search

pondersource / nextcloud-mfa-awareness

Make Nextcloud aware of whether the current user is logged in with Multi-Factor Authentication
MIT License
0 stars 2 forks source link

Step-up Auth R&D #69

Closed mrvahedi68 closed 10 months ago

mrvahedi68 commented 1 year ago

I need to know the expected behavior of this feature. you can explain it by an example I think. @michielbdejong @thepeak99

mrvahedi68 commented 12 months ago

As you know after enabling Tow factor authentication user can not login without it. So I developed something and describe it below:

If users try to use our MFAZones without MFA verification we will show them this dialog:

Screen Shot 1402-04-20 at 00 38 20

If user select OK will redirected to Two factor authentication section in the settings.

Screen Shot 1402-04-20 at 00 38 36

mrvahedi68 commented 10 months ago

start working again on it to make two scenarios ready for demo.

mrvahedi68 commented 10 months ago

When use $twoFactorManager->prepareTwoFactorLogin($user, false); inside the app, after login if don't have access tokens will fail to login with following error:

    {"reqId":"4hNqeUsmVw5tPTHHb3VL","level":3,"time":"2023-09-04T22:01:28+00:00","remoteAddr":"172.19.0.2","user":"--","app":"index","method":"POST","url":"/index.php/login","message":"Token does not exist: token does not exist","userAgent":"Mozilla/5.0 (X11; Linux x86_64; rv:84.0) Gecko/20100101 Firefox/84.0","version":"28.0.0.2","exception":{"Exception":"OC\\Authentication\\Exceptions\\InvalidTokenException","Message":"Token does not exist: token does not exist","Code":0,"Trace":[{"file":"/var/www/html/lib/private/Authentication/Token/Manager.php","line":133,"function":"getToken","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/lib/private/Authentication/TwoFactorAuth/Manager.php","line":380,"function":"getToken","class":"OC\\Authentication\\Token\\Manager","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/apps/mfazones/lib/AppInfo/Application.php","line":59,"function":"prepareTwoFactorLogin","class":"OC\\Authentication\\TwoFactorAuth\\Manager","type":"->"},{"file":"/var/www/html/3rdparty/symfony/event-dispatcher/EventDispatcher.php","line":251,"function":"OCA\\mfazones\\AppInfo\\{closure}","class":"OCA\\mfazones\\AppInfo\\Application","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/3rdparty/symfony/event-dispatcher/EventDispatcher.php","line":73,"function":"callListeners","class":"Symfony\\Component\\EventDispatcher\\EventDispatcher","type":"->"},{"file":"/var/www/html/lib/private/EventDispatcher/EventDispatcher.php","line":94,"function":"dispatch","class":"Symfony\\Component\\EventDispatcher\\EventDispatcher","type":"->"},{"file":"/var/www/html/lib/private/EventDispatcher/EventDispatcher.php","line":106,"function":"dispatch","class":"OC\\EventDispatcher\\EventDispatcher","type":"->"},{"file":"/var/www/html/lib/private/Server.php","line":563,"function":"dispatchTyped","class":"OC\\EventDispatcher\\EventDispatcher","type":"->"},{"function":"OC\\{closure}","class":"OC\\Server","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/lib/private/Hooks/EmitterTrait.php","line":105,"function":"call_user_func_array"},{"file":"/var/www/html/lib/private/Hooks/PublicEmitter.php","line":40,"function":"emit","class":"OC\\Hooks\\BasicEmitter","type":"->"},{"file":"/var/www/html/lib/private/Authentication/Login/PreLoginHookCommand.php","line":47,"function":"emit","class":"OC\\Hooks\\PublicEmitter","type":"->"},{"file":"/var/www/html/lib/private/Authentication/Login/Chain.php","line":107,"function":"process","class":"OC\\Authentication\\Login\\PreLoginHookCommand","type":"->"},{"file":"/var/www/html/core/Controller/LoginController.php","line":306,"function":"process","class":"OC\\Authentication\\Login\\Chain","type":"->"},{"file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","line":230,"function":"tryLogin