search

nilsteampassnet / TeamPass

Collaborative Passwords Manager
https://www.teampass.net
1.63k stars 532 forks source link

Dont show QR code for MFA registering #4115

Open NaumovAlexey opened 3 months ago

NaumovAlexey commented 3 months ago

Page on which it happened

Logon page

Steps to reproduce

  1. Enable MFA with google authenticator
  2. Send code to user (or user reset MFA by himself)
  3. Enter code in MFA field on logon screen
  4. Logon never ends

Expected behaviour

Should login to teampass an see QR code for MFA registration

Actual behaviour

Neverending logon image

Server configuration

Operating system: Linux teampass 5.15.0-88-generic #98-Ubuntu SMP Mon Oct 2 15:18:56 UTC 2023 x86_64

Web server: Apache/2.4.52 (Ubuntu)

Database: 8.0.36-0ubuntu0.22.04.1

PHP version: 8.1.2-1ubuntu2.14

Teampass version: 3.1.2

Teampass configuration file:

'max_latest_items' => '10',
'enable_favourites' => '1',
'show_last_items' => '1',
'enable_pf_feature' => '1',
'log_connections' => '1',
'log_accessed' => '1',
'time_format' => 'H:i:s',
'date_format' => 'd/m/Y',
'duplicate_folder' => '0',
'item_duplicate_in_same_folder' => '0',
'duplicate_item' => '0',
'number_of_used_pw' => '3',
'manager_edit' => '1',
'cpassman_dir' => '/var/www/html',
'cpassman_url' => 'https://<anonym_url>
'favicon' => 'https://<anonym_url>/favicon.ico',
'path_to_upload_folder' => '/var/www/html/upload',
'path_to_files_folder' => '/var/www/html/files',
'url_to_files_folder' => 'https://<anonym_url>/files',
'activate_expiration' => '0',
'pw_life_duration' => '0',
'maintenance_mode' => '0',
'enable_sts' => '0',
'encryptClientServer' => '1',
'teampass_version' => '3.1.2',
'ldap_mode' => '1',
'ldap_type' => 'ActiveDirectory',
'ldap_suffix' => '0',
'ldap_domain_dn' => '0',
'ldap_domain_controler' => '0',
'ldap_user_attribute' => 'samaccountname',
'ldap_ssl' => '1',
'ldap_tls' => '0',
'ldap_search_base' => '0',
'ldap_port' => '636',
'richtext' => '0',
'allow_print' => '0',
'roles_allowed_to_print' => '0',
'show_description' => '1',
'anyone_can_modify' => '0',
'anyone_can_modify_bydefault' => '0',
'nb_bad_authentication' => '0',
'utf8_enabled' => '1',
'restricted_to' => '0',
'restricted_to_roles' => '0',
'enable_send_email_on_user_login' => '0',
'enable_user_can_create_folders' => '1',
'insert_manual_entry_item_history' => '0',
'enable_kb' => '1',
'enable_email_notification_on_item_shown' => '0',
'enable_email_notification_on_user_pw_change' => '0',
'custom_logo' => '',
'custom_login_text' => '',
'default_language' => 'english',
'send_stats' => '0',
'send_statistics_items' => 'stat_country;stat_users;stat_items;stat_items_shared;stat_folders;stat_folders_shared;stat_admins;stat_managers;stat_ro;stat_mysqlversion;stat_phpversion;stat_teampassversion;stat_languages;stat_kb;stat_suggestion;stat_customfields;stat_api;stat_2fa;stat_agses;stat_duo;stat_ldap;stat_syslog;stat_stricthttps;stat_fav;stat_pf;',
'send_stats_time' => '1678706408',
'get_tp_info' => '1',
'send_mail_on_user_login' => '0',
'nb_items_by_query' => 'auto',
'enable_delete_after_consultation' => '0',
'enable_personal_saltkey_cookie' => '0',
'personal_saltkey_cookie_duration' => '31',
'email_smtp_server' => '<removed>'
'email_smtp_auth' => '',
'email_auth_username' => '<removed>'
'email_auth_pwd' => '<removed>'
'email_port' => '25',
'email_security' => 'tls',
'email_server_url' => '',
'email_from' => '<removed>'
'email_from' => '<removed>'
'pwd_maximum_length' => '40',
'google_authentication' => '1',
'delay_item_edition' => '0',
'allow_import' => '1',
'proxy_ip' => '<removed>'
