search

nextcloud / twofactor_totp

🔑 Second factor TOTP (RFC 6238) provider for Nextcloud
https://apps.nextcloud.com/apps/twofactor_totp
GNU Affero General Public License v3.0
288 stars 56 forks source link

app not working - Cannot verify key with docker image #861

Open ynuyasha opened 4 years ago

ynuyasha commented 4 years ago

Steps to reproduce

  1. install docker nextcloud 18.0.3-apache
  2. install TOTP from application page
  3. login with admin user
  4. scan qrcode with google authenticator
  5. verify code

Expected behaviour

I can enable totp for user admin

Actual behaviour

Verify key fail and i can't enable TOTP for user admin

Server configuration

Operating system: Docker image 18.0.3-apache on Ubuntu 18.04 LTS Web server: apache Database: sqlite PHP version: included on docker image Version: (see admin page) 18.0.3 Updated from an older version or fresh install: fresh install List of activated apps:

Enabled:
  - accessibility: 1.4.0
  - activity: 2.11.0
  - cloud_federation_api: 1.1.0
  - comments: 1.8.0
  - dav: 1.14.0
  - federatedfilesharing: 1.8.0
  - federation: 1.8.0
  - files: 1.13.1
  - files_markdown: 2.2.0
  - files_pdfviewer: 1.7.0
  - files_rightclick: 0.15.2
  - files_sharing: 1.10.1
  - files_trashbin: 1.8.0
  - files_versions: 1.11.0
  - files_videoplayer: 1.7.0
  - firstrunwizard: 2.7.0
  - groupfolders: 6.0.5
  - logreader: 2.3.0
  - lookup_server_connector: 1.6.0
  - nextcloud_announcements: 1.7.0
  - notifications: 2.6.0
  - oauth2: 1.6.0
  - password_policy: 1.8.0
  - photos: 1.0.0
  - privacy: 1.2.0
  - provisioning_api: 1.8.0
  - recommendations: 0.6.0
  - serverinfo: 1.8.0
  - settings: 1.0.0
  - support: 1.1.0
  - survey_client: 1.6.0
  - systemtags: 1.8.0
  - text: 2.0.0
  - theming: 1.9.0
  - twofactor_backupcodes: 1.7.0
  - twofactor_gateway: 0.15.1
  - twofactor_totp: 4.1.3
  - updatenotification: 1.8.0
  - viewer: 1.2.0
  - workflowengine: 2.0.0
Disabled:
  - admin_audit
  - encryption
  - files_external
  - sharebymail
  - user_ldap

The content of config/config.php:

{
    "system": {
        "htaccess.RewriteBase": "\/",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "apps_paths": [
            {
                "path": "\/var\/www\/html\/apps",
                "url": "\/apps",
                "writable": false
            },
            {
                "path": "\/var\/www\/html\/custom_apps",
                "url": "\/custom_apps",
                "writable": true
            }
        ],
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "localhost",
            "share.domain.tld"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "sqlite3",
        "version": "18.0.3.0",
        "overwrite.cli.url": "http:\/\/localhost",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "ldapIgnoreNamingRules": false,
        "ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory",
        "skeletondirectory": {
            "": ""
        }
    }
}

Client configuration

Browser: Chrome latest Operating system: windows 10 Pro

Logs

Web server error log
Insert your webserver log here
Server log (data/nextcloud.log)
Insert your server log here
Browser log
Insert your browser log here, this could for example include:

a) The javascript console log
b) The network log
ChristophWurst commented 4 years ago

Are your phone and server clocks in sync?

hype11 commented 3 years ago

I have the same problem. I use the newest docker image, but TOTP enabling doesn't work. The client clock and the server clock had a difference of 5 minutes, but I read another issue with the same problem. There they suggest to sync the clocks und so I done it. But the error is still there. I have this javascript error at loading the settings page: nextcloud_firefox_error

But I don't think this error has anything to do with this problem.

ChristophWurst commented 3 years ago

This error is from the unsplash app.

hype11 commented 3 years ago

Ok, I uninstall the Splash App and the error is gone in the settings page. But the problem with TOTP activating is still there

ChristophWurst commented 3 years ago

you can try looking into nextcloud.log or inspecting the HTTP requests when you try to verify the TOTP

hype11 commented 3 years ago

OK, I restartet my browser and open the developer tools to save the http requests. Now it all works fine. I think after syncing the clock, you must refresh the session to not run into this error again.