Linux: Being told to verify via reCAPTCHA doesn't work if both Signal and Signal Beta clients installed

[mreugenekrabs]

• [x] I have searched open and closed issues for duplicates
• [x] I am using Signal-Desktop as provided by the Signal team, not a 3rd-party package.

---

Bug Description

If you have both Signal Desktop non-beta and beta versions installed and you're asked to complete captcha on the beta version, the redirect from the captcha page isn't sent to the beta client, but instead to the non-beta client.

Furthermore, if I dismiss the captcha dialog without verifying on the beta app, the beta app becomes unclickable even after restarting, though UI still works for incoming messages and I can still use the settings

Steps to Reproduce

1. Get told to verify by captcha
2. Complete captcha in Google Chrome
3. Xdg-open dialog prompt to open the link in another program (wasn't given a choice of which program to open in)

Actual Result:

Captcha verification succeeds and beta client can send messages again

Expected Result:

Captcha success redirects to the non-beta client, and beta client doesn't receive it

Screenshots

None

Platform Info

Signal Version: 5.36.0-beta.3

Operating System: Debian 10

Linked Device Version: 5.34

Link to Debug Log

Cleared and relinked desktop beta data because nothing in the main screen was clickable, so not available. Android log irrelevant.

[jordanbertasso]

This happens with the local development version too, making it impossible to login and test code changes.

Related forum post https://community.signalusers.org/t/captcha-callback-opens-the-incorrect-signal-app/43477/2

[jojomatik]

This happens with the local development version too, making it impossible to login and test code changes.

Related forum post https://community.signalusers.org/t/captcha-callback-opens-the-incorrect-signal-app/43477/2

I'm running into a similar issue using the development version on windows 10: I can't get the development version set up, as I receive an error message after verifying the captcha in my browser.

So it might not just be Linux @scottnonnenberg-signal. Is there a way to develop and test the app without registering a phone number?

Edit: I deleted and recreated the Signal-development folder by copying my Signal directory again. Now I can get to my conversations etc. which is fine for me currently. Still not sure what the captcha is supposed to be doing though 🤔

I also found another related forum post: https://community.signalusers.org/t/error-clicking-on-send-sms-for-standalone-setup-forwarding-to-recaptcha-page-with-an-error-and-not-getting-sms/44218

[indutny-signal]

@jojomatik I've talked to Electron team about this and in general they admit that this is a pain point. The url protocol handlers work best with packed apps so this is what we sometimes have to do in the development when we need to solve a captcha. Sorry for the inconvenience!

[jilv220]

Same problem.

[myf]

re: https://github.com/signalapp/Signal-Desktop/issues/6002

[TheTechZone]

@jojomatik I've talked to Electron team about this and in general they admit that this is a pain point. The url protocol handlers work best with packed apps so this is what we sometimes have to do in the development when we need to solve a captcha. Sorry for the inconvenience!

@indutny-signal I was wondering if there is any follow up on this? My use-case is a bit different as I am trying to register a standalone device on the development build. Is there any way to pass the captcha back to the signal app or alternatively, how should I go about packing the app properly to register an account and then export the data to the app running under yarn start ?

[evok3d]

The best solution was posted by someone else, though I can't find the link.

This is how you can verify yourself on Linux:

• Click on Verify (opens the link in your browser)

• Verify using the captcha

• Once it is verified in the browser, you will get the Xdg-open dialog prompt

• Ignore the prompt

• Right click on the "Open Signal" hyperlink below the verification box (see screenshot below) and copy the link address

• Make sure Signal is closed.

• In terminal type signal-desktop space and then paste the link address from the previous step

• execute the command

• It will open Signal and run the verification and display "verification complete"

• You can now resume using Signal.

• If you get "verification failed" it means you waited too long between the copy and running the command in Terminal, in which case just do the browser verification again to get a new one.

[Mozar10]

@evok3d This doesn't solve the issue for me. I just cloned the repo today so I'm not sure but I believe the issue could be related to this:

When the link generated from server that returns the captcha verification (Cloudflare or however they're doing it) it points to the production version of the app. So although there are some differences in parts of the actual link generated. When you run the handler that is supposed to launch Signal both points to the prod version (see NODE_ENV and userData) as you can see in the shots below:

https://signalcaptchas.org/registration/generate

https://signalcaptchas.org/staging/registration/generate

I tried starting the app like so NODE_APP_INSTANCE=development yarn run start to change userData destination, but it remains the same in the link generated from the captcha verification server.

So yea, not sure how anyone is running the dev server cause the contribution guidelines just skips this capcha step, perhaps for good reason.

[alanzhu39]

I was able to use these steps to get the captcha to work with the development app on Linux. The process is a slightly modified version of @evok3d's method:

• Start by following the instructions in CONTRIBUTING.md, opening the development version of the app using yarn start and clicking "Set Up as a Standalone Device"
• Enter phone number and click "Send SMS", (opens the captcha link in your browser)
• Verify using the captcha
• Once it is verified in the browser, you will get the "xdg-open" or "Open Signal" dialog prompt
• Ignore the prompt
• Right click on the "Open Signal" hyperlink below the verification box and copy the link address. I got something with the format of signalcaptcha://signal-hcaptcha.Foo-bAr_baz.challenge.fOo-bAR_baZ.fOO-BaR_baz...
• In a terminal window type yarn start space and then paste the link address from the previous step, ie. yarn start signalcaptcha://signal-hcaptcha.Foo-bAr_baz.challenge.fOo-bAR_baZ.fOO-BaR_baz... This command will open the signalcaptcha://... url with the currently running development version of the app
• execute the command, it will say something like

  making app single instance
  quitting; we are the second instance
  Done in 0.67s.

• You can now go back to the original terminal session where you first ran yarn start, you should see something like

  {"level":30,"time":"2024-01-28T08:07:14.558Z","msg":"challengeMain.onRequest(standalone registration): received challenge request, waiting for response"}
  {"level":30,"time":"2024-01-28T08:07:40.974Z","msg":"handleSignalRoute: Matched signal route: captcha"}
  {"level":30,"time":"2024-01-28T08:07:40.974Z","msg":"challengeMain.handleCaptcha: sending captcha response to 1 handlers"}
  {"level":30,"time":"2024-01-28T08:07:40.975Z","msg":"challengeMain.onRequest(standalone registration): got response after 26415ms"}

• This means that the development app has now accepted the Captcha challenge
• You should now get an SMS to the phone number you entered earlier with the verification code. Enter the code and click "Register" and you will now be registered as a standalone device as desired.

[stefba]

@alanzhu39 Thank you, this is a great reply! Maybe someone should pin this answer. I only found it after some searching. None of that is described in the "contributing.md".