'proxy_port' => '',
'upload_maxfilesize' => '10mb',
'upload_docext' => 'doc,docx,dotx,xls,xlsx,xltx,rtf,csv,txt,pdf,ppt,pptx,pot,dotx,xltx',
'upload_imagesext' => 'jpg,jpeg,gif,png',
'upload_pkgext' => '7z,rar,tar,zip',
'upload_otherext' => 'sql,xml',
'upload_imageresize_options' => '1',
'upload_imageresize_width' => '800',
'upload_imageresize_height' => '600',
'upload_imageresize_quality' => '90',
'use_md5_password_as_salt' => '0',
'ga_website_name' => 'TeamPass OTP',
'api' => '0',
'subfolder_rights_as_parent' => '1',
'show_only_accessible_folders' => '0',
'enable_suggestion' => '1',
'otv_expiration_period' => '7',
'default_session_expiration_time' => '60',
'duo' => '0',
'enable_server_password_change' => '0',
'ldap_object_class' => '0',
'bck_script_path' => '/var/www/html/backups',
'bck_script_filename' => '....',
'syslog_enable' => '0',
'syslog_host' => '<removed>'
'syslog_port' => '514',
'manager_move_item' => '0',
'create_item_without_password' => '1',
'otv_is_enabled' => '0',
'agses_authentication_enabled' => '0',
'item_extra_fields' => '0',
'saltkey_ante_2127' => 'none',
'migration_to_2127' => 'done',
'files_with_defuse' => 'done',
'timezone' => 'Europe/Moscow',
'enable_attachment_encryption' => '1',
'personal_saltkey_security_level' => '50',
'ldap_new_user_is_administrated_by' => '0',
'disable_show_forgot_pwd_link' => '1',
'offline_key_level' => '0',
'enable_http_request_login' => '0',
'ldap_and_local_authentication' => '1',
'secure_display_image' => '1',
'upload_zero_byte_file' => '0',
'upload_all_extensions_file' => '0',
'bck_script_passkey' => '<removed>'
'admin_2fa_required' => '0',
'password_overview_delay' => '4',
'copy_to_clipboard_small_icons' => '1',
'duo_ikey' => '<removed>'
'duo_skey' => '<removed>'
'duo_host' => '<removed>'
'duo_failmode' => 'secure',
'roles_allowed_to_print_select' => '',
'clipboard_life_duration' => '30',
'mfa_for_roles' => '',
'tree_counters' => '0',
'settings_offline_mode' => '0',
'settings_tree_counters' => '0',
'enable_massive_move_delete' => '0',
'email_debug_level' => '0',
'ga_reset_by_user' => '1',
'onthefly-backup-key' => '<removed>'
'onthefly-restore-key' => '<removed>'
'ldap_user_dn_attribute' => 'distinguishedname',
'ldap_dn_additional_user_dn' => '',
'ldap_user_object_filter' => '(objectCategory=Person)(sAMAccountName=*)(objectClass=Person)(memberof=',
'ldap_bdn' => 'DC=',
'ldap_hosts' => '<removed>'
'ldap_password' => '<removed>'
'ldap_username' => '....',
'api_token_duration' => '60',
'enable_tasks_manager' => '1',
'task_maximum_run_time' => '300',
'tasks_manager_refreshing_period' => '60',
'maximum_number_of_items_to_treat' => '100',
'ldap_tls_certifacte_check' => 'LDAP_OPT_X_TLS_TRY',
'enable_tasks_log' => '1',
'upgrade_timestamp' => '1711453976',
'enable_ad_users_with_ad_groups' => '1',
'enable_ad_user_auto_creation' => '0',
'ldap_group_object_filter' => '(objectClass=group)',
'ldap_guid_attibute' => 'objectguid',
'can_create_root_folder' => '1',
'sending_emails_job_frequency' => '2',
'user_keys_job_frequency' => '1',
'items_statistics_job_frequency' => '5',
'reload_cache_table_task' => 'hourly;00:03',
'rebuild_config_file' => '',
'purge_temporary_files_task' => 'daily;18:26',
'clean_orphan_objects_task' => 'hourly;18:25',
'users_personal_folder_task' => 'hourly;00:04',
'rebuild_config_file_task' => 'hourly;00:05',
'maximum_session_expiration_time' => '240',
'items_ops_job_frequency' => '1',
'enable_refresh_task_last_execution' => '0',
'ldap_group_objectclasses_attibute' => 'top,groupofuniquenames',
'pwd_default_length' => '14',
'tasks_log_retention_delay' => '3650',

