Fido2 authentication not working when on MySQL

[jgomer2001]

Two weeks ago, authentication was working fine with fido2 after properly widening a column, see #1044

A couple of days ago it started to fail again (in both VM and CN environments). Some findings:

• No errors shown in fido2.log despite the authentication failure. Strangely, this log contains persistence-related statements which should be in fido2_persistence.log instead. The persistence log remains empty all the time.
• The only interesting log message is found in jans-auth_script log: Fido2. Authenticate for step 2. Get invalid authentication status from Fido2 server
• I added a print authenticationStatusEntity to fido2 script and this is the output after formatting:

 "cause2":"Failed to build search entries query. Key: 'people', expression: 'doc.jansCodeChallenge = obYFDiMssezrEN3LQBGT0_k1diSXvcFTI-xIIb3-iZ8'",
 "cause1":"io.jans.orm.exception.EntryPersistenceException: Failed to find entries with key: 'people'",
 "servlet":"io.jans.fido2.service.app.ResteasyInitializer",
 "cause4":"java.sql.SQLSyntaxErrorException: Unknown column 'doc.jansCodeChallengeHash' in 'field list'",
 "cause3":"com.querydsl.core.QueryException: Caught SQLSyntaxErrorException for select doc.jansStatus, doc.jansCodeChallengeHash, doc.jansAuthData, doc.jansCodeChallenge, doc.jansId, doc.creationDate, doc.personInum, doc.dn, doc.doc_id\nfrom gluu.jansFido2AuthnEntry doc\nwhere doc.jansCodeChallenge = ?\norder by creationDate asc",
 "cause0":"org.jboss.resteasy.spi.UnhandledException: io.jans.orm.exception.EntryPersistenceException: Failed to find entries with key: 'people'",
 "message":"org.jboss.resteasy.spi.UnhandledException: io.jans.orm.exception.EntryPersistenceException: Failed to find entries with key: 'people'",
 "url":"/jans-fido2/restv1/assertion/result",
 "status":"500"

The above means:

• something is off in fido2 logging. I opened an issue in this regard
• There is usage of non existing column jansCodeChallengeHash in jansFido2AuthnEntry. I checked the history of bean io.jans.fido2.model.entry.Fido2Entry and it contains a field for challengeHash which has been there from the initial commit of the file. I cannot explain why we see this error only until now. The challengeHash should be part of bean Fido2RegistrationEntry only I suppose.

To make my tests quicker, I simply added the column to table jansFido2AuthnEntry but again found the problem of issue #1044 (data too long). I opened a separate issue because column jansAuthData needs better sizing.

[jgomer2001]

There are serious problems with this fix. I'll take a look

[jgomer2001]

It is working now with 1.1.3-snapshot deb package in FF and chrome