search

nextcloud / twofactor_webauthn

WebAuthn Two-Factor Provider for Nextcloud
https://apps.nextcloud.com/apps/twofactor_webauthn
GNU Affero General Public License v3.0
49 stars 7 forks source link

FIDO-1 U2F device doesn't work #198

Open Brianetta opened 2 years ago

Brianetta commented 2 years ago

Steps to reproduce

  1. Login to Nextcloud
  2. Select webauthn because it has deprecated U2F
  3. Insert U2F key (FIDO version 1)

Expected behaviour

Tell us what should happen Key flashes, pressing button authenticates

Actual behaviour

Tell us what happens instead Key flashes, pressing button is ignored and login screen continues to prompt Same key works to authenticate to GitHub, and worked with U2F twofactor app

Server configuration

Operating system: Ubuntu 20.04.3 LTS (GNU/Linux 5.4.167-237 armv7l)

Web server: Server version: Apache/2.4.41 (Ubuntu)

Database: mysql 10.3.34

PHP version:

Version: 7.4.3

Memory limit: 512 MB Max execution time: 3600 Upload max size: 2 MB Extensions: Core, date, libxml, openssl, pcre, zlib, filter, hash, Reflection, SPL, session, standard, sodium, apache2handler, mysqlnd, PDO, xml, apcu, bcmath, calendar, ctype, curl, dom, mbstring, FFI, fileinfo, ftp, gd, gettext, gmp, iconv, imagick, intl, json, exif, mysqli, pdo_mysql, apc, posix, readline, shmop, SimpleXML, sockets, sysvmsg, sysvsem, sysvshm, tokenizer, xmlreader, xmlwriter, xsl, zip, Phar, Zend OPcache

Version: (see admin page) Nextcloud 24.0.1, webauthn 0.3.1

Updated from an older version or fresh install: Both updated from older versions

List of activated apps:

  - accessibility: 1.10.0
  - activity: 2.16.0
  - apporder: 0.15.0
  - audioplayer: 3.3.0
  - calendar: 3.3.2
  - circles: 24.0.0
  - cloud_federation_api: 1.7.0
  - comments: 1.14.0
  - contacts: 4.1.1
  - contactsinteraction: 1.5.0
  - dav: 1.22.0
  - external: 4.0.0
  - federatedfilesharing: 1.14.0
  - federation: 1.14.0
  - files: 1.19.0
  - files_external: 1.16.1
  - files_pdfviewer: 2.5.0
  - files_rightclick: 1.3.0
  - files_sharing: 1.16.2
  - files_trashbin: 1.14.0
  - files_versions: 1.17.0
  - files_videoplayer: 1.13.0
  - fileslibreofficeedit: 1.0.4
  - firstrunwizard: 2.13.0
  - keeweb: 0.6.9
  - logreader: 2.9.0
  - lookup_server_connector: 1.12.0
  - maps: 0.1.10
  - nextcloud_announcements: 1.13.0
  - notifications: 2.12.0
  - oauth2: 1.12.0
  - password_policy: 1.14.0
  - photos: 1.6.0
  - privacy: 1.8.0
  - provisioning_api: 1.14.0
  - serverinfo: 1.14.0
  - settings: 1.6.0
  - sharebymail: 1.14.0
  - spreed: 14.0.2
  - support: 1.7.0
  - survey_client: 1.12.0
  - systemtags: 1.14.0
  - text: 3.5.1
  - theming: 1.15.0
  - twofactor_backupcodes: 1.13.0
  - twofactor_nextcloud_notification: 3.4.0
  - twofactor_totp: 6.4.0
  - twofactor_webauthn: 0.3.1
  - updatenotification: 1.14.0
  - user_status: 1.4.0
  - viewer: 1.8.0
  - weather_status: 1.4.0
  - workflowengine: 2.6.0
Disabled:
  - admin_audit
  - dashboard: 7.0.0
  - encryption
  - recommendations: 0.4.0
  - twofactor_u2f: 6.3.1
  - user_ldap

The content of config/config.php:

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "overwrite.cli.url": "https:\/\/lothen.ppcis.org\/nextcloud",
        "htaccess.RewriteBase": "\/nextcloud",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "lothen.ppcis.org"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "24.0.1.1",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "mail_smtpmode": "smtp",
        "mail_smtpauthtype": "LOGIN",
        "mail_smtpsecure": "tls",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "587",
        "mail_smtpauth": 1,
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "mysql.utf8mb4": true,
        "maintenance": false,
        "simpleSignUpLink.shown": false,
        "theme": "",
        "loglevel": 2,
        "updater.release.channel": "stable",
        "app_install_overwrite": [
            "external",
            "keeweb",
            "radio",
            "files_reader",
            "files_ebookreader",
            "twofactor_webauthn",
            "apporder"
        ],
        "trashbin_retention_obligation": "auto, 7",
        "default_phone_region": "GB"
    },
    "apps": {
        "accessibility": {
            "enabled": "yes",
            "installed_version": "1.10.0",
            "types": ""
        },
        "activity": {
            "enabled": "yes",
            "installed_version": "2.16.0",
            "types": "filesystem"
        },
        "apporder": {
            "enabled": "yes",
            "installed_version": "0.15.0",
            "types": ""
        },
        "audioplayer": {
            "enabled": "yes",
            "installed_version": "3.3.0",
            "sonos": "",
            "types": "filesystem"
        },
        "backgroundjob": {
            "lastjob": "90"
        },
        "calendar": {
            "enabled": "yes",
            "installed_version": "3.3.2",
            "types": ""
        },
        "circles": {
            "enabled": "yes",
            "installed_version": "24.0.0",
            "loopback_tmp_path": "\/nextcloud",
            "loopback_tmp_scheme": "https",
            "maintenance_run": "0",
            "maintenance_update": "{\"maximum\":3,\"3\":1655467203,\"2\":1655470803,\"1\":1655470803,\"4\":1655431204,\"5\":1654916405}",
            "migration_22": "1",
            "migration_22_1": "1",
            "migration_run": "0",
            "types": "filesystem,dav"
        },
        "cloud_federation_api": {
            "enabled": "yes",
            "installed_version": "1.7.0",
            "types": "filesystem"
        },
        "comments": {
            "enabled": "yes",
            "installed_version": "1.14.0",
            "types": "logging"
        },
        "contacts": {
            "enabled": "yes",
            "installed_version": "4.1.1",
            "types": "dav"
        },
        "contactsinteraction": {
            "enabled": "yes",
            "installed_version": "1.5.0",
            "types": "dav"
        },
        "core": {
            "backgroundjobs_mode": "cron",
            "enterpriseLogoChecked": "yes",
            "installedat": "1531518755.717",
            "lastcron": "1655470803",
            "lastupdateResult": "[]",
            "lastupdatedat": "1655470415",
            "moveavatarsdone": "yes",
            "oc.integritycheck.checker": "[]",
            "previewsCleanedUp": "1",
            "public_files": "files_sharing\/public.php",
            "public_webdav": "dav\/appinfo\/v1\/publicwebdav.php",
            "scss.variables": "da8425c29745be2618fc27ef48bb2724",
            "theming.variables": "bcb91698d0a6e2f826c7fed852804cb9",
            "updater.secret.created": "1626206656",
            "vendor": "nextcloud"
        },
        "dashboard": {
            "enabled": "no",
            "installed_version": "7.0.0",
            "types": ""
        },
        "dav": {
