Open JssDWt opened 1 year ago
joel-st
commented
1 year ago Hey @JssDWt thank you for commiting this issue.
What version of the Breez app and what browser are you using?
Is the website you are trying to log into publicly accessible so I can test it?
The login sometimes works incorrectly with an unstable internet connection. At the moment the plugin does not have a log function.
Thanks for more information and have a nice day!
Camboa
commented
1 year ago Hi @joel-st, Breez version: 1.0.21 (iOS). Tested browsers: Google Chrome, Safari Website: https://lightningcats.org/login/
It works with Phoenix, WoS and Alby.
Thank you!
joel-st
commented
1 year ago I just tried that too and get the same error on an Android device. Did you maybe change something special about the plugin settings in the admin area?
Are you able to login to the demo site? https://lnurl-auth-for-wordpress.joelstuedle.ch/
JssDWt
commented
1 year ago I get the same error too, and no error on your site.
One thing I found out, while playing around:
If I put a completely invalid signature and key in the url, like so:
https://lightningcats.org/wp-login.php?tag=login&k1=5766544b6c5766685379583143413662636c7170615a6b39477a45494d396776&action=login&sig=123&key=123
The response looks like this:
<br />
<b>Warning</b>: hex2bin(): Hexadecimal input string must have an even length in <b>/home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/vendor/simplito/elliptic-php/lib/Utils.php</b> on line <b>31</b><br />
<br />
<b>Warning</b>: Undefined array key 0 in <b>/home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/vendor/simplito/elliptic-php/lib/Curve/BaseCurve.php</b> on line <b>304</b><br />
{
"status": "ERROR",
"reason": "\"Unknown point format\": Verifying signature failed. Please reload the page and try again."
}So maybe Breez is doing something invalid, but the error response is not valid then either.
JssDWt
commented
1 year ago Same on @joel-st 's site:
Warning: hex2bin(): Hexadecimal input string must have an even length in /home/httpd/vhosts/joelstuedle.ch/httpdocs/lnurl-auth-for-wordpress.joelstuedle.ch/wp-content/plugins/lnurl-auth/vendor/simplito/elliptic-php/lib/Utils.php on line 31
Warning: Undefined array key 0 in /home/httpd/vhosts/joelstuedle.ch/httpdocs/lnurl-auth-for-wordpress.joelstuedle.ch/wp-content/plugins/lnurl-auth/vendor/simplito/elliptic-php/lib/Curve/BaseCurve.php on line 304
Warning: Undefined array key 0 in /home/httpd/vhosts/joelstuedle.ch/httpdocs/lnurl-auth-for-wordpress.joelstuedle.ch/wp-content/plugins/lnurl-auth/vendor/simplito/elliptic-php/lib/Curve/BaseCurve.php on line 304
Warning: Undefined array key 0 in /home/httpd/vhosts/joelstuedle.ch/httpdocs/lnurl-auth-for-wordpress.joelstuedle.ch/wp-content/plugins/lnurl-auth/vendor/simplito/elliptic-php/lib/Curve/BaseCurve.php on line 304
Warning: Undefined array key 0 in /home/httpd/vhosts/joelstuedle.ch/httpdocs/lnurl-auth-for-wordpress.joelstuedle.ch/wp-content/plugins/lnurl-auth/vendor/simplito/elliptic-php/lib/Curve/BaseCurve.php on line 314
Warning: Undefined array key 0 in /home/httpd/vhosts/joelstuedle.ch/httpdocs/lnurl-auth-for-wordpress.joelstuedle.ch/wp-content/plugins/lnurl-auth/vendor/simplito/elliptic-php/lib/Curve/BaseCurve.php on line 314
{
"status": "ERROR",
"reason": "\"Unknown point format\": Verifying signature failed. Please reload the page and try again."
}Breez is doing ‘something’ that apparently differs from other wallets. Which makes the wordpress plugin error. Only the wordpress plugin from lightningcats actually.
