Can't get plugin it to run - need help please

[pauLee]

Hello,

I'm not a web developer, so I was asking if the installation of the plugin could be described in a bit more detail?

What I have done so far:

I installed the plugin and updated the duo_auth.conf with the keys from Duo Admin Panel. But this is where it ends for me :(

What is the post install script? Where can I find my php.ini in Roundcube (I can't find any)? I don't see the plugin as activated in the Roundcube About dialog --> Installed Plugins. Is this normal?

It would be great to get a little more help. Thanks a lot in advance!

[leonardomarino]

Hi @pauLee could you please provide details about your environment? (linux?, php version, etc.) Please send the output of $ composer require "lmr/duo_auth:^1.0.9"

Best, Leonardo

[pauLee]

Hello @leonardomarino, thank you very much for your reply and sorry for the lag of information.

I'am running Roundcube 1.6.4 on a shared Webhoster (All-inkl.com) with SSH-access to my webspace. PHP version is 8.2.9.

This is the output (without any errors):

./composer.json has been updated Running composer update lmr/duo_auth Loading composer repositories with package information Updating dependencies Nothing to modify in lock file Installing dependencies from lock file (including require-dev) Nothing to install, update or remove Generating autoload files 39 packages you are using are looking for funding. Use the composer fund command to find out more! No security vulnerability advisories found

Kind regards.

[pauLee]

small update: I did a uninstall/remove of one of my plugins in RC with composer (composer remove boressoft/ident_switch)

and I got an error on the commandline: ERROR: No plugin class duo_auth found in /www/htdocs/XXXXXX/webmail/plugins/duo_auth/duo_auth.php

Why does it appear in a complete different composer operation?

[leonardomarino]

Looks like the duo_auth plugin should be there /www/htdocs/XXXXXX/webmail/plugins/duo_auth/ Can you confirm the presence of duo_auth in the /plugins/duo_auth?

The location of your php configuration file is likely: /etc/php/8.2/apache2/php.ini

Please see: https://support.testrail.com/hc/en-us/articles/7146363428372-Running-Phpinfo-diagnostics

[pauLee]

Yes, the plugin is there:

drwxr-xr-x 2 ssh-XXXXXXX XXXXXXX 4,0K Jun 17 10:58 bin -rw-r--r-- 1 ssh-XXXXXXX XXXXXXX 1,4K Jun 17 10:58 composer.json -rw-r--r-- 1 ssh-XXXXXXX XXXXXXX 2,3K Okt 31 16:28 duo_auth.conf -rw-r--r-- 1 ssh-XXXXXXX XXXXXXX 3,8K Jun 17 10:58 duo_auth.php -rw-r--r-- 1 ssh-XXXXXXX XXXXXXX 2,1K Jun 17 10:58 README.md

I did a run to get phpinfo-diagnostic. What kind of informations do you need?

[leonardomarino]

Loaded Configuration File. (run locate php.ini to see where the configuration files are). Make sure is the php in use by the Web server (Apache?).

Modify your PHP config file (php.ini) as follows: session.save_handler = files

session.save_path = "/var/lib/php/sessions"

[pauLee]

I'am on a shared webhosting platform (all-inkl.com) and I don't have access to the php.ini But there is a way to modify it indirectly - just create a ".user.ini" and do your changes in there ... and so I did. After adding this two lines I can not login anymore. In the logs I see the following error:

[02-Nov-2023 20:01:20 +0100]: PHP Error: No plugin class duo_auth found in /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php in /www/htdocs/w1234567/webmail/program/lib/Roundcube/rcube_plugin_api.php on line 210 (POST /?_task=login&_action=login)
[02-Nov-2023 20:01:20 Europe/Berlin] PHP Warning:  session_start(): open(/var/lib/php/sessions/sess_d128fb9939eb1eab0933f19e8ec4b8be, O_RDWR) failed: Permission denied (13) in /www/htdocs/w1234567/webmail/program/lib/Roundcube/rcube_session.php on line 141
[02-Nov-2023 20:01:20 Europe/Berlin] PHP Warning:  session_start(): Failed to read session data: files (path: /var/lib/php/sessions) in /www/htdocs/w1234567/webmail/program/lib/Roundcube/rcube_session.php on line 141

I tried to google the class not found error and found this: https://php-download.com/package/lmr/duo_auth/file/duo_auth.php But I'am not sure if this can solve this problem?

