nextcloud/twofactor_webauthn

adding Solokey 2 >> Data too long for column 'public_key_credential_id' at row 1 at <<closure>>

tbpoetke opened this issue · 17 comments

tbpoetke commented

Steps to reproduce

  1. adding Solokey 2 in Nextcloud adminpage

Actual behaviour

is not working, this error message appears in serverlog:

[index] Error: OC\DB\Exceptions\DbalException: An exception occurred while executing a query: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'public_key_credential_id' at row 1 at <<closure>>

 0. /var/www/html/lib/private/DB/QueryBuilder/QueryBuilder.php line 329
    OC\DB\Exceptions\DbalException::wrap(Doctrine\DBAL\Ex ... {})
 1. /var/www/html/lib/public/AppFramework/Db/QBMapper.php line 139
    OC\DB\QueryBuilder\QueryBuilder->executeStatement()
 2. /var/www/html/custom_apps/twofactor_webauthn/lib/Db/PublicKeyCredentialEntityMapper.php line 132
    OCP\AppFramework\Db\QBMapper->insert(OCA\TwoFactorWeb ... l})
 3. /var/www/html/custom_apps/twofactor_webauthn/lib/Repository/WebauthnPublicKeyCredentialSourceRepository.php line 91
    OCA\TwoFactorWebauthn\Db\PublicKeyCredentialEntityMapper->insertOrUpdate(OCA\TwoFactorWeb ... l})
 4. /var/www/html/custom_apps/twofactor_webauthn/lib/Service/WebAuthnManager.php line 233
    OCA\TwoFactorWebauthn\Repository\WebauthnPublicKeyCredentialSourceRepository->saveCredentialSource(Webauthn\PublicKeyCredentialSource {}, "solokey")
 5. /var/www/html/custom_apps/twofactor_webauthn/lib/Controller/SettingsController.php line 68
    OCA\TwoFactorWebauthn\Service\WebAuthnManager->finishRegister(OC\User\User {}, "solokey", "{\"id\":\"owBY4 ... }")
 6. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 225
    OCA\TwoFactorWebauthn\Controller\SettingsController->finishRegister("solokey", "{\"id\":\"owBY4 ... }")
 7. /var/www/html/lib/private/AppFramework/Http/Dispatcher.php line 133
    OC\AppFramework\Http\Dispatcher->executeController(OCA\TwoFactorWeb ... {}, "finishRegister")
 8. /var/www/html/lib/private/AppFramework/App.php line 172
    OC\AppFramework\Http\Dispatcher->dispatch(OCA\TwoFactorWeb ... {}, "finishRegister")
 9. /var/www/html/lib/private/Route/Router.php line 298
    OC\AppFramework\App::main("OCA\\TwoFactorW ... r", "finishRegister", OC\AppFramework\ ... {}, ["twofactor_weba ... "])
10. /var/www/html/lib/base.php line 1023
    OC\Route\Router->match("/apps/twofactor ... r")
11. /var/www/html/index.php line 36
    OC::handleRequest()

Server configuration

Operating system: Ubuntu 18.04 Nextcloud 24.0.3 in docker

Web server:

Database:
Type: mysql
Version: 10.5.16
PHP version:
8.0.21
Version: (see admin page)
0.3.1

List of activated apps:

  • accessibility: 1.10.0
  • activity: 2.16.0
  • admin_audit: 1.14.0
  • bookmarks: 11.0.1
  • calendar: 3.4.2
  • circles: 24.0.0
  • cloud_federation_api: 1.7.0
  • comments: 1.14.0
  • contacts: 4.2.0
  • contactsinteraction: 1.5.0
  • dav: 1.22.0
  • deck: 1.7.1
  • drawio: 1.0.3
  • federatedfilesharing: 1.14.0
  • federation: 1.14.0
  • files: 1.19.0
  • files_external: 1.16.1
  • files_mindmap: 0.0.26
  • files_pdfviewer: 2.5.0
  • files_rightclick: 1.3.0
  • files_sharing: 1.16.2
  • files_trashbin: 1.14.0
  • files_versions: 1.17.0
  • files_videoplayer: 1.13.0
  • firstrunwizard: 2.13.0
  • groupfolders: 12.0.1
  • keeweb: 0.6.9
  • logreader: 2.9.0
  • lookup_server_connector: 1.12.0
  • mindmaps: 0.1.0
  • nextcloud_announcements: 1.13.0
  • notes: 4.4.0
  • notifications: 2.12.0
  • oauth2: 1.12.0
  • password_policy: 1.14.0
  • photos: 1.6.0
  • privacy: 1.8.0
  • provisioning_api: 1.14.0
  • recommendations: 1.3.0
  • richdocuments: 6.1.1
  • serverinfo: 1.14.0
  • settings: 1.6.0
  • sharebymail: 1.14.0
  • systemtags: 1.14.0
  • tasks: 0.14.4
  • text: 3.5.1
  • theming: 1.15.0
  • twofactor_backupcodes: 1.13.0
  • twofactor_nextcloud_notification: 3.4.0
  • twofactor_totp: 6.4.0
  • twofactor_webauthn: 0.3.1
  • updatenotification: 1.14.0
  • user_status: 1.4.0
  • viewer: 1.8.0
  • weather_status: 1.4.0
  • workflowengine: 2.6.0
tbpoetke commented

ok, I managed to fix it for myself:

I connected to my Nextcloud db and entered this statement:

ALTER TABLE twofactor_webauthn_registrations MODIFY public_key_credential_id VARCHAR(5000);
SigLinJo commented

Hi. I have the same error while adding solokey2 through Chrome on Ubuntu. It works when I do it in Firefox. I can log in through Chrome after registering the key through Firefox. I have updated to the latest firmware for Solokey2

Server configuration detail

Operating system: Linux 5.15.0-48-generic #54-Ubuntu SMP Fri Aug 26 13:26:29 UTC 2022 x86_64

Webserver: Apache/2.4.54 (Ubuntu) (fpm-fcgi)

Database: mysql 10.6.7

PHP version: 8.0.22

Modules loaded: Core, date, libxml, openssl, pcre, zlib, filter, hash, json, Reflection, SPL, session, standard, sodium, cgi-fcgi, pdlib, mysqlnd, PDO, xml, apcu, bcmath, bz2, calendar, ctype, curl, dom, mbstring, FFI, fileinfo, ftp, gd, gettext, gmp, iconv, imagick, intl, exif, mysqli, pdo_mysql, Phar, posix, readline, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tokenizer, xmlreader, xmlwriter, xsl, zip, Zend OPcache

Nextcloud version: 24.0.5 - 24.0.5.1

Updated from an older Nextcloud/ownCloud or fresh install:

Where did you install Nextcloud from: unknown

Signing status

Array ( )

List of activated apps

Enabled:

  • accessibility: 1.10.0
  • activity: 2.16.0
  • admin_audit: 1.14.0
  • analytics: 4.4.0
  • announcementcenter: 6.3.1
  • apporder: 0.15.0
  • bookmarks: 11.0.3
  • bruteforcesettings: 2.4.0
  • calendar: 3.5.0
  • camerarawpreviews: 0.8.0
  • checksum: 1.1.4
  • circles: 24.0.1
  • cloud_federation_api: 1.7.0
  • comments: 1.14.0
  • contacts: 4.2.1
  • contactsinteraction: 1.5.0
  • cospend: 1.4.10
  • dav: 1.22.0
  • deck: 1.7.1
  • extract: 1.3.5
  • facerecognition: 0.9.5
  • federatedfilesharing: 1.14.0
  • federation: 1.14.0
  • files: 1.19.0
  • files_antivirus: 3.3.1
  • files_downloadactivity: 1.13.0
  • files_external: 1.16.1
  • files_mindmap: 0.0.26
  • files_pdfviewer: 2.5.0
  • files_rightclick: 1.3.0
  • files_sharing: 1.16.2
  • files_trashbin: 1.14.0
  • files_videoplayer: 1.13.0
  • firstrunwizard: 2.13.0
  • forms: 2.5.1
  • gpxpod: 4.3.0
  • impersonate: 1.11.0
  • keeweb: 0.6.9
  • logreader: 2.9.0
  • lookup_server_connector: 1.12.0
  • mail: 1.13.8
  • maps: 0.2.1
  • mediadc: 0.1.9
  • metadata: 0.16.0
  • news: 18.1.1
  • nextcloud_announcements: 1.13.0
  • notes: 4.5.1
  • notifications: 2.12.1
  • notify_push: 0.4.0
  • oauth2: 1.12.0
  • password_policy: 1.14.0
  • passwords: 2022.9.20
  • phonetrack: 0.7.0
  • photos: 1.6.0
  • polls: 3.8.1
  • privacy: 1.8.0
  • provisioning_api: 1.14.0
  • recommendations: 1.3.0
  • richdocuments: 6.2.0
  • serverinfo: 1.14.0
  • settings: 1.6.0
  • sharebymail: 1.14.0
  • spreed: 14.0.5
  • support: 1.7.0
  • survey_client: 1.12.0
  • systemtags: 1.14.0
  • tasks: 0.14.4
  • text: 3.5.1
  • theming: 1.15.0
  • twofactor_backupcodes: 1.13.0
  • twofactor_nextcloud_notification: 3.4.0
  • twofactor_totp: 6.4.0
  • twofactor_webauthn: 0.3.2
  • updatenotification: 1.14.0
  • user_status: 1.4.0
  • user_usage_report: 1.8.0
  • viewer: 1.8.0
  • welcome: 1.0.1
  • workflowengine: 2.6.0
tbpoetke commented

This bug should be already solved with the latest Major update of the solo2 firmware.
Relase Notes

SigLinJo commented

I have updated to the latest version of the solo2 firmware but still got the error while using Chrome. It worked with Firefox thou and authentication works with both...

tbpoetke commented

@SigLinJo as long as you dont have the same error message in the server log like me, it's not related to the key length. Can you post the server log from the time you tried to add the key/login?

