NC 15: 2FA + Calendar

I use NC 15.
It seems if 2FA - double authentification - is active, it’s not possible to use calendar.

if I paste on web browser the url about personal