[leonardomarino]

Hi @pauLee, could you please do a head duo_auth.php for /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php?

The file should read:

`# define new class plugin inside RoundCube Plugin App environment (RoundCube API SDK)

class duo_auth extends rcube_plugin {

##########`

[pauLee]

I did the head directly in the duo-plugin directory:

ssh-w1234567@dd12345:/www/htdocs/w1234567/webmail/plugins/duo_auth$ head duo_auth.php
<?php

# import namespace\class for use Duo Web v4 SDK (Software Development Kit) - Duo Universal Prompt from composer ./vendor/duosecurity/duo_universal_php/src/Client.php & DuoException.php
   use \Duo\DuoUniversal\Client;
   use \Duo\DuoUniversal\DuoException;
##########

# define new class plugin inside RoundCube Plugin App environment (RoundCube API SDK)
   class duo_sdk extends rcube_plugin {
##########

[leonardomarino]

Could you please update the duo plugin as follows:

composer require "lmr/duo_auth:dev-master"

[pauLee]

Hi Leonardo,

thank you for your patience and help!

I did the update and removed the two lines from php.ini (resp. ".user.ini") and now I came a huge step forward.

I get the DUO-2FA request on my phone but after entering the code I get forwarded to:

https://mydomain.com/your_page_name_blocking_access_while_2FA_not_approved.htm Your current user session don't have valid authorized token (second factor) from your authenticator application Please, provide your own personal code (second factor) from your authenticator application for access application resource.

It seems for my the plugin thinks I entered an invalid code. But I see a "success" shortly after entering the code and in my DUO-Admin panel I see "Access granted".

I only configured now the /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.conf with the data provided from DUO-Admin panel.

I had to remove the line, otherwise I don't get the DUO prompt: session.save_path = "/var/lib/php/sessions"

Did I miss something else?

[leonardomarino]

Hi @pauLee is your rc_path in the duo_auth.conf file correct? Could you please check your error logs , both in roundcube (/www/htdocs/w1234567/webmail/logs/errors.log) and apache or the Web server running?

[pauLee]

Hi Leonardo,

my RC installation is accessible as webmail.mydomain.com and it`s in a folder named "webmail" at my hosters server (subdomain starts there). So I have set the path as "rc_path = "/"", but I also tried "rc_path = "/webmail/"" and "rc_path = "/www/htdocs/w12347/webmail/""

This is what the log tells me: (I masked some entries with XXXX - I was not sure if this is sensitive data)

[08-Nov-2023 17:14:27 +0100]: <7456ffbf> PHP Error: Failed to load config from /www/htdocs/w1234567/webmail/plugins/authres_status/config.inc.php in /www/htdocs/w1234567/webmail/program/lib/Roundcube/rcube_plugin.php on line 166 (GET /index.php?state=XXXXXXXXXXXXXXXXXXX&duo_code=XXXXXXXXXXXXXXXXXXXX)
[08-Nov-2023 17:14:27 Europe/Berlin] PHP Warning:  parse_ini_file(duo.conf): Failed to open stream: No such file or directory in /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php on line 105
[08-Nov-2023 17:14:27 Europe/Berlin] PHP Warning:  Trying to access array offset on value of type bool in /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php on line 109
[08-Nov-2023 17:14:27 Europe/Berlin] PHP Warning:  Trying to access array offset on value of type null in /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php on line 109

[leonardomarino]

Hi @pauLee, the PHP error is coming from /www/htdocs/w1234567/webmail/plugins/authres_status/config.inc.php not the duo plugin. Please check that file. Use "rc_path = "/webmail/". Can you try to make authres_status inactive while you test the duo plugin? You can inactivate it manually in /www/htdocs/w1234567/webmail/config/config.inc.php under the PLUGINS section.

