QR Code generation API for MFA disabled.

[adrielCarmo]

Steps to reproduce

1. Send email with initial Google Authenticator code to new user.
2. New user accesses the application and tries to generate the QR Code with the sent code.
3. QR Code is not generated (broken image).

Bug:

From what I investigated, the API used by Teampass for generating QR Codes (https://chart.googleapis.com/chart?) has been deprecated since 2012, and it appears to have been definitively deactivated:

All queries to the API return a 404 error. Support forums:

https://www.googlecloudcommunity.com/gc/AppSheet-Q-A/QR-Code-Generator-not-working/m-p/695918 https://groups.google.com/g/google-visualization-api/c/Pzzya6ed14g?pli=1

Expected behaviour

The QR code should be generated for the Google Authenticator configuration.

Actual behaviour

The QR Code is not generated, and the image appears broken.

Server configuration

Operating system: Debian GNU/Linux 12 (bookworm)

Web server: Server version: Apache/2.4.57 (Debian)

Database: mysql:5.7.43 (docker)

PHP version: PHP 8.2.7 (cli) (built: Jun 9 2023 19:37:27) (NTS)

Teampass version: version 3.0.5

Teampass configuration file:

<?php
global $SETTINGS;
$SETTINGS = array (
    'max_latest_items' => '10',
    'enable_favourites' => '1',
    'show_last_items' => '1',
    'enable_pf_feature' => '0',
    'log_connections' => '1',
    'log_accessed' => '1',
    'time_format' => 'H:i:s',
    'date_format' => 'd/m/Y',
    'duplicate_folder' => '0',
    'item_duplicate_in_same_folder' => '0',
    'duplicate_item' => '0',
    'number_of_used_pw' => '3',
    'manager_edit' => '1',
    'cpassman_dir' => '/var/www/html/teampass',
    'cpassman_url' => 'https://mysistem.com',
    'favicon' => 'https://mysistem.com/favicon-ufms.ico',
    'path_to_upload_folder' => '/var/www/html/teampass/upload',
    'path_to_files_folder' => '/var/www/html/teampass/files',
    'url_to_files_folder' => 'https://mysistem.com/files',
    'activate_expiration' => '0',
    'pw_life_duration' => '0',
    'maintenance_mode' => '0',
    'enable_sts' => '0',
    'encryptClientServer' => '1',
    'teampass_version' => '3.0.5',
    'ldap_mode' => '1',
    'ldap_type' => 'ActiveDirectory',
    'ldap_suffix' => '0',
    'ldap_domain_dn' => '0',
    'ldap_domain_controler' => '0',
    'ldap_user_attribute' => 'samaccountname',
    'ldap_ssl' => '0',
    'ldap_tls' => '0',
    'ldap_search_base' => '0',
    'ldap_port' => '389',
    'richtext' => '0',
    'allow_print' => '0',
    'roles_allowed_to_print' => '0',
    'show_description' => '1',
    'anyone_can_modify' => '0',
    'anyone_can_modify_bydefault' => '0',
    'nb_bad_authentication' => '0',
    'utf8_enabled' => '1',
    'restricted_to' => '0',
    'restricted_to_roles' => '0',
    'enable_send_email_on_user_login' => '0',
    'enable_user_can_create_folders' => '0',
    'insert_manual_entry_item_history' => '0',
    'enable_kb' => '0',
    'enable_email_notification_on_item_shown' => '0',
    'enable_email_notification_on_user_pw_change' => '0',
    'custom_logo' => 'https://mysistem.com/logo-azul.svg',
    'custom_login_text' => '',
    'default_language' => 'english',
    'send_stats' => '0',
    'send_statistics_items' => 'stat_country;stat_users;stat_items;stat_items_shared;stat_folders;stat_folders_shared;stat_admins;stat_managers;stat_ro;stat_mysqlversion;stat_phpversion;stat_teampassversion;stat_languages;stat_kb;stat_suggestion;stat_customfields;stat_api;stat_2fa;stat_agses;stat_duo;stat_ldap;stat_syslog;stat_stricthttps;stat_fav;stat_pf;',
    'send_stats_time' => '1696692680',
    'get_tp_info' => '1',
    'send_mail_on_user_login' => '0',
    'nb_items_by_query' => 'auto',
    'enable_delete_after_consultation' => '0',
    'enable_personal_saltkey_cookie' => '0',