Updated from an older Teampass or fresh install:

Client configuration

Browser: -

Operating system: - bits

Logs

Web server error log

[Tue Mar 26 15:26:47.419292 2024] [proxy_fcgi:error] [pid 13806] [client IP:61611] AH01071: Got error 'PHP message: PHP Fatal error:  Uncaught TypeError: RobThree\\Auth\\Providers\\Qr\\QRServerProvider::getQRCodeImage(): Return value must be of type string, bool returned in /var/www/html/vendor/robthree/twofactorauth/lib/Providers/Qr/QRServerProvider.php:36\nStack trace:\n#0 /var/www/html/vendor/robthree/twofactorauth/lib/TwoFactorAuth.php(120): RobThree\\Auth\\Providers\\Qr\\QRServerProvider->getQRCodeImage()\n#1 /var/www/html/sources/identify.php(1646): RobThree\\Auth\\TwoFactorAuth->getQRCodeImageAsDataUri()\n#2 /var/www/html/sources/identify.php(2316): googleMFACheck()\n#3 /var/www/html/sources/identify.php(401): identifyDoMFAChecks()\n#4 /var/www/html/sources/identify.php(162): identifyUser()\n#5 /var/www/html/sources/identify.php(194): handleAuthAttempts()\n#6 {main}\n  thrown in /var/www/html/vendor/robthree/twofactorauth/lib/Providers/Qr/QRServerProvider.php on line 36', referer: https://teampass/index.php

Teampass 10 last system errors

Log from the web-browser developer console (CTRL + SHIFT + i)

Insert the log here and especially the answer of the query that failed.
riharvey414 commented 2 months ago

I'm getting the same error :

PHP Log [29-Apr-2024 09:18:44 America/New_York] PHP Fatal error: Uncaught TypeError: RobThree\Auth\Providers\Qr\QRServerProvider::getQRCodeImage(): Return value must be of type string, false returned in /var/www/html/teampass/vendor/robthree/twofactorauth/lib/Providers/Qr/QRServerProvider.php:36 Stack trace:

0 /var/www/html/teampass/vendor/robthree/twofactorauth/lib/TwoFactorAuth.php(120): RobThree\Auth\Providers\Qr\QRServerProvider->getQRCodeImage()

1 /var/www/html/teampass/sources/identify.php(1659): RobThree\Auth\TwoFactorAuth->getQRCodeImageAsDataUri()

2 /var/www/html/teampass/sources/identify.php(2377): googleMFACheck()

3 /var/www/html/teampass/sources/identify.php(355): identifyDoMFAChecks()

4 /var/www/html/teampass/sources/identify.php(130): identifyUser()

5 {main}

thrown in /var/www/html/teampass/vendor/robthree/twofactorauth/lib/Providers/Qr/QRServerProvider.php on line 36

Chrome Error:

image

TP Version : 3.1.0.11 PHP Version : 8.3.6

riharvey414 commented 2 months ago

Any resolution to this?

carlosllb commented 2 months ago

I copied the previus version of the folder as a workaround but after I update to the latest version, I detected many bugs that I'm trying to solve changing old file versions.

Kyogre commented 1 month ago

Have got POST /sources/identify.php HTTP/1.1" 500 5 ... internal server error too.

For me the problem was VM that have no access to internet. Discussed in #4169