            "buildCalendarReminderIndex": "yes",
            "buildCalendarSearchIndex": "yes",
            "chunks_migrated": "1",
            "enabled": "yes",
            "installed_version": "1.22.0",
            "regeneratedBirthdayCalendarsForYearFix": "yes",
            "types": "filesystem"
        },
        "deck": {
            "enabled": "no",
            "installed_version": "0.4.1",
            "types": ""
        },
        "external": {
            "enabled": "yes",
            "installed_version": "4.0.0",
            "max_site": "6",
            "sites": "***REMOVED SENSITIVE VALUE***",
            "types": ""
        },
        "federatedfilesharing": {
            "enabled": "yes",
            "installed_version": "1.14.0",
            "types": ""
        },
        "federation": {
            "enabled": "yes",
            "installed_version": "1.14.0",
            "types": "authentication"
        },
        "files": {
            "cronjob_scan_files": "500",
            "enabled": "yes",
            "installed_version": "1.19.0",
            "types": "filesystem"
        },
        "files_ebookreader": {
            "enabled": "no",
            "installed_version": "0.0.1",
            "types": ""
        },
        "files_external": {
            "enabled": "yes",
            "installed_version": "1.16.1",
            "types": "filesystem",
            "user_mounting_backends": "ftp,dav,owncloud,sftp,amazons3,swift,smb,\\OC\\Files\\Storage\\SFTP_Key,\\OC\\Files\\Storage\\SMB_OC"
        },
        "files_markdown": {
            "enabled": "no",
            "installed_version": "2.1.0",
            "types": ""
        },
        "files_pdfviewer": {
            "enabled": "yes",
            "installed_version": "2.5.0",
            "types": ""
        },
        "files_reader": {
            "enabled": "no",
            "installed_version": "1.2.3",
            "types": "filesystem"
        },
        "files_rightclick": {
            "enabled": "yes",
            "installed_version": "1.3.0",
            "types": ""
        },
        "files_sharing": {
            "enabled": "yes",
            "incoming_server2server_group_share_enabled": "yes",
            "installed_version": "1.16.2",
            "lookupServerEnabled": "yes",
            "outgoing_server2server_group_share_enabled": "yes",
            "types": "filesystem"
        },
        "files_texteditor": {
            "enabled": "no",
            "installed_version": "2.8.0",
            "types": ""
        },
        "files_trashbin": {
            "enabled": "yes",
            "installed_version": "1.14.0",
            "types": "filesystem,dav"
        },
        "files_versions": {
            "enabled": "yes",
            "installed_version": "1.17.0",
            "types": "filesystem,dav"
        },
        "files_videoplayer": {
            "enabled": "yes",
            "installed_version": "1.13.0",
            "types": ""
        },
        "fileslibreofficeedit": {
            "enabled": "yes",
            "installed_version": "1.0.4",
            "types": ""
        },
        "firstrunwizard": {
            "enabled": "yes",
            "installed_version": "2.13.0",
            "types": "logging"
        },
        "gallery": {
            "enabled": "no",
            "installed_version": "18.4.0",
            "types": ""
        },
        "keeweb": {
            "enabled": "yes",
            "installed_version": "0.6.9",
            "types": ""
        },
        "logreader": {
            "enabled": "yes",
            "installed_version": "2.9.0",
            "types": ""
        },
        "lookup_server_connector": {
            "enabled": "yes",
            "installed_version": "1.12.0",
            "types": "authentication"
        },
        "mail": {
            "enabled": "no",
            "installed_version": "1.4.0",