    'personal_saltkey_cookie_duration' => '31',
    'email_smtp_server' => 'mysmtp',
    'email_smtp_auth' => '1',
    'email_auth_username' => 'user_mysmtp',
    'email_auth_pwd' => 'pass_mysmtp',
    'email_port' => '587',
    'email_security' => 'tls',
    'email_server_url' => '',
    'email_from' => 'teampass@mysistem.com',
    'email_from_name' => 'Teampass',
    'pwd_maximum_length' => '40',
    'google_authentication' => '1',
    'delay_item_edition' => '0',
    'allow_import' => '1',
    'proxy_ip' => '',
    'proxy_port' => '',
    'upload_maxfilesize' => '10mb',
    'upload_docext' => 'doc,docx,dotx,xls,xlsx,xltx,rtf,csv,txt,pdf,ppt,pptx,pot,dotx,xltx',
    'upload_imagesext' => 'jpg,jpeg,gif,png',
    'upload_pkgext' => '7z,rar,tar,zip,tar.gz',
    'upload_otherext' => 'sql,xml,pem,key,pub',
    'upload_imageresize_options' => '1',
    'upload_imageresize_width' => '800',
    'upload_imageresize_height' => '600',
    'upload_imageresize_quality' => '90',
    'use_md5_password_as_salt' => '0',
    'ga_website_name' => 'TeamPass',
    'api' => '0',
    'subfolder_rights_as_parent' => '0',
    'show_only_accessible_folders' => '0',
    'enable_suggestion' => '0',
    'otv_expiration_period' => '7',
    'default_session_expiration_time' => '60',
    'duo' => '0',
    'enable_server_password_change' => '0',
    'ldap_object_class' => '0',
    'bck_script_path' => '/var/www/html/teampass/backups',
    'bck_script_filename' => 'bck_teampass',
    'syslog_enable' => '0',
    'syslog_host' => 'localhost',
    'syslog_port' => '514',
    'manager_move_item' => '0',
    'create_item_without_password' => '0',
    'otv_is_enabled' => '0',
    'agses_authentication_enabled' => '0',
    'item_extra_fields' => '0',
    'saltkey_ante_2127' => 'none',
    'migration_to_2127' => 'done',
    'files_with_defuse' => 'done',
    'timezone' => 'America/Bahia',
    'enable_attachment_encryption' => '1',
    'personal_saltkey_security_level' => '50',
    'ldap_new_user_is_administrated_by' => '0',
    'disable_show_forgot_pwd_link' => '0',
    'offline_key_level' => '0',
    'enable_http_request_login' => '0',
    'ldap_and_local_authentication' => '1',
    'secure_display_image' => '1',
    'upload_zero_byte_file' => '1',
    'upload_all_extensions_file' => '1',
    'bck_script_passkey' => 'bkp_passkey',
    'admin_2fa_required' => '0',
    'password_overview_delay' => '4',
    'copy_to_clipboard_small_icons' => '1',
    'duo_ikey' => 'admin',
    'duo_skey' => '',
    'duo_host' => '',
    'duo_failmode' => 'secure',
    'roles_allowed_to_print_select' => '[1,2,3,4,5,6,7]',
    'clipboard_life_duration' => '30',
    'mfa_for_roles' => '[]',
    'tree_counters' => '0',
    'settings_offline_mode' => '0',
    'settings_tree_counters' => '0',
    'enable_massive_move_delete' => '0',
    'email_debug_level' => '3',
    'ga_reset_by_user' => '1',
    'onthefly-backup-key' => '',
    'onthefly-restore-key' => '',
    'ldap_user_dn_attribute' => 'distinguishedname',
    'ldap_dn_additional_user_dn' => 'OU=TE',
    'ldap_user_object_filter' => '(|(memberOf=CN=teampass-infra,OU=MY,DC=my,DC=domain,DC=com))',
    'ldap_bdn' => 'OU=MY,DC=my,DC=domain,DC=com',
    'ldap_hosts' => '192.168.1.10',
    'ldap_password' => 'mypassldap',
    'ldap_username' => 'CN=reader,DC=my,DC=domain,DC=com',
    'api_token_duration' => '60',
    'enable_tasks_manager' => '1',
    'task_maximum_run_time' => '300',
    'tasks_manager_refreshing_period' => '20',
    'maximum_number_of_items_to_treat' => '100',
    'ldap_tls_certifacte_check' => 'LDAP_OPT_X_TLS_NEVER',
    'enable_tasks_log' => '0',
    'upgrade_timestamp' => '1699284680',
    'enable_ad_users_with_ad_groups' => '0',
    'enable_ad_user_auto_creation' => '0',
    'ldap_group_object_filter' => '',
    'ldap_guid_attibute' => 'objectguid',
);