[pauLee]

I have disabled the plugin but the error still remains:

And yes, I have set the path now to "rc_path = "/webmail/""

[09-Nov-2023 00:32:56 Europe/Berlin] PHP Warning:  parse_ini_file(duo.conf): Failed to open stream: No such file or directory in /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php on line 105
[09-Nov-2023 00:33:13 Europe/Berlin] PHP Warning:  parse_ini_file(duo.conf): Failed to open stream: No such file or directory in /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php on line 105
[09-Nov-2023 00:33:13 Europe/Berlin] PHP Warning:  Trying to access array offset on value of type bool in /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php on line 109
[09-Nov-2023 00:33:13 Europe/Berlin] PHP Warning:  Trying to access array offset on value of type null in /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php on line 109

[leonardomarino]

Hi @pauLee, I recognize there warnings:

`[09-Nov-2023 00:32:56 Europe/Berlin] PHP Warning: parse_ini_file(duo.conf): Failed to open stream: No such file or directory in /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php on line 105

[09-Nov-2023 00:33:13 Europe/Berlin] PHP Warning: parse_ini_file(duo.conf): Failed to open stream: No such file or directory in /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php on line 105`

The other lines I do not. Please confirm that you have both:

your_page_name_blocking_access_while_2FA_not_approved.htm your_page_name_redirect.php

in the /www/htdocs/w1234567/webmail/ directory.

[pauLee]

Yes, I can confirm that both files are there. Do I have to rename them according to my domain?

[Costenslayer]

so im having the same issue reading line 105 in duo_auth.php it mentions duo.conf i asumned that was the config file and made a symbolic link between them and now the error log is clear however after duo prompt has been granted i am redirected to the your_page_name_redirect.php page that renders blank if i refresh the page i get redirrected to the your_page_name_blocking_access page im running php 8.1 and roundcube 1.6.5

[leonardomarino]

No, keep the file names unchanged. @Pavlo-Lyha do you know how the user is getting this warning? `[09-Nov-2023 00:33:13 Europe/Berlin] PHP Warning: Trying to access array offset on value of type bool in /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php on line 109

[09-Nov-2023 00:33:13 Europe/Berlin] PHP Warning: Trying to access array offset on value of type null in /www/htdocs/w1234567/webmail/plugins/duo_auth/duo_auth.php on line 109`

[pauLee]

Hello Leonardo, do you have any idea how we can solve this problem? Is there anythink I can test?

[leonardomarino]

Hi @pauLee, I am running PHP 7.4. Please test using https://packages.sury.org/php I am not getting the warning shown above and things are fine if you follow the README

[pauLee]

I changed to PHP 7.4 but I get this error´when starting my Roundcube:

Composer detected issues in your platform: Your Composer dependencies require a PHP version ">= 8.1.0".

Until now I couldn't find any plugin which requires PHP 8.1

[leonardomarino]

Can you try with php8.1?

On November 23, 2023 10:50:03 AM EST, tomcek @.***> wrote:

I changed to PHP 7.4 but I get this error´when starting my Roundcube:

Composer detected issues in your platform: Your Composer dependencies require a PHP version ">= 8.1.0".

Until now I couldn't find any plugin which requires PHP 8.1

-- Reply to this email directly or view it on GitHub: https://github.com/leonardomarino/duo_auth/issues/8#issuecomment-1824645829 You are receiving this because you were mentioned.

Message ID: @.***>

[pauLee]

I tried 8.1 but the error remains.

[pauLee]

Hello Leonardo,

I'am running RC 1.6.6 now and I tried again your plugin. I need to run PHP version 8.1.0 or higher, otherwise composer reports dependencies.

Do you have any idea since then?

[leonardomarino]

Hi @pauLee, I am sorry to report that I don't have a solution for this at the moment.

[pauLee]

No worries about. I look to the future and hope that you will come up with a brilliant idea at some point. :)