            "types": ""
        },
        "maps": {
            "enabled": "yes",
            "installed_version": "0.1.10",
            "types": "filesystem"
        },
        "music": {
            "enabled": "no",
            "installed_version": "0.9.1",
            "ocsid": "164319",
            "types": "filesystem"
        },
        "news": {
            "autoPurgeCount": "200",
            "autoPurgeMinimumInterval": "60",
            "enabled": "no",
            "exploreUrl": "",
            "feedFetcherTimeout": "60",
            "installed_version": "15.4.5",
            "maxRedirects": "10",
            "types": "",
            "updateInterval": "3600",
            "useCronUpdates": "1"
        },
        "nextcloud_announcements": {
            "enabled": "yes",
            "installed_version": "1.13.0",
            "pub_date": "Thu, 24 Oct 2019 00:00:00 +0200",
            "types": "logging"
        },
        "notifications": {
            "enabled": "yes",
            "installed_version": "2.12.0",
            "types": "logging"
        },
        "oauth2": {
            "enabled": "yes",
            "installed_version": "1.12.0",
            "types": "authentication"
        },
        "password_policy": {
            "enabled": "yes",
            "enforceHaveIBeenPwned": "1",
            "enforceNonCommonPassword": "1",
            "installed_version": "1.14.0",
            "types": "authentication"
        },
        "photos": {
            "enabled": "yes",
            "installed_version": "1.6.0",
            "types": ""
        },
        "privacy": {
            "enabled": "yes",
            "fullDiskEncryptionEnabled": "1",
            "installed_version": "1.8.0",
            "readableLocation": "gb",
            "types": ""
        },
        "provisioning_api": {
            "enabled": "yes",
            "installed_version": "1.14.0",
            "types": "prevent_group_restriction"
        },
        "radio": {
            "enabled": "no",
            "installed_version": "0.6.6",
            "types": ""
        },
        "recommendations": {
            "enabled": "no",
            "installed_version": "0.4.0",
            "types": ""
        },
        "richdocuments": {
            "disable_certificate_verification": "",
            "enabled": "no",
            "installed_version": "3.7.11",
            "types": "filesystem,dav,prevent_group_restriction",
            "wopi_url": "https:\/\/collabora.ppcis.org"
        },
        "serverinfo": {
            "cached_count_filecache": "129225",
            "cached_count_storages": "24",
            "enabled": "yes",
            "installed_version": "1.14.0",
            "types": ""
        },
        "settings": {
            "enabled": "yes",
            "installed_version": "1.6.0",
            "types": ""
        },
        "sharebymail": {
            "enabled": "yes",
            "installed_version": "1.14.0",
            "types": "filesystem"
        },
        "spreed": {
            "enabled": "yes",
            "has_reference_id": "yes",
            "installed_version": "14.0.2",
            "project_access_invalidated": "1",
            "signaling_ticket_secret": "***REMOVED SENSITIVE VALUE***",
            "stun_servers": "***REMOVED SENSITIVE VALUE***",
            "types": "dav,prevent_group_restriction"
        },
        "support": {
            "SwitchUpdaterServerHasRun": "yes",
            "enabled": "yes",
            "installed_version": "1.7.0",
            "types": "session"
        },
        "survey_client": {
            "enabled": "yes",
            "installed_version": "1.12.0",