Updated from an older Teampass or fresh install: Fresh installation.

Client configuration

Browser: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36. MS Edge, Firefox, and Chrome are experiencing the issue.

Operating system: Windows 11 Pro

Logs

Web server error log

No significant errors are displayed in the web server log.

[Wed May 15 11:13:17.839618 2024] [php:warn] [pid 2102222] [client 10.212.134.41:51127] PHP Warning:  Undefined array key "id" in /var/www/html/teampass/sources/items.logs.php on line 110, referer: https://mysistem.com/index.php?page=items
[Wed May 15 11:13:17.839636 2024] [php:warn] [pid 2102222] [client 10.212.134.41:51127] PHP Warning:  Undefined array key "id" in /var/www/html/teampass/sources/items.logs.php on line 113, referer: https://mysistem.com/index.php?page=items

Log from the web-browser developer console (CTRL + SHIFT + i)

Failed to load resource: the server responded with a status of 404 (Not Found)
index.php:1680 Loading settings result:
index.php:1681 Object
index.php:2187 User starts auth
index.php:2671 Get 2FA Methods answer:
index.php:2672 {agses: false, google: true, yubico: false, duo: false}
index.php:2736 Data submitted to identifyUser:
index.php:2737 {GACode: 'EZuh9fJk7yFs', login: 'teste.teste', pw: 'p$RWRghssobci-x-', duree_session: '60', screenHeight: 713.656, …}
index.php:2758 Session existance check:
index.php:2759 {status: true}
index.php:2794 Identification answer:
index.php:2795 SESSION KEY is: Dv9985arACPMGqTpnj3Nfb7MgqCC3GmTvPdZM8Tp3mGXJ78Mxg
index.php:2796 {value: '', user_admin: 0, initial_url: '', pwd_attempts: 1, error: true, …}
index.php:2187 User starts auth
index.php:2671 Get 2FA Methods answer:
index.php:2672 {agses: false, google: true, yubico: false, duo: false}
index.php:2736 Data submitted to identifyUser:
index.php:2737 {GACode: 'EZuh9fJk7yFs', login: 'teste.teste', pw: 'uRKQgJQyfU3_V7Dx', duree_session: '60', screenHeight: 713.656, …}
index.php:2758 Session existance check:
index.php:2759 {status: true}
index.php:2794 Identification answer:
index.php:2795 SESSION KEY is: Dv9985arACPMGqTpnj3Nfb7MgqCC3GmTvPdZM8Tp3mGXJ78Mxg
index.php:2796 {value: '<img src="data:image/png;base64,PGh0bWw+PGJvZHk+PG…jQwNCBOb3QgRm91bmQ8L2gxPjwvYm9keT48L2h0bWw+Cg==">', user_admin: 0, initial_url: '', pwd_attempts: 2, error: false, …}error: falseinitial_url: ""message: "Flash this QR code with your mobile device, enter the 2Factor Authentication code and click `Enter` button."mfaStatus: "ga_temporary_code_correct"pwd_attempts: 2user_admin: 0value: "<img src=\"data:image/png;base64,PGh0bWw+PGJvZHk+PGgxPjQwNCBOb3QgRm91bmQ8L2gxPjwvYm9keT48L2h0bWw+Cg==\">"

[mAu888]

Upgrading to latest master solved this issue for me. But now I do have the problem that the temporary identification code email is not being sent. I can receive the test email without issues.