ xhr.js:11
t.exports @ dispatchRequest.js:57
Promise.then (async)
c.request @ Axios.js:53
r.forEach.c.<computed> @ Axios.js:78
(anonymous) @ bind.js:9
s @ RegistrationService.js:35
saveRegistrationData @ AddDeviceDialog.vue:180
Promise.then (async)
submit @ AddDeviceDialog.vue:166
Gt @ vue.runtime.esm.js:1854
n @ vue.runtime.esm.js:2179
Sr.i._wrapper @ vue.runtime.esm.js:6911
ConsoleLogger.js:56 [ERROR] twofactor_u2f: Error persisting registration {app: "twofactor_u2f", uid: "admin", config: {…}, request: XMLHttpRequest, response: {…}, …}
value @ ConsoleLogger.js:56
value @ ConsoleLogger.js:82
(anonymous) @ AddDeviceDialog.vue:184
Promise.catch (async)
saveRegistrationData @ AddDeviceDialog.vue:183
Promise.then (async)
submit @ AddDeviceDialog.vue:166
Gt @ vue.runtime.esm.js:1854
n @ vue.runtime.esm.js:2179
Sr.i._wrapper @ vue.runtime.esm.js:6911
ConsoleLogger.js:56 [ERROR] twofactor_u2f: Error: Server-Fehler beim Versuch die U2F-Geräte-Registrierung abzuschließen {app: "twofactor_u2f", uid: "admin"}
value @ ConsoleLogger.js:56
value @ ConsoleLogger.js:82
Promise.catch (async)
submit @ AddDeviceDialog.vue:171
Gt @ vue.runtime.esm.js:1854
n @ vue.runtime.esm.js:2179
Sr.i._wrapper @ vue.runtime.esm.js:6911

b) The network log
Sorry, don't know how to retrieve it.

Additional Info:

Nextcloud is running in a docker container with NGINX as webserver in another container. This webserver is then connected to jwilder's NGINX reverse proxy container - the usual setup with the Letsencrypt Companion Container. I hope, this helps.

Hi @ravenpride are you sure this is not just a UI issue? For me, registering any key (like Solokey, Yubikey NEO) leads to a spinning progress indicator next to an text field for the name. It keeps spinning until I assign a name and hit the "Add" button:

image

@ChristophWurst Thank you for the hint, that solved the issue!