Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

cannot login with Webauthn anymore #27345

Closed
ghost opened this issue Jun 2, 2021 · 3 comments
Closed

cannot login with Webauthn anymore #27345

ghost opened this issue Jun 2, 2021 · 3 comments
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap bug

Comments

@ghost
Copy link

ghost commented Jun 2, 2021

Steps to reproduce

  1. Chose on loginscreen login with device
  2. enter unsername and plug in the key as eccepted
  3. nothing happend after tipping the key

Expected behaviour

Logging in

Actual behaviour

Nothing happends

Server configuration

Operating system:
Ubuntu 21.10

Web server:
Apache2

Database:
mySQL-Server 8.0.25

PHP version:
php7.4.9

Nextcloud version: (see Nextcloud admin page)
21.0.2

Updated from an older Nextcloud/ownCloud or fresh install:
fresh install

Where did you install Nextcloud from:
homepage archive

Signing status:

Signing status 
Login as admin user into your Nextcloud and access 
http://example.com/index.php/settings/integrity/failed 
No errors have been found.
List of activated apps 
  - accessibility: 1.7.0
  - activity: 2.14.3
  - bruteforcesettings: 2.1.0
  - calendar: 2.2.2
  - cloud_federation_api: 1.4.0
  - comments: 1.11.0
  - contactsinteraction: 1.2.0
  - dashboard: 7.1.0
  - dav: 1.17.1
  - federatedfilesharing: 1.11.0
  - federation: 1.11.0
  - files: 1.16.0
  - files_pdfviewer: 2.1.0
  - files_rightclick: 1.0.0
  - files_sharing: 1.13.1
  - files_trashbin: 1.11.0
  - files_versions: 1.14.0
  - files_videoplayer: 1.10.0
  - firstrunwizard: 2.10.0
  - logreader: 2.6.0
  - lookup_server_connector: 1.9.0
  - nextcloud_announcements: 1.10.0
  - notes: 4.0.4
  - notifications: 2.9.0
  - oauth2: 1.9.0
  - password_policy: 1.11.0
  - photos: 1.3.0
  - privacy: 1.5.0
  - provisioning_api: 1.11.0
  - ransomware_protection: 1.10.1
  - recommendations: 1.0.0
  - serverinfo: 1.11.0
  - settings: 1.3.0
  - sharebymail: 1.11.0
  - support: 1.4.0
  - survey_client: 1.9.0
  - systemtags: 1.11.0
  - tasks: 0.13.6
  - text: 3.2.0
  - theming: 1.12.0
  - twofactor_backupcodes: 1.10.0
  - twofactor_nextcloud_notification: 3.1.2
  - twofactor_totp: 6.0.0
  - twofactor_u2f: 6.1.0
  - updatenotification: 1.11.0
  - user_status: 1.1.1
  - viewer: 1.5.0
  - weather_status: 1.1.0
  - workflowengine: 2.3.0
Disabled:
  - admin_audit
  - encryption
  - files_external
  - user_ldap
</details>

**Nextcloud configuration:**
<details>
<summary>Config report</summary>

{
"system": {
"instanceid": "REMOVED SENSITIVE VALUE",
"passwordsalt": "REMOVED SENSITIVE VALUE",
"secret": "REMOVED SENSITIVE VALUE",
"trusted_domains": [
"cloud.sample.de"
],
"datadirectory": "REMOVED SENSITIVE VALUE",
"dbtype": "mysql",
"version": "21.0.2.1",
"overwrite.cli.url": "https://cloud.sample.de",
"dbname": "REMOVED SENSITIVE VALUE",
"dbhost": "REMOVED SENSITIVE VALUE",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "REMOVED SENSITIVE VALUE",
"dbpassword": "REMOVED SENSITIVE VALUE",
"installed": true,
"memcache.local": "\OC\Memcache\APCu",
"default_phone_region": "CH",
"maintenance": false,
"theme": "",
"loglevel": 2,
"updater.release.channel": "beta",
"overwritehost": "cloud.sample.de"
}
}

Are you using external storage, if yes which one: local/smb/sftp/...
No.

Are you using encryption: yes/no
No.

Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...
No.

LDAP configuration (delete this part if not used)

LDAP config 
With access to your command line run e.g.:
sudo -u www-data php occ ldap:show-config
from within your Nextcloud installation folder

Without access to your command line download the data/owncloud.db to your local
computer or access your SQL server remotely and run the select query:
SELECT * FROM `oc_appconfig` WHERE `appid` = 'user_ldap';


Eventually replace sensitive data as the name/IP-address of your LDAP server or groups.

Client configuration

Browser:
FireFox, Edge, Safari (iPad, iPhone, MacOS)
all the newest Versions
Operating system:
Windows 10, iOS, macOS

Logs

Web server error log

Web server error log 
{"reqId":"ClcBUM4eN1FYgkOXkmqb","level":3,"time":"2021-06-02T11:43:34+00:00","remoteAddr":"xxx.xxx.xxx.xxx","user":"--","app":"index","method":"POST","url":"/index.php/login/webauthn/finish","message":{"Exception":"Doctrine\\DBAL\\Exception\\UniqueConstraintViolationException","Message":"An exception occurred while executing a query: SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry '8' for key 'oc_webauthn.PRIMARY'","Code":1062,"Trace":[{"file":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Connection.php","line":1728,"function":"convert","class":"Doctrine\\DBAL\\Driver\\API\\MySQL\\ExceptionConverter","type":"->"},{"file":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Connection.php","line":1667,"function":"handleDriverException","class":"Doctrine\\DBAL\\Connection","type":"->"},{"file":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Connection.php","line":1146,"function":"convertExceptionDuringQuery","class":"Doctrine\\DBAL\\Connection","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/DB/Connection.php","line":257,"function":"executeStatement","class":"Doctrine\\DBAL\\Connection","type":"->"},{"file":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Query/QueryBuilder.php","line":213,"function":"executeStatement","class":"OC\\DB\\Connection","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/DB/QueryBuilder/QueryBuilder.php","line":287,"function":"execute","class":"Doctrine\\DBAL\\Query\\QueryBuilder","type":"->"},{"file":"/var/www/html/nextcloud/lib/public/AppFramework/Db/QBMapper.php","line":135,"function":"execute","class":"OC\\DB\\QueryBuilder\\QueryBuilder","type":"->"},{"file":"/var/www/html/nextcloud/lib/public/AppFramework/Db/QBMapper.php","line":159,"function":"insert","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/Authentication/WebAuthn/CredentialRepository.php","line":89,"function":"insertOrUpdate","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/Authentication/WebAuthn/CredentialRepository.php","line":93,"function":"saveAndReturnCredentialSource","class":"OC\\Authentication\\WebAuthn\\CredentialRepository","type":"->"},{"file":"/var/www/html/nextcloud/3rdparty/web-auth/webauthn-lib/src/AuthenticatorAssertionResponseValidator.php","line":206,"function":"saveCredentialSource","class":"OC\\Authentication\\WebAuthn\\CredentialRepository","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/Authentication/WebAuthn/Manager.php","line":235,"function":"check","class":"Webauthn\\AuthenticatorAssertionResponseValidator","type":"->"},{"file":"/var/www/html/nextcloud/core/Controller/WebAuthnController.php","line":107,"function":"finishAuthentication","class":"OC\\Authentication\\WebAuthn\\Manager","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":218,"function":"finishAuthentication","class":"OC\\Core\\Controller\\WebAuthnController","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":127,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/AppFramework/App.php","line":157,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/Route/Router.php","line":302,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/var/www/html/nextcloud/lib/base.php","line":993,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/html/nextcloud/index.php","line":37,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Driver/API/MySQL/ExceptionConverter.php","Line":60,"Previous":{"Exception":"Doctrine\\DBAL\\Driver\\PDO\\Exception","Message":"SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry '8' for key 'oc_webauthn.PRIMARY'","Code":1062,"Trace":[{"file":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Driver/PDO/Statement.php","line":84,"function":"new","class":"Doctrine\\DBAL\\Driver\\PDO\\Exception","type":"::"},{"file":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Connection.php","line":1136,"function":"execute","class":"Doctrine\\DBAL\\Driver\\PDO\\Statement","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/DB/Connection.php","line":257,"function":"executeStatement","class":"Doctrine\\DBAL\\Connection","type":"->"},{"file":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Query/QueryBuilder.php","line":213,"function":"executeStatement","class":"OC\\DB\\Connection","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/DB/QueryBuilder/QueryBuilder.php","line":287,"function