","class":"OC\\Core\\Controller\\LoginController","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","line":137,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/html/lib/private/AppFramework/App.php","line":184,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/html/lib/private/Route/Router.php","line":315,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/var/www/html/lib/base.php","line":1071,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/html/index.php","line":37,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/html/lib/private/Authentication/Token/PublicKeyTokenProvider.php","Line":163,"Previous":{"Exception":"OCP\\AppFramework\\Db\\DoesNotExistException","Message":"token does not exist","Code":0,"Trace":[{"file":"/var/www/html/lib/private/Authentication/Token/PublicKeyTokenProvider.php","line":172,"function":"getToken","class":"OC\\Authentication\\Token\\PublicKeyTokenMapper","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/lib/private/Authentication/Token/Manager.php","line":133,"function":"getToken","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/lib/private/User/Session.php","line":635,"function":"getToken","class":"OC\\Authentication\\Token\\Manager","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/lib/private/User/Session.php","line":834,"function":"loginWithToken","class":"OC\\User\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/lib/base.php","line":1144,"function":"tryTokenLogin","class":"OC\\User\\Session","type":"->"},{"file":"/var/www/html/lib/base.php","line":1060,"function":"handleLogin","class":"OC","type":"::"},{"file":"/var/www/html/index.php","line":37,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/html/lib/private/Authentication/Token/PublicKeyTokenMapper.php","Line":98},"message":"Token does not exist: token does not exist","exception":{"xdebug_message":"<tr><th align='left' bgcolor='#f57900' colspan=\"5\"><span style='background-color: #cc0000; color: #fce94f; font-size: x-large;'>( ! )</span> OC\\Authentication\\Exceptions\\InvalidTokenException: Token does not exist: token does not exist in /var/www/html/lib/private/Authentication/Token/PublicKeyTokenProvider.php on line <i>163</i></th></tr>\n<tr><th align='left' bgcolor='#e9b96e' colspan='5'>Call Stack</th></tr>\n<tr><th align='center' bgcolor='#eeeeec'>#</th><th align='left' bgcolor='#eeeeec'>Time</th><th align='left' bgcolor='#eeeeec'>Memory</th><th align='left' bgcolor='#eeeeec'>Function</th><th align='left' bgcolor='#eeeeec'>Location</th></tr>\n<tr><td bgcolor='#eeeeec' align='center'>1</td><td bgcolor='#eeeeec' align='center'>0.0001</td><td bgcolor='#eeeeec' align='right'>365272</td><td bgcolor='#eeeeec'>{main}(  )</td><td title='/var/www/html/index.php' bgcolor='#eeeeec'>.../index.php<b>:</b>0</td></tr>\n<tr><td bgcolor='#eeeeec' align='center'>2</td><td bgcolor='#eeeeec' align='center'>0.0283</td><td bgcolor='#eeeeec' align='right'>2310688</td><td bgcolor='#eeeeec'>OC::handleRequest(  )</td><td title='/var/www/html/index.php' bgcolor='#eeeeec'>.../index.php<b>:</b>37</td></tr>\n<tr><td bgcolor='#eeeeec' align='center'>3</td><td bgcolor='#eeeeec' align='center'>0.0586</td><td bgcolor='#eeeeec' align='right'>2751904</td><td bgcolor='#eeeeec'>OC\\Route\\Router->match( <span>$url = </span><span>&#39;/login&#39;</span> )</td><td title='/var/www/html/lib/base.php' bgcolor='#eeeeec'>.../base.php<b>:</b>1071</td></tr>\n<tr><td bgcolor='#eeeeec' align='center'>4</td><td bgcolor='#eeeeec' align='center'>0.0702</td><td bgcolor='#eeeeec' align='right'>3789032</td><td bgcolor='#eeeeec'>OC\\AppFramework\\App::main( <span>$controllerName = </span><span>&#39;LoginController&#39;</span>, <span>$methodName = </span><span>&#39;tryLogin&#39;</span>, <span>$container = </span><span>class OC\\AppFramework\\DependencyInjection\\DIContainer { private ${OC\\AppFramework\\Utility\\SimpleContainer}container = class Pimple\\Container { private $values = [...]; private $factories = class SplObjectStorage { ... }; private $protected = class SplObjectStorage { ... }; private $frozen = [...]; private $raw = [...]; private $keys = [...] }; private string $appName = &#39;core&#39;; private $middleWares = []; private $server = class OC\\Server { private ${OC\\AppFramework\\Utility\\SimpleContainer}container = class Pimple\\Container { ... }; protected $appContainers = [...]; protected $hasNoAppContainer = [...]; protected $namespaces = [...]; private $webRoot = &#39;&#39; } }</span>, <span>$urlParams = </span><span>[&#39;_route&#39; =&gt; &#39;core.login.tryLogin&#39;]</span> )</td><td title='/var/www/html/lib/private/Route/Router.php' bgcolor='#eeeeec'>.../Router.php<b>:</b>315</td></tr>\n<tr><td bgcolor='#eeeeec' align='center'>5</td><td bgcolor='#eeeeec' align='center'>0.0777</td><td bgcolor='#eeeeec' align='right'>3839856</td><td bgcolor='#eeeeec'>OC\\AppFramework\\Http\\Dispatcher->dispatch( <span>$controller = </span><span>class OC\\Core\\Controller\\LoginController { protected $appName = &#39;core&#39;; protected $request = class OC\\AppFramework\\Http\\Request { protected string $inputStream = &#39;php://input&#39;; protected $content = NULL; protected array $items = [...]; protected array $allowedKeys = [...]; protected OCP\\IRequestId $requestId = class OC\\AppFramework\\Http\\RequestId { ... }; protected OCP\\IConfig $config = class OC\\AllConfig { ... }; protected ?OC\\Security\\CSRF\\CsrfTokenManager $csrfTokenManager = class OC\\Security\\CSRF\\CsrfTokenManager { ... }; protected bool $contentDecoded = TRUE }; private ${OCP\\AppFramework\\Controller}responders = [&#39;json&#39; =&gt; class Closure { virtual $closure = &quot;$this-&gt;OCP\\AppFramework\\{closure}&quot;, ... }]; private OCP\\IUserManager $userManager = class OC\\User\\Manager { protected $listeners = [...]; private $backends = [...]; private $cachedUsers = [...]; private $config = class OC\\AllConfig { ... }; private $cache = class OC\\Memcache\\WithLocalCache { ... }; private $eventDispatcher = class OC\\EventDispatcher\\EventDispatcher { ... }; private OC\\User\\DisplayNameCache $displayNameCache = class OC\\User\\DisplayNameCache { ... } }; private OCP\\IConfig $config = class OC\\AllConfig { private OC\\SystemConfig $systemConfig = class OC\\SystemConfig { ... }; private ?OCP\\IDBConnection $connection = NULL; private OCP\\Cache\\CappedMemoryCache $userCache = class OCP\\Cache\\CappedMemoryCache { ... } }; private OCP\\ISession $session = class OC\\Session\\CryptoSessionData { protected $session = class OC\\Session\\Internal { ... }; protected $crypto = class OC\\Security\\Crypto { ... }; protected $passphrase = &#39;Enc/yQwTkAv+F1q04OjOgNaYVtfcuwyUutu/vs4P61G88b1JOciKWPWkF9GODmfaRPdeE7vvy7a+oqF+WIDFb19zTG8z6ToROKBGRu2NfUnoSweRmg3biQ/U4+RjVTx4&#39;; protected $sessionValues = [...]; protected $isModified = FALSE }; private OC\\User\\Session $userSession = class OC\\User\\Session { private $manager = class OC\\User\\Manager { ... }; private $session = class OC\\Session\\CryptoSessionData { ... }; private $timeFactory = class OC\\AppFramework\\Utility\\TimeFactory { ... }; private $tokenProvider = class OC\\Authentication\\Token\\Manager { ... }; private $config = class OC\\AllConfig { ... }; protected $activeUser = NULL; private $random = class OC\\Security\\SecureRandom { ... }; private $lockdownManager = class OC\\Lockdown\\LockdownManager { ... }; private Psr\\Log\\LoggerInterface $logger = class OC\\Log\\PsrLoggerAdapter { ... }; private $dispatcher = class OC\\EventDispatcher\\EventDispatcher { ... } }; private OCP\\IURLGenerator $urlGenerator = class OC\\URLGenerator { private $config = class OC\\AllConfig { ... }; public $userSession = class OC\\User\\Session { ... }; private $cacheFactory = class OC\\Memcache\\Factory { ... }; private $request = class OC\\AppFramework\\Http\\Request { ... }; private $router = class OC\\Route\\Router { ... }; private $baseUrl = NULL; private ?OCP\\App\\IAppManager $appManager = NULL }; private OCP\\Defaults $defaults = class OCP\\Defaults { private $defaults = class OCA\\Theming\\ThemingDefaults { ... } }; private OCP\\Security\\Bruteforce\\IThrottler $throttler = class OC\\Security\\Bruteforce\\Throttler { private array $hasAttemptsDeleted = [...]; private array $ipIsWhitelisted = [...]; private OCP\\AppFramework\\Utility\\ITimeFactory $timeFactory = class OC\\AppFramework\\Utility\\TimeFactory { ... }; private Psr\\Log\\LoggerInterface $logger = class OC\\Log\\PsrLoggerAdapter { ... }; private OCP\\IConfig $config = class OC\\AllConfig { ... }; private OC\\Security\\Bruteforce\\Backend\\IBackend $backend = class OC\\Security\\Bruteforce\\Backend\\DatabaseBackend { ... } }; private OCP\\IInitialStateService $initialStateService = class OC\\InitialStateService { private $logger = class OC\\Log\\PsrLoggerAdapter { ... }; private $states = [...]; private $lazyStates = [...]; private $bootstrapCoordinator = class OC\\AppFramework\\Bootstrap\\Coordinator { ... }; private $container = class OC\\Server { ... } }; private OC\\Authentication\\WebAuthn\\Manager $webAuthnManager = class OC\\Authentication\\WebAuthn\\Manager { private $repository = class OC\\Authentication\\WebAuthn\\CredentialRepository { ... }; private $credentialMapper = class OC\\Authentication\\WebAuthn\\Db\\PublicKeyCredentialMapper { ... }; private $logger = class OC\\Log\\PsrLoggerAdapter { ... }; private $config = class OC\\AllConfig { ... } }; private OCP\\Notification\\IManager $manager = class OC\\Notification\\Manager { protected $validator = class OC\\RichObjectStrings\\Validator { ... }; private $userManager = class OC\\User\\Manager { ... }; protected $cache = class OC\\Memcache\\NullCache { ... }; protected $subscription = class OC\\Support\\Subscription\\Registry { ... }; protected $logger = class OC\\Log\\PsrLoggerAdapter { ... }; private $coordinator = class OC\\AppFramework\\Bootstrap\\Coordinator { ... }; protected $apps = [...]; protected $appClasses = [...]; protected $notifiers = [...]; protected $notifierClasses = [...]; protected $preparingPushNotification = FALSE; protected $deferPushing = FALSE; private $parsedRegistrationContext = FALSE }; private OCP\\IL10N $l10n = class OC\\L10N\\LazyL10N { private $l = NULL; private $factory = class Closure { virtual $closure = &quot;$this-&gt;OC\\L10N\\{closure}&quot;, ... } } }</span>, <span>$methodName = </span><span>&#39;tryLogin&#39;</span> )</td><td title='/var/www/html/lib/private/AppFramework/App.php' bgcolor='#eeeeec'>.../App.php<b>:</b>184</td></tr>\n<tr><td bgcolor='#eeeeec' align='center'>6</td><td bgcolor='#eeeeec' align='center'>0.0844</td><td bgcolor='#eeeeec' align='right'>3942056</td><td bgcolor='#eeeeec'>OC\\AppFramework\\Middleware\\MiddlewareDispatcher->afterException( <span>$controller = </span><span>class OC\\Core\\Controller\\LoginController { protected $appName = &#39;core&#39;; protected $request = class OC\\AppFramework\\Http\\Request { protected string $inputStream = &#39;php://input&#39;; protected $content = NULL; protected array $items = [...]; protected array $allowedKeys = [...]; protected OCP\\IRequestId $requestId = class OC\\AppFramework\\Http\\RequestId { ... }; protected OCP\\IConfig $config = class OC\\AllConfig { ... }; protected ?OC\\Security\\CSRF\\CsrfTokenManager $csrfTokenManager = class OC\\Security\\CSRF\\CsrfTokenManager { ... }; protected bool $contentDecoded = TRUE }; private ${OCP\\AppFramework\\Controller}responders = [&#39;json&#39; =&gt; class Closure { virtual $closure = &quot;$this-&gt;OCP\\AppFramework\\{closure}&quot;, ... }]; private OCP\\IUserManager $userManager = class OC\\User\\Manager { protected $listeners = [...]; private $backends = [...]; private $cachedUsers = [...]; private $config = class OC\\AllConfig { ... }; private $cache = class OC\\Memcache\\WithLocalCache { ... }; private $eventDispatcher = class OC\\EventDispatcher\\EventDispatcher { ... }; private OC\\User\\DisplayNameCache $displayNameCache = class OC\\User\\DisplayNameCache { ... } }; private OCP\\IConfig $config = class OC\\AllConfig { private OC\\SystemConfig $systemConfig = class OC\\SystemConfig { ... }; private ?OCP\\IDBConnection $connection = NULL; private OCP\\Cache\\CappedMemoryCache $userCache = class OCP\\Cache\\CappedMemoryCache { ... } }; private OCP\\ISession $session = class OC\\Session\\CryptoSessionData { protected $session = class OC\\Session\\Internal { ... }; protected $crypto = class OC\\Security\\Crypto { ... }; protected $passphrase = &#39;Enc/yQwTkAv+F1q04OjOgNaYVtfcuwyUutu/vs4P61G88b1JOciKWPWkF9GODmfaRPdeE7vvy7a+oqF+WIDFb19zTG8z6ToROKBGRu2NfUnoSweRmg3biQ/U4+RjVTx4&#39;; protected $sessionValues = [...]; protected $isModified = FALSE }; private OC\\User\\Session $userSession = class OC\\User\\Session { private $manager = class OC\\User\\Manager { ... }; private $session = class OC\\Session\\CryptoSessionData { ... }; private $timeFactory = class OC\\AppFramework\\Utility\\TimeFactory { ... }; private $tokenProvider = class OC\\Authentication\\Token\\Manager { ... }; private $config = class OC\\AllConfig { ... }; protected $activeUser = NULL; private $random = class OC\\Security\\SecureRandom { ... }; private $lockdownManager = class OC\\Lockdown\\LockdownManager { ... }; private Psr\\Log\\LoggerInterface $logger = class OC\\Log\\PsrLoggerAdapter { ... }; private $dispatcher = class OC\\EventDispatcher\\EventDispatcher { ... } }; private OCP\\IURLGenerator $urlGenerator = class OC\\URLGenerator { private $config = class OC\\AllConfig { ... }; public $userSession = class OC\\User\\Session { ... }; private $cacheFactory = class OC\\Memcache\\Factory { ... }; private $request = class OC\\AppFramework\\Http\\Request { ... }; private $router = class OC\\Route\\Router { ... }; private $baseUrl = NULL; private ?OCP\\App\\IAppManager $appManager = NULL }; private OCP\\Defaults $defaults = class OCP\\Defaults { private $defaults = class OCA\\Theming\\ThemingDefaults { ... } }; private OCP\\Security\\Bruteforce\\IThrottler $throttler = class OC\\Security\\Bruteforce\\Throttler { private array $hasAttemptsDeleted = [...]; private array $ipIsWhitelisted = [...]; private OCP\\AppFramework\\Utility\\ITimeFactory $timeFactory = class OC\\AppFramework\\Utility\\TimeFactory { ... }; private Psr\\Log\\LoggerInterface $logger = class OC\\Log\\PsrLoggerAdapter { ... }; private OCP\\IConfig $config = class OC\\AllConfig { ... }; private OC\\Security\\Bruteforce\\Backend\\IBackend $backend = class OC\\Security\\Bruteforce\\Backend\\DatabaseBackend { ... } }; private OCP\\IInitialStateService $initialStateService = class OC\\InitialStateService { private $logger = class OC\\Log\\PsrLoggerAdapter { ... }; private $states = [...]; private $lazyStates = [...]; private $bootstrapCoordinator = class OC\\AppFramework\\Bootstrap\\Coordinator { ... }; private $container = class OC\\Server { ... } }; private OC\\Authentication\\WebAuthn\\Manager $webAuthnManager = class OC\\Authentication\\WebAuthn\\Manager { private $repository = class OC\\Authentication\\WebAuthn\\CredentialRepository { ... }; private $credentialMapper = class OC\\Authentication\\WebAuthn\\Db\\PublicKeyCredentialMapper { ... }; private $logger = class OC\\Log\\PsrLoggerAdapter { ... }; private $config = class OC\\AllConfig { ... } }; private OCP\\Notification\\IManager $manager = class OC\\Notification\\Manager { protected $validator = class OC\\RichObjectStrings\\Validator { ... }; private $userManager = class OC\\User\\Manager { ... }; protected $cache = class OC\\Memcache\\NullCache { ... }; protected $subscription = class OC\\Support\\Subscription\\Registry { ... }; protected $logger = class OC\\Log\\PsrLoggerAdapter { ... }; private $coordinator = class OC\\AppFramework\\Bootstrap\\Coordinator { ... }; protected $apps = [...]; protected $appClasses = [...]; protected $notifiers = [...]; protected $notifierClasses = [...]; protected $preparingPushNotification = FALSE; protected $deferPushing = FALSE; private $parsedRegistrationContext = FALSE }; private OCP\\IL10N $l10n = class OC\\L10N\\LazyL10N { private $l = NULL; private $factory = class Closure { virtual $closure = &quot;$this-&gt;OC\\L10N\\{closure}&quot;, ... } } }</span>, <span>$methodName = </span><span>&#39;tryLogin&#39;</span>, <span>$exception = </span><span>class OC\\Authentication\\Exceptions\\InvalidTokenException { protected $message = &#39;Token does not exist: token does not exist&#39;; private string ${Exception}string = &#39;&#39;; protected $code = 0; protected string $file = &#39;/var/www/html/lib/private/Authentication/Token/PublicKeyTokenProvider.php&#39;; protected int $line = 163; private array ${Exception}trace = [0 =&gt; [...], 1 =&gt; [...], 2 =&gt; [...], 3 =&gt; [...], 4 =&gt; [...], 5 =&gt; [...], 6 =&gt; [...], 7 =&gt; [...], 8 =&gt; [...], 9 =&gt; [...], 10 =&gt; [...], 11 =&gt; [...], 12 =&gt; [...], 13 =&gt; [...], 14 =&gt; [...], 15 =&gt; [...], 16 =&gt; [...], 17 =&gt; [...], 18 =&gt; [...], 19 =&gt; [...]]; private ?Throwable ${Exception}previous = class OCP\\AppFramework\\Db\\DoesNotExistException { protected $message = &#39;token does not exist&#39;; private string ${Exception}string = &#39;&#39;; protected $code = 0; protected string $file = &#39;/var/www/html/lib/private/Authentication/Token/PublicKeyTokenMapper.php&#39;; protected int $line = 98; private array ${Exception}trace = [...]; private ?Throwable ${Exception}previous = NULL; public $xdebug_message = &#39;&lt;tr&gt;&lt;th align=\\&#39;left\\&#39; bgcolor=\\&#39;#f57900\\&#39; colspan=&quot;5&quot;&gt;&lt;span style=\\&#39;background-color: #cc0000; color: #fce94f; font-size: x-large;\\&#39;&gt;( ! )&lt;/span&gt; OCP\\\\AppFramework\\\\Db\\\\DoesNotExistException: token does not exist in /var/www/html/lib/private/Authentication/Token/PublicKeyTokenMapper.php on line &lt;i&gt;98&lt;/i&gt;&lt;/th&gt;&lt;/tr&gt;\\n&lt;tr&gt;&lt;th align=\\&#39;left\\&#39; bgcolor=\\&#39;#e9b96e\\&#39; colspan=\\&#39;5\\&#39;&gt;Call Stack&lt;/th&gt;&lt;/tr&gt;\\n&lt;tr&gt;&lt;th align=\\&#39;center\\&#39; bgcolor=\\&#39;#eeeeec\\&#39;&gt;#&lt;/th&gt;&lt;th align=\\&#39;left\\&#39; bgcolor=\\&#39;#eeeeec\\&#39;&gt;Time&lt;/th&gt;&lt;th align=\\&#39;left&#39; }; public $xdebug_message = &#39;&lt;tr&gt;&lt;th align=\\&#39;left\\&#39; bgcolor=\\&#39;#f57900\\&#39; colspan=&quot;5&quot;&gt;&lt;span style=\\&#39;background-color: #cc0000; color: #fce94f; font-size: x-large;\\&#39;&gt;( ! )&lt;/span&gt; OC\\\\Authentication\\\\Exceptions\\\\InvalidTokenException: Token does not exist: token does not exist in /var/www/html/lib/private/Authentication/Token/PublicKeyTokenProvider.php on line &lt;i&gt;163&lt;/i&gt;&lt;/th&gt;&lt;/tr&gt;\\n&lt;tr&gt;&lt;th align=\\&#39;left\\&#39; bgcolor=\\&#39;#e9b96e\\&#39; colspan=\\&#39;5\\&#39;&gt;Call Stack&lt;/th&gt;&lt;/tr&gt;\\n&lt;tr&gt;&lt;th align=\\&#39;center\\&#39; bgcolor=\\&#39;#eeeeec\\&#39;&gt;#&lt;/th&gt;&lt;th align=\\&#39;left\\&#39; bgcolor=\\&#39;#&#39; }</span> )</td><td title='/var/www/html/lib/private/AppFramework/Http/Dispatcher.php' bgcolor='#eeeeec'>.../Dispatcher.php<b>:</b>167</td></tr>\n"},"CustomMessage":"Token does not exist: token does not exist"}}
mrvahedi68 commented 10 months ago

So as we saw the last solution is not a good choice and will block user from login and the only solution for this requirement is the first one that shows dialogs and redirect user to settings (if logged in directly) or make him log out(if logged in using IDP).