            "last_report": "{\"id\":\"occobvzgo5ib\",\"items\":[[\"server\",\"version\",\"23.0.4.1\"],[\"server\",\"code\",\"other\"],[\"server\",\"enable_avatars\",\"yes\"],[\"server\",\"enable_previews\",\"yes\"],[\"server\",\"memcache.local\",\"\\\\OC\\\\Memcache\\\\APCu\"],[\"server\",\"memcache.distributed\",\"none\"],[\"server\",\"asset-pipeline.enabled\",\"no\"],[\"server\",\"filelocking.enabled\",\"yes\"],[\"server\",\"memcache.locking\",\"none\"],[\"server\",\"debug\",\"no\"],[\"server\",\"cron\",\"cron\"],[\"php\",\"version\",\"7.4.3\"],[\"php\",\"memory_limit\",-1],[\"php\",\"max_execution_time\",0],[\"php\",\"upload_max_filesize\",2097152],[\"database\",\"type\",\"mysql\"],[\"database\",\"version\",\"10.3.34\"],[\"database\",\"size\",239484928],[\"apps\",\"accessibility\",\"1.9.0\"],[\"apps\",\"activity\",\"2.15.0\"],[\"apps\",\"apporder\",\"0.15.0\"],[\"apps\",\"audioplayer\",\"3.3.0\"],[\"apps\",\"calendar\",\"3.3.1\"],[\"apps\",\"circles\",\"23.1.1\"],[\"apps\",\"cloud_federation_api\",\"1.6.0\"],[\"apps\",\"comments\",\"1.13.0\"],[\"apps\",\"contacts\",\"4.1.1\"],[\"apps\",\"contactsinteraction\",\"1.4.0\"],[\"apps\",\"dashboard\",\"disabled\"],[\"apps\",\"dav\",\"1.21.0\"],[\"apps\",\"deck\",\"disabled\"],[\"apps\",\"external\",\"3.10.2\"],[\"apps\",\"federatedfilesharing\",\"1.13.0\"],[\"apps\",\"federation\",\"1.13.0\"],[\"apps\",\"files\",\"1.18.0\"],[\"apps\",\"files_ebookreader\",\"disabled\"],[\"apps\",\"files_external\",\"1.15.0\"],[\"apps\",\"files_markdown\",\"disabled\"],[\"apps\",\"files_pdfviewer\",\"2.4.0\"],[\"apps\",\"files_reader\",\"disabled\"],[\"apps\",\"files_rightclick\",\"1.2.0\"],[\"apps\",\"files_sharing\",\"1.15.0\"],[\"apps\",\"files_texteditor\",\"disabled\"],[\"apps\",\"files_trashbin\",\"1.13.0\"],[\"apps\",\"files_versions\",\"1.16.0\"],[\"apps\",\"files_videoplayer\",\"1.12.0\"],[\"apps\",\"fileslibreofficeedit\",\"1.0.4\"],[\"apps\",\"firstrunwizard\",\"2.12.0\"],[\"apps\",\"gallery\",\"disabled\"],[\"apps\",\"keeweb\",\"0.6.9\"],[\"apps\",\"logreader\",\"2.8.0\"],[\"apps\",\"lookup_server_connector\",\"1.11.0\"],[\"apps\",\"mail\",\"disabled\"],[\"apps\",\"maps\",\"0.1.10\"],[\"apps\",\"music\",\"disabled\"],[\"apps\",\"news\",\"disabled\"],[\"apps\",\"nextcloud_announcements\",\"1.12.0\"],[\"apps\",\"notifications\",\"2.11.1\"],[\"apps\",\"oauth2\",\"1.11.0\"],[\"apps\",\"password_policy\",\"1.13.0\"],[\"apps\",\"photos\",\"1.5.0\"],[\"apps\",\"privacy\",\"1.7.0\"],[\"apps\",\"provisioning_api\",\"1.13.0\"],[\"apps\",\"radio\",\"disabled\"],[\"apps\",\"recommendations\",\"disabled\"],[\"apps\",\"richdocuments\",\"disabled\"],[\"apps\",\"serverinfo\",\"1.13.0\"],[\"apps\",\"settings\",\"1.5.0\"],[\"apps\",\"sharebymail\",\"1.13.0\"],[\"apps\",\"spreed\",\"13.0.5\"],[\"apps\",\"support\",\"1.6.0\"],[\"apps\",\"survey_client\",\"1.11.0\"],[\"apps\",\"systemtags\",\"1.13.0\"],[\"apps\",\"text\",\"3.4.1\"],[\"apps\",\"theming\",\"1.14.0\"],[\"apps\",\"twofactor_backupcodes\",\"1.12.0\"],[\"apps\",\"twofactor_nextcloud_notification\",\"3.4.0\"],[\"apps\",\"twofactor_totp\",\"6.3.0\"],[\"apps\",\"twofactor_u2f\",\"6.3.0\"],[\"apps\",\"twofactor_webauthn\",\"0.3.1\"],[\"apps\",\"updatenotification\",\"1.13.0\"],[\"apps\",\"user_external\",\"disabled\"],[\"apps\",\"user_status\",\"1.3.1\"],[\"apps\",\"viewer\",\"1.7.0\"],[\"apps\",\"weather_status\",\"1.3.0\"],[\"apps\",\"workflowengine\",\"2.5.0\"],[\"stats\",\"num_files\",151262],[\"stats\",\"num_users\",6],[\"stats\",\"num_storages\",24],[\"stats\",\"num_storages_local\",4],[\"stats\",\"num_storages_home\",7],[\"stats\",\"num_storages_other\",13],[\"stats\",\"num_comments\",104],[\"stats\",\"num_comment_markers\",0],[\"stats\",\"num_systemtags\",0],[\"stats\",\"num_systemtags_mappings\",0],[\"files_sharing\",\"num_shares\",44],[\"files_sharing\",\"num_shares_user\",20],[\"files_sharing\",\"num_shares_groups\",0],[\"files_sharing\",\"num_shares_link\",21],[\"files_sharing\",\"num_shares_link_no_password\",21],[\"files_sharing\",\"num_fed_shares_sent\",0],[\"files_sharing\",\"num_fed_shares_received\",0],[\"files_sharing\",\"permissions_0_1\",\"2\"],[\"files_sharing\",\"permissions_3_1\",\"12\"],[\"files_sharing\",\"permissions_4_1\",\"1\"],[\"files_sharing\",\"permissions_0_3\",\"1\"],[\"files_sharing\",\"permissions_0_17\",\"7\"],[\"files_sharing\",\"permissions_3_17\",\"8\"],[\"files_sharing\",\"permissions_4_17\",\"2\"],[\"files_sharing\",\"permissions_0_19\",\"6\"],[\"files_sharing\",\"permissions_3_19\",\"1\"],[\"files_sharing\",\"permissions_0_31\",\"4\"],[\"encryption\",\"enabled\",\"no\"],[\"encryption\",\"default_module\",\"no\"]]}",