Then the wordpress plugin returns an error response that’s invalid json, which makes Breez unable to interpret the error response.
Check out the function that catches the lnurl auth callback sent from the wallet and processes the auth: https://github.com/joel-st/lnurl-auth-for-wordpress/blob/main/classes/Login.php#L87
If the auth fails at any point it does log an error to the WordPress debug.log file. e.g. https://github.com/joel-st/lnurl-auth-for-wordpress/blob/main/classes/Login.php#L134 (WP debug must be enabled I guess for this to work).
Can you maybe check out your debug.log file on lightningcats to find any helpful information
Camboa
commented
1 year ago Here are the logs. I logged in with Breez at 14:47. Still the same error.
[18-Aug-2023 14:47:42 UTC] PHP Deprecated: Creation of dynamic property JoelMelon\Plugins\LNURLAuth\Plugin::$Plugin is deprecated in /home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/classes/Plugin.php on line 110 [18-Aug-2023 14:47:42 UTC] PHP Deprecated: Creation of dynamic property JoelMelon\Plugins\LNURLAuth\Plugin\Settings::$options_prefix is deprecated in /home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/classes/Settings.php on line 32 [18-Aug-2023 14:47:42 UTC] PHP Deprecated: Implicit conversion from float 157.44 to int loses precision in /home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/vendor/endroid/qr-code/src/Logo/Logo.php on line 44
JssDWt
commented
1 year ago @joel-st Those logs appear unrelated, don't they?
Camboa
commented
1 year ago I tried again.
I logged in with Breez at 22:58. It didn't work. Here are the logs:
[18-Aug-2023 22:58:08 UTC] PHP Deprecated: Creation of dynamic property JoelMelon\Plugins\LNURLAuth\Plugin::$Plugin is deprecated in /home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/classes/Plugin.php on line 110 [18-Aug-2023 22:58:08 UTC] PHP Deprecated: Creation of dynamic property JoelMelon\Plugins\LNURLAuth\Plugin\Settings::$options_prefix is deprecated in /home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/classes/Settings.php on line 32 [18-Aug-2023 22:58:09 UTC] PHP Deprecated: Implicit conversion from float 157.44 to int loses precision in /home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/vendor/endroid/qr-code/src/Logo/Logo.php on line 44
At 23:02 I logged in with Phoenix. It worked. Here are the logs:
[18-Aug-2023 23:02:03 UTC] PHP Deprecated: Creation of dynamic property JoelMelon\Plugins\LNURLAuth\Plugin::$Plugin is deprecated in /home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/classes/Plugin.php on line 110 [18-Aug-2023 23:02:03 UTC] PHP Deprecated: Creation of dynamic property JoelMelon\Plugins\LNURLAuth\Plugin\Settings::$options_prefix is deprecated in /home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/classes/Settings.php on line 32 [18-Aug-2023 23:02:04 UTC] PHP Deprecated: Implicit conversion from float 157.44 to int loses precision in /home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/vendor/endroid/qr-code/src/Logo/Logo.php on line 44
The logs are exactly the same. It seems that there is no log about this error.
Edit: I just updated to the latest version 1.0.12 that @joel-st released yesterday. The logs now look like this with Breez:
[18-Aug-2023 23:30:06 UTC] ["k1","signed","node_linking","message"] [18-Aug-2023 23:30:06 UTC] PHP Deprecated: Implicit conversion from float 157.44 to int loses precision in /home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/vendor/endroid/qr-code/src/Logo/Logo.php on line 44
joel-st
commented
1 year ago Thank you @Camboa for the information.
I have now hidden PHP warnings and errors in the callback function for LNURL Auth. Can you update the plugin and give feedback if the error still occurs?
And further, what are your values in your wp-config file for the following constants:
Thank you and enjoy sunday!
