Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Unable to generate 2FA backup codes #10766

Closed
paraviz02 opened this issue Aug 20, 2018 · 8 comments
Closed

Unable to generate 2FA backup codes #10766

paraviz02 opened this issue Aug 20, 2018 · 8 comments
Assignees
@ChristophWurst
Labels
3. to review Waiting for reviews bug
Milestone
Nextcloud 14

Comments

@paraviz02
Copy link

Steps to reproduce

  1. Upgrade from Nextcloud 13 to Nextcloud 14 Beta 4
  2. Go into user security settings, click to generate backup codes

Expected behaviour

Should generate codes and display for user.

Actual behaviour

Error message given, no codes generated. Issue is fixed by modifying the oc_twofactor_backupcodes table, and increasing the size of code column from 64 to 100.

Server configuration

Operating system: Ubuntu 18.04.1

Web server: Apache 2.4.29

Database: MySQL 5.7.23

PHP version: PHP 7.2.7

Nextcloud version: Nextcloud 14 Beta 4

Updated from an older Nextcloud/ownCloud or fresh install: Updated from Nextcloud 13

Where did you install Nextcloud from: Downloaded tar.gz

Signing status:

Signing status 
No errors have been found.

List of activated apps:

App list 
  - accessibility: 1.0.1
  - activity: 2.7.0
  - cloud_federation_api: 0.0.1
  - comments: 1.4.0
  - dav: 1.6.0
  - federatedfilesharing: 1.4.0
  - federation: 1.4.0
  - files: 1.9.0
  - files_pdfviewer: 1.3.2
  - files_sharing: 1.6.2
  - files_texteditor: 2.6.0
  - files_trashbin: 1.4.1
  - files_versions: 1.7.1
  - files_videoplayer: 1.3.0
  - firstrunwizard: 2.3.0
  - gallery: 18.1.0
  - limit_login_to_ip: 1.0.4
  - logreader: 2.0.0
  - lookup_server_connector: 1.2.0
  - nextcloud_announcements: 1.3.0
  - notifications: 2.2.1
  - oauth2: 1.2.1
  - password_policy: 1.4.0
  - provisioning_api: 1.4.0
  - serverinfo: 1.4.0
  - sharebymail: 1.4.0
  - support: 1.0.0
  - survey_client: 1.2.0
  - systemtags: 1.4.0
  - theming: 1.5.0
  - twofactor_backupcodes: 1.3.0
  - twofactor_gateway: 0.7.0
  - twofactor_totp: 1.5.0
  - updatenotification: 1.4.1
  - user_ldap: 1.4.0
  - workflowengine: 1.4.0

Nextcloud configuration:

Config report 
{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "cloud.retinostics.com"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "overwrite.cli.url": "http:\/\/cloud.retinostics.com",
        "dbtype": "mysql",
        "version": "14.0.0.16",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "updater.release.channel": "beta",
        "updater.secret": "***REMOVED SENSITIVE VALUE***",
        "maintenance": false,
        "theme": "",
        "loglevel": 2,
        "ldapIgnoreNamingRules": false,
        "ldapProviderFactory": "OCA\\User_LDAP\\LDAPProviderFactory"
    }
}

Are you using external storage, if yes which one: local

Are you using encryption: no

Are you using an external user-backend, if yes which one: None yet, but going to be configuring for Active Directory

LDAP configuration (delete this part if not used)

LDAP config 
N/A

Client configuration

Browser: Safari 11.1

Operating system: MacOS 10.13.4

Logs

Web server error log

Web server error log 
N/A

Nextcloud log (data/nextcloud.log)