SigLinJo commented

@tbpoetke ...1406 Data too long for column... Is the error I get also. Didn't bother posting my error because it was identical to yours. At work on mobile now so can't reproduce right now. The reason I commented was that i was surprised the error persisted after firmware update of Solokey2. Tried with several Solokey2 and on two different computers, both running Ubuntu 21.04 thou...

tbpoetke commented

@SigLinJo did you tried to edit the database like i did to fix the error?

SigLinJo commented

@tbpoetke no, I don't think a manual edit of the database is a fix... I used a workaround with registering the key in Firefox instead.

tbpoetke commented

the developer did the same some time before: #30,
and for me it's working since this workaround. (I did it before the new firmware)

SigLinJo commented

Yes, and they pushed an update of the app to increase length of another table value (varying). This time we are having problem with 'public_key_credential_id' wich might need to be addressed in some way. I don't know if it is chrome, Solokey2 or nextcloud webauthn that is doing something strange in this instance, and I'm not experienced enough to find out. I just wanted to bring attention to the error to maybe give more capable people a chance to give future users a better experience :)

zevlee commented

I have the same problem when attempting to add a Nitrokey 3A Mini. Other websites work just fine so I'm inclined to believe that it's an issue of the Nextcloud WebAuthn app.

[index] Error: OC\DB\Exceptions\DbalException: An exception occurred while executing a query: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'public_key_credential_id' at row 1 at <<closure>>

 0. /var/www/nextcloud/lib/private/DB/QueryBuilder/QueryBuilder.php line 329
    OC\DB\Exceptions\DbalException::wrap()
 1. /var/www/nextcloud/lib/public/AppFramework/Db/QBMapper.php line 139
    OC\DB\QueryBuilder\QueryBuilder->executeStatement()
 2. /var/www/nextcloud/apps/twofactor_webauthn/lib/Db/PublicKeyCredentialEntityMapper.php line 132
    OCP\AppFramework\Db\QBMapper->insert()
 3. /var/www/nextcloud/apps/twofactor_webauthn/lib/Repository/WebauthnPublicKeyCredentialSourceRepository.php line 91
    OCA\TwoFactorWebauthn\Db\PublicKeyCredentialEntityMapper->insertOrUpdate()
 4. /var/www/nextcloud/apps/twofactor_webauthn/lib/Service/WebAuthnManager.php line 233
    OCA\TwoFactorWebauthn\Repository\WebauthnPublicKeyCredentialSourceRepository->saveCredentialSource()
 5. /var/www/nextcloud/apps/twofactor_webauthn/lib/Controller/SettingsController.php line 68
    OCA\TwoFactorWebauthn\Service\WebAuthnManager->finishRegister()
 6. /var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line 225
    OCA\TwoFactorWebauthn\Controller\SettingsController->finishRegister()
 7. /var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line 133
    OC\AppFramework\Http\Dispatcher->executeController()
 8. /var/www/nextcloud/lib/private/AppFramework/App.php line 172
    OC\AppFramework\Http\Dispatcher->dispatch()
 9. /var/www/nextcloud/lib/private/Route/Router.php line 298
    OC\AppFramework\App::main()
10. /var/www/nextcloud/lib/base.php line 1030
    OC\Route\Router->match()
11. /var/www/nextcloud/index.php line 36
    OC::handleRequest()
zevlee commented

I just updated to Nextcloud 25, which comes with v1.0.0 of the Two Factor WebAuthn app. Supposedly, registration should have been fixed according to the release notes. I still have the same problem showing up in the log as before.

ChristophWurst commented

The changelog mentions #144.

zevlee commented

From what I can tell, it doesn't seem like #144 is related to this issue. It looks like the field public_key_credential_id needs to be increased in size to fit longer values. Perhaps a migration step similar to this section could be added with a larger number?

zevlee commented

I tested the suggested database change in an earlier comment and can confirm it works. It seems like 512 is a sufficient length for most use cases. That is to say, the following command was acceptable:

ALTER TABLE oc_twofactor_webauthn_regs MODIFY public_key_credential_id VARCHAR(512);

With that in mind, perhaps we should draft a pull request with a migration step to change the length to 512?