":"execute","class":"Doctrine\\DBAL\\Query\\QueryBuilder","type":"->"},{"file":"/var/www/html/nextcloud/lib/public/AppFramework/Db/QBMapper.php","line":135,"function":"execute","class":"OC\\DB\\QueryBuilder\\QueryBuilder","type":"->"},{"file":"/var/www/html/nextcloud/lib/public/AppFramework/Db/QBMapper.php","line":159,"function":"insert","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/Authentication/WebAuthn/CredentialRepository.php","line":89,"function":"insertOrUpdate","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/Authentication/WebAuthn/CredentialRepository.php","line":93,"function":"saveAndReturnCredentialSource","class":"OC\\Authentication\\WebAuthn\\CredentialRepository","type":"->"},{"file":"/var/www/html/nextcloud/3rdparty/web-auth/webauthn-lib/src/AuthenticatorAssertionResponseValidator.php","line":206,"function":"saveCredentialSource","class":"OC\\Authentication\\WebAuthn\\CredentialRepository","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/Authentication/WebAuthn/Manager.php","line":235,"function":"check","class":"Webauthn\\AuthenticatorAssertionResponseValidator","type":"->"},{"file":"/var/www/html/nextcloud/core/Controller/WebAuthnController.php","line":107,"function":"finishAuthentication","class":"OC\\Authentication\\WebAuthn\\Manager","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":218,"function":"finishAuthentication","class":"OC\\Core\\Controller\\WebAuthnController","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":127,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/AppFramework/App.php","line":157,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/Route/Router.php","line":302,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/var/www/html/nextcloud/lib/base.php","line":993,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/html/nextcloud/index.php","line":37,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Driver/PDO/Exception.php","Line":26,"Previous":{"Exception":"PDOException","Message":"SQLSTATE[23000]: Integrity constraint violation: 1062 Duplicate entry '8' for key 'oc_webauthn.PRIMARY'","Code":"23000","Trace":[{"file":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Driver/PDO/Statement.php","line":82,"function":"execute","class":"PDOStatement","type":"->"},{"file":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Connection.php","line":1136,"function":"execute","class":"Doctrine\\DBAL\\Driver\\PDO\\Statement","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/DB/Connection.php","line":257,"function":"executeStatement","class":"Doctrine\\DBAL\\Connection","type":"->"},{"file":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Query/QueryBuilder.php","line":213,"function":"executeStatement","class":"OC\\DB\\Connection","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/DB/QueryBuilder/QueryBuilder.php","line":287,"function":"execute","class":"Doctrine\\DBAL\\Query\\QueryBuilder","type":"->"},{"file":"/var/www/html/nextcloud/lib/public/AppFramework/Db/QBMapper.php","line":135,"function":"execute","class":"OC\\DB\\QueryBuilder\\QueryBuilder","type":"->"},{"file":"/var/www/html/nextcloud/lib/public/AppFramework/Db/QBMapper.php","line":159,"function":"insert","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/Authentication/WebAuthn/CredentialRepository.php","line":89,"function":"insertOrUpdate","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/Authentication/WebAuthn/CredentialRepository.php","line":93,"function":"saveAndReturnCredentialSource","class":"OC\\Authentication\\WebAuthn\\CredentialRepository","type":"->"},{"file":"/var/www/html/nextcloud/3rdparty/web-auth/webauthn-lib/src/AuthenticatorAssertionResponseValidator.php","line":206,"function":"saveCredentialSource","class":"OC\\Authentication\\WebAuthn\\CredentialRepository","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/Authentication/WebAuthn/Manager.php","line":235,"function":"check","class":"Webauthn\\AuthenticatorAssertionResponseValidator","type":"->"},{"file":"/var/www/html/nextcloud/core/Controller/WebAuthnController.php","line":107,"function":"finishAuthentication","class":"OC\\Authentication\\WebAuthn\\Manager","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":218,"function":"finishAuthentication","class":"OC\\Core\\Controller\\WebAuthnController","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":127,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/AppFramework/App.php","line":157,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/html/nextcloud/lib/private/Route/Router.php","line":302,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"file":"/var/www/html/nextcloud/lib/base.php","line":993,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/html/nextcloud/index.php","line":37,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/html/nextcloud/3rdparty/doctrine/dbal/src/Driver/PDO/Statement.php","Line":82}},"CustomMessage":"--"},"userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36 Edg/91.0.864.37","version":"21.0.2.1","id":"60b76eff3780c"}```
</details>