Camboa
commented
1 year ago @joel-st I have just installed the latest version. Unfortunately, the error still exists. Here are the logs:
[20-Aug-2023 15:48:08 UTC] ["k1","signed","node_linking","message"]
[20-Aug-2023 15:48:08 UTC] PHP Deprecated: Implicit conversion from float 157.44 to int loses precision in /home/customer/www/lightningcats.org/public_html/wp-content/plugins/lnurl-auth/vendor/endroid/qr-code/src/Logo/Logo.php on line 44These are the values in the wp-config file:
define( 'WP_DEBUG', true );
define( 'WP_DEBUG_DISPLAY', false );
define( 'WP_DEBUG_LOG', true );Thanks a lot for your help!
joel-st
commented
1 year ago Hey @JssDWt
The PHP errors are no longer output. Look at the endpoint now with the invalid signature. The issue still exists but this should no longer be the problem.
@Camboa each login attempt generates a transient with the corresponding key to sign. Transients are stored in the database table wp_options. Can you now test the following:
Open Wallet. You should get a link in this format: lightning:LNURL[...].https://lightningcats.org/wp-login.php?tag=login&k1=xyz&action=login.k1 variable.Open Wallet link from).wp_options table for the entry for the transient lnurl-auth-[k1]. the entry should contain a message. can you find any other clues there?You can also use the plugin Transient Manager to read the value of the transient directly in the admin area.
Thanks in advance and enjoy your day!
Camboa
commented
1 year ago @joel-st I logged in at 14:09
I found two entries in wp_options with the variable k1.
option_name: _transient_timeout_lnurl-auth-xyz
option_value: 1692792880option_name: _transient_lnurl-auth-xyz
option_value: a:4:{s:4:"time";s:19:"2023-08-23 12:09:40";s:6:"signed";b:0;s:7:"user_id";b:0;s:7:"message";b:0;}Does that help?
joel-st
commented
1 year ago @Camboa thanks for checking this out. unfortunately this does not help either :/
Since the obvious problem with the errors is fixed and the login works with other wallets, I can't help you at the moment. I will of course continue to try to locate the error. May take some time. Enjoy the day!
JssDWt
commented
1 year ago I checked the response that lightningcats returns for lnurl auth, by isolating the code from breez. The response body from the server is:
403 - Forbidden | Access to this page is forbidden.Let me know if you need more information.
joel-st
commented
1 year ago @JssDWt Thanks for the further investigation. This is the response from lightningcats after Breez sent the signed key?
@Camboa Which callback url did you enter in the plugin settings? Are you using any security plugin?
JssDWt
commented
1 year ago This is the response from lightningcats after Breez sent the signed key?
Yes, it's the response in the final call.
Camboa
commented
1 year ago Hello @joel-st I entered the default callback url as shown in your sample image. Of course with lightningcats.org. Yes, I am using a security plugin, but I disabled it and still the same problem.
It looks like the problem is on my end. So I will try to find a solution.
Thanks a lot for all your help!
Goosie
commented
1 year ago Just wondering if you find the solution, I have the same issues. After the installation of the LNURL out of the wordpress plugin, checked the option Enable registration in de plugin as well in the General option. When I logout and try to shoot the lighning QR code I get erros in Phoenix, Breez, Muun and Blue Wallet. I got erros like: In the Muun wallet: This is a valid LNURL, but not for this operation, please double check its source
The phoenix wallet gives: AUthentication failure. Details service returned an error
The breez wallet gives: Failed to login invalid character ' <'looking for beginning of value.
How could we solve this?
joel-st
commented
1 year ago Hey @Goosie & @Camboa
I'm still investigating.
Do you both host on Siteground?
There are occasions where this plugin returns a number in the response body, rather than a valid lnurl error response. This makes Breez unable to interpret the response. I'm not sure whether it's an issue with Breez or with the plugin.
Is there any server-side logging available for these errors? I assume it's returning a number in the body because an error occurred.