            "last_sent": "1654385405",
            "types": ""
        },
        "systemtags": {
            "enabled": "yes",
            "installed_version": "1.14.0",
            "types": "logging"
        },
        "text": {
            "enabled": "yes",
            "installed_version": "3.5.1",
            "types": "dav",
            "workspace_available": "0"
        },
        "theming": {
            "cachebuster": "8",
            "enabled": "yes",
            "installed_version": "1.15.0",
            "name": "The Ronalds",
            "slogan": "***REMOVED SENSITIVE VALUE***",
            "types": "logging",
            "url": "***REMOVED SENSITIVE VALUE***"
        },
        "twofactor_backupcodes": {
            "enabled": "yes",
            "installed_version": "1.13.0",
            "types": ""
        },
        "twofactor_nextcloud_notification": {
            "enabled": "yes",
            "installed_version": "3.4.0",
            "types": ""
        },
        "twofactor_totp": {
            "enabled": "yes",
            "installed_version": "6.4.0",
            "types": ""
        },
        "twofactor_u2f": {
            "enabled": "no",
            "installed_version": "6.3.1",
            "types": ""
        },
        "twofactor_webauthn": {
            "enabled": "yes",
            "installed_version": "0.3.1",
            "types": ""
        },
        "updatenotification": {
            "apporder": "0.15.0",
            "audioplayer": "3.3.0",
            "calendar": "3.3.2",
            "contacts": "4.1.1",
            "core": "24.0.1.1",
            "deck": "0.4.1",
            "enabled": "yes",
            "external": "3.8.2",
            "files_markdown": "2.1.0",
            "files_rightclick": "0.15.0",
            "installed_version": "1.14.0",
            "keeweb": "0.6.9",
            "mail": "1.3.5",
            "maps": "0.1.10",
            "music": "0.9.1",
            "news": "16.0.0",
            "radio": "0.6.6",
            "richdocuments": "3.7.10",
            "spreed": "13.0.6",
            "twofactor_totp": "6.4.0",
            "twofactor_u2f": "6.3.1",
            "twofactor_webauthn": "0.3.1",
            "types": "",
            "update_check_errors": "0"
        },
        "user_external": {
            "enabled": "no",
            "installed_version": "0.5.1",
            "types": "prelogin,authentication"
        },
        "user_status": {
            "enabled": "yes",
            "installed_version": "1.4.0",
            "types": ""
        },
        "viewer": {
            "enabled": "yes",
            "installed_version": "1.8.0",
            "types": ""
        },
        "weather_status": {
            "enabled": "yes",
            "installed_version": "1.4.0",
            "types": ""
        },
        "workflowengine": {
            "enabled": "yes",
            "installed_version": "2.6.0",
            "types": "filesystem"
        }
    }
}

Client configuration

Browser: Firefox 101.0.1

Operating system: Ubuntu 20.04

Logs

Web server error log
Server log (data/nextcloud.log)
On request, in private, if required.
Brianetta commented 2 years ago

The same key can't be registered using the webauthn app. The same symptoms - it's more or less ignored, until I press cancel.