Nextcloud log 
{"reqId":"eoI4RRaSaXdaodqJxfoR","level":3,"time":"2018-08-20T15:08:43+00:00","remoteAddr":"71.177.198.180","user":"retinostics","app":"index","method":"POST","url":"\/index.php\/apps\/twofactor_backupcodes\/settings\/create","message":{"Exception":"Doctrine\\DBAL\\Exception\\DriverException","Message":"An exception occurred while executing 'INSERT INTO `oc_twofactor_backupcodes`(`user_id`,`code`,`used`) VALUES(?,?,?)' with params [\"retinostics\", \"2|$argon2i$v=19$m=1024,t=2,p=2$QjgvRVM0dG1Yd0ozU1h0dg$E95Zt0XcD6NqRqZTXY4AXOSyJB0+t61wfk0N1wC6788\", 0]:\n\nSQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'code' at row 1","Code":0,"Trace":[{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/3rdparty\/doctrine\/dbal\/lib\/Doctrine\/DBAL\/DBALException.php","line":128,"function":"convertException","class":"Doctrine\\DBAL\\Driver\\AbstractMySQLDriver","type":"->","args":["An exception occurred while executing 'INSERT INTO `oc_twofactor_backupcodes`(`user_id`,`code`,`used`) VALUES(?,?,?)' with params [\"retinostics\", \"2|$argon2i$v=19$m=1024,t=2,p=2$QjgvRVM0dG1Yd0ozU1h0dg$E95Zt0XcD6NqRqZTXY4AXOSyJB0+t61wfk0N1wC6788\", 0]:\n\nSQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'code' at row 1",{"errorInfo":["22001",1406,"Data too long for column 'code' at row 1"],"__class__":"Doctrine\\DBAL\\Driver\\PDOException"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/3rdparty\/doctrine\/dbal\/lib\/Doctrine\/DBAL\/Statement.php","line":177,"function":"driverExceptionDuringQuery","class":"Doctrine\\DBAL\\DBALException","type":"::","args":[{"__class__":"Doctrine\\DBAL\\Driver\\PDOMySql\\Driver"},{"errorInfo":["22001",1406,"Data too long for column 'code' at row 1"],"__class__":"Doctrine\\DBAL\\Driver\\PDOException"},"INSERT INTO `oc_twofactor_backupcodes`(`user_id`,`code`,`used`) VALUES(?,?,?)",{"1":"retinostics","2":"2|$argon2i$v=19$m=1024,t=2,p=2$QjgvRVM0dG1Yd0ozU1h0dg$E95Zt0XcD6NqRqZTXY4AXOSyJB0+t61wfk0N1wC6788","3":0}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/public\/AppFramework\/Db\/Mapper.php","line":256,"function":"execute","class":"Doctrine\\DBAL\\Statement","type":"->","args":[]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/public\/AppFramework\/Db\/Mapper.php","line":130,"function":"execute","class":"OCP\\AppFramework\\Db\\Mapper","type":"->","args":["INSERT INTO `*PREFIX*twofactor_backupcodes`(`user_id`,`code`,`used`) VALUES(?,?,?)",["retinostics","2|$argon2i$v=19$m=1024,t=2,p=2$QjgvRVM0dG1Yd0ozU1h0dg$E95Zt0XcD6NqRqZTXY4AXOSyJB0+t61wfk0N1wC6788",0]]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/apps\/twofactor_backupcodes\/lib\/Service\/BackupCodeStorage.php","line":80,"function":"insert","class":"OCP\\AppFramework\\Db\\Mapper","type":"->","args":[{"id":null,"__class__":"OCA\\TwoFactorBackupCodes\\Db\\BackupCode"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/apps\/twofactor_backupcodes\/lib\/Controller\/SettingsController.php","line":68,"function":"createCodes","class":"OCA\\TwoFactorBackupCodes\\Service\\BackupCodeStorage","type":"->","args":[{"__class__":"OC\\User\\User"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":166,"function":"createCodes","class":"OCA\\TwoFactorBackupCodes\\Controller\\SettingsController","type":"->","args":[]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":99,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\TwoFactorBackupCodes\\Controller\\SettingsController"},"createCodes"]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/AppFramework\/App.php","line":118,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\TwoFactorBackupCodes\\Controller\\SettingsController"},"createCodes"]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\TwoFactorBackupCodes\\Controller\\SettingsController","createCodes",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{"_route":"twofactor_backupcodes.settings.createCodes"}]},{"function":"__invoke","class":"OC\\AppFramework\\Routing\\RouteActionHandler","type":"->","args":[{"_route":"twofactor_backupcodes.settings.createCodes"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/Route\/Router.php","line":297,"function":"call_user_func","args":[{"__class__":"OC\\AppFramework\\Routing\\RouteActionHandler"},{"_route":"twofactor_backupcodes.settings.createCodes"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/base.php","line":989,"function":"match","class":"OC\\Route\\Router","type":"->","args":["\/apps\/twofactor_backupcodes\/settings\/create"]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/index.php","line":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\/media\/www\/cloud.retinostics.com\/htdocs\/3rdparty\/doctrine\/dbal\/lib\/Doctrine\/DBAL\/Driver\/AbstractMySQLDriver.php","Line":115,"Previous":{"Exception":"Doctrine\\DBAL\\Driver\\PDOException","Message":"SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'code' at row 1","Code":"22001","Trace":[{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/3rdparty\/doctrine\/dbal\/lib\/Doctrine\/DBAL\/Statement.php","line":168,"function":"execute","class":"Doctrine\\DBAL\\Driver\\PDOStatement","type":"->","args":[null]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/public\/AppFramework\/Db\/Mapper.php","line":256,"function":"execute","class":"Doctrine\\DBAL\\Statement","type":"->","args":[]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/public\/AppFramework\/Db\/Mapper.php","line":130,"function":"execute","class":"OCP\\AppFramework\\Db\\Mapper","type":"->","args":["INSERT INTO `*PREFIX*twofactor_backupcodes`(`user_id`,`code`,`used`) VALUES(?,?,?)",["retinostics","2|$argon2i$v=19$m=1024,t=2,p=2$QjgvRVM0dG1Yd0ozU1h0dg$E95Zt0XcD6NqRqZTXY4AXOSyJB0+t61wfk0N1wC6788",0]]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/apps\/twofactor_backupcodes\/lib\/Service\/BackupCodeStorage.php","line":80,"function":"insert","class":"OCP\\AppFramework\\Db\\Mapper","type":"->","args":[{"id":null,"__class__":"OCA\\TwoFactorBackupCodes\\Db\\BackupCode"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/apps\/twofactor_backupcodes\/lib\/Controller\/SettingsController.php","line":68,"function":"createCodes","class":"OCA\\TwoFactorBackupCodes\\Service\\BackupCodeStorage","type":"->","args":[{"__class__":"OC\\User\\User"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":166,"function":"createCodes","class":"OCA\\TwoFactorBackupCodes\\Controller\\SettingsController","type":"->","args":[]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":99,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\TwoFactorBackupCodes\\Controller\\SettingsController"},"createCodes"]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/AppFramework\/App.php","line":118,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\TwoFactorBackupCodes\\Controller\\SettingsController"},"createCodes"]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\TwoFactorBackupCodes\\Controller\\SettingsController","createCodes",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{"_route":"twofactor_backupcodes.settings.createCodes"}]},{"function":"__invoke","class":"OC\\AppFramework\\Routing\\RouteActionHandler","type":"->","args":[{"_route":"twofactor_backupcodes.settings.createCodes"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/Route\/Router.php","line":297,"function":"call_user_func","args":[{"__class__":"OC\\AppFramework\\Routing\\RouteActionHandler"},{"_route":"twofactor_backupcodes.settings.createCodes"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/base.php","line":989,"function":"match","class":"OC\\Route\\Router","type":"->","args":["\/apps\/twofactor_backupcodes\/settings\/create"]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/index.php","line":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\/media\/www\/cloud.retinostics.com\/htdocs\/3rdparty\/doctrine\/dbal\/lib\/Doctrine\/DBAL\/Driver\/PDOStatement.php","Line":107,"Previous":{"Exception":"PDOException","Message":"SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'code' at row 1","Code":"22001","Trace":[{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/3rdparty\/doctrine\/dbal\/lib\/Doctrine\/DBAL\/Driver\/PDOStatement.php","line":105,"function":"execute","class":"PDOStatement","type":"->","args":[null]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/3rdparty\/doctrine\/dbal\/lib\/Doctrine\/DBAL\/Statement.php","line":168,"function":"execute","class":"Doctrine\\DBAL\\Driver\\PDOStatement","type":"->","args":[null]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/public\/AppFramework\/Db\/Mapper.php","line":256,"function":"execute","class":"Doctrine\\DBAL\\Statement","type":"->","args":[]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/public\/AppFramework\/Db\/Mapper.php","line":130,"function":"execute","class":"OCP\\AppFramework\\Db\\Mapper","type":"->","args":["INSERT INTO `*PREFIX*twofactor_backupcodes`(`user_id`,`code`,`used`) VALUES(?,?,?)",["retinostics","2|$argon2i$v=19$m=1024,t=2,p=2$QjgvRVM0dG1Yd0ozU1h0dg$E95Zt0XcD6NqRqZTXY4AXOSyJB0+t61wfk0N1wC6788",0]]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/apps\/twofactor_backupcodes\/lib\/Service\/BackupCodeStorage.php","line":80,"function":"insert","class":"OCP\\AppFramework\\Db\\Mapper","type":"->","args":[{"id":null,"__class__":"OCA\\TwoFactorBackupCodes\\Db\\BackupCode"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/apps\/twofactor_backupcodes\/lib\/Controller\/SettingsController.php","line":68,"function":"createCodes","class":"OCA\\TwoFactorBackupCodes\\Service\\BackupCodeStorage","type":"->","args":[{"__class__":"OC\\User\\User"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":166,"function":"createCodes","class":"OCA\\TwoFactorBackupCodes\\Controller\\SettingsController","type":"->","args":[]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":99,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\TwoFactorBackupCodes\\Controller\\SettingsController"},"createCodes"]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/AppFramework\/App.php","line":118,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\TwoFactorBackupCodes\\Controller\\SettingsController"},"createCodes"]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\TwoFactorBackupCodes\\Controller\\SettingsController","createCodes",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{"_route":"twofactor_backupcodes.settings.createCodes"}]},{"function":"__invoke","class":"OC\\AppFramework\\Routing\\RouteActionHandler","type":"->","args":[{"_route":"twofactor_backupcodes.settings.createCodes"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/private\/Route\/Router.php","line":297,"function":"call_user_func","args":[{"__class__":"OC\\AppFramework\\Routing\\RouteActionHandler"},{"_route":"twofactor_backupcodes.settings.createCodes"}]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/lib\/base.php","line":989,"function":"match","class":"OC\\Route\\Router","type":"->","args":["\/apps\/twofactor_backupcodes\/settings\/create"]},{"file":"\/media\/www\/cloud.retinostics.com\/htdocs\/index.php","line":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\/media\/www\/cloud.retinostics.com\/htdocs\/3rdparty\/doctrine\/dbal\/lib\/Doctrine\/DBAL\/Driver\/PDOStatement.php","Line":105}},"CustomMessage":"--"},"userAgent":"Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit\/605.1.15 (KHTML, like Gecko) Version\/11.1 Safari\/605.1.15","version":"14.0.0.16"}
{"reqId":"eoI4RRaSaXdaodqJxfoR","level":3,"time":"2018-08-20T15:08:43+00:00","remoteAddr":"71.177.198.180","user":"retinostics","app":"PHP","method":"POST","url":"\/index.php\/apps\/twofactor_backupcodes\/settings\/create","message":"You are using a fallback implementation of the intl extension. Installing the native one is highly recommended instead. at \/media\/www\/cloud.retinostics.com\/htdocs\/3rdparty\/patchwork\/utf8\/src\/Patchwork\/Utf8\/Bootup\/intl.php#18","userAgent":"Mozilla\/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit\/605.1.15 (KHTML, like Gecko) Version\/11.1 Safari\/605.1.15","version":"14.0.0.16"}