#### Nextcloud log (data/nextcloud.log)
<details>
<summary>Nextcloud log</summary>

{"reqId":"Llgv0ulLW6Sov5o8qKve","level":2,"time":"2021-05-08T10:54:28+00:00","remoteAddr":"xxx.xxx.xxx.xxx","user":"--","app":"no app in context","method":"GET","url":"/","message":"Could not detect any host in https:///data/htaccesstest.txt","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0","version":""}
{"reqId":"Llgv0ulLW6Sov5o8qKve","level":2,"time":"2021-05-08T10:54:28+00:00","remoteAddr":"xxx.xxx.xxx.xxx","user":"--","app":"no app in context","method":"GET","url":"/","message":"Could not detect any host in http:///data/htaccesstest.txt","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0","version":""}
{"reqId":"xFppQ1vA95flSPDSmzao","level":3,"time":"2021-05-08T10:55:01+00:00","remoteAddr":"","user":"--","app":"cron","method":"","url":"--","message":{"Exception":"Exception","Message":"Not installed","Code":0,"Trace":[{"file":"/var/www/html/nextcloud/lib/base.php","line":643,"function":"checkInstalled","class":"OC","type":"::"},{"file":"/var/www/html/nextcloud/lib/base.php","line":1076,"function":"init","class":"OC","type":"::"},{"file":"/var/www/html/nextcloud/cron.php","line":43,"args":["/var/www/html/nextcloud/lib/base.php"],"function":"require_once"}],"File":"/var/www/html/nextcloud/lib/base.php","Line":276,"CustomMessage":"--"},"userAgent":"--","version":""}
{"reqId":"zPkfgUPY84X8Ldbk4mhI","level":2,"time":"2021-05-08T10:55:30+00:00","remoteAddr":"xxx.xxx.xxx.xxx","user":"--","app":"no app in context","method":"POST","url":"/index.php","message":"Could not detect any host in https:///data/htaccesstest.txt","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0","version":""}
{"reqId":"zPkfgUPY84X8Ldbk4mhI","level":2,"time":"2021-05-08T10:55:30+00:00","remoteAddr":"xxx.xxx.xxx.xxx","user":"--","app":"no app in context","method":"POST","url":"/index.php","message":"Could not detect any host in http:///data/htaccesstest.txt","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:88.0) Gecko/20100101 Firefox/88.0","version":""}

</details>

#### Browser log
<details>
<summary>Browser log</summary>

Insert your browser log here, this could for example include:
14:12:30.543 XHRPOSThttps://cloud.sample.de/index.php/login/webauthn/start
[HTTP/1.1 200 OK 436ms]

14:12:34.204 XHRPOSThttps://cloud.sample.de/index.php/login/webauthn/finish
[HTTP/1.1 500 Internal Server Error 174ms]

</details>
@ghost ghost added 0. Needs triage Pending check for reproducibility or if it fits our roadmap bug labels Jun 2, 2021
@81pla
Copy link

81pla commented Jun 8, 2021

the same question. cannot login with Webauthn anymore in 21.0.2

@shinenelson
Copy link

duplicate of #27079

@zimmersi zimmersi mentioned this issue Jun 30, 2021
Merged
@szaimen
Copy link
Contributor

szaimen commented Jul 14, 2021

Lets track this in #27662

@szaimen szaimen closed this as completed Jul 14, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@shinenelson @81pla @szaimen