Browser log

Browser log 
N/A
@nextcloud-bot
Copy link
Member

GitMate.io thinks possibly related issues are #9997 (Delete or disable backup 2FA codes), #10500 (2FA provider selection shown if only one provider active and backup codes generated), #3130 (After upgrade disable/enable 2fa generates a new code ), #9036 ([2FA] longevity of Backup-Codes), and #1108 (2FA: let users create and authenticate via backup codes).

@rullzer
Copy link
Member

rullzer commented Aug 20, 2018

@ChristophWurst

@ChristophWurst
Copy link
Member

ChristophWurst commented Aug 21, 2018
edited
Loading

2|$argon2i$v=19$m=1024,t=2,p=2$Qjgv…

… so … these encrypted values got longer, huh, @rullzer 😉

Oh, I think I know why I didn't see this when I tested the backup codes last week: sqlite probably does not enforce the column length limit.

@ChristophWurst
Copy link
Member

Probably caused by #9074.

@ChristophWurst ChristophWurst self-assigned this Aug 21, 2018
@ChristophWurst ChristophWurst added the 3. to review Waiting for reviews label Aug 21, 2018
@ChristophWurst ChristophWurst added this to the Nextcloud 14 milestone Aug 21, 2018
@ChristophWurst ChristophWurst mentioned this issue Aug 21, 2018
Merged
2 tasks
@ChristophWurst
Copy link
Member

Hey, @paraviz02,

thanks a lot for reporting this, especially with the proposed solution. This made it very easy to fix this bug. Thanks 🚀

@rullzer
Copy link
Member

rullzer commented Aug 21, 2018

@ChristophWurst yes they did... I didn't think about your app indeed. whoops...

@ChristophWurst
Copy link
Member

No worries :)

@paraviz02
Copy link
Author

@ChristophWurst it's a pleasure! The least I can do ... Cheers!

@nextcloud-bot nextcloud-bot mentioned this issue Sep 26, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ChristophWurst ChristophWurst

Labels
3. to review Waiting for reviews bug
Projects
None yet
Milestone
Nextcloud 14
Development

No branches or pull requests
4 participants
@rullzer @ChristophWurst @paraviz02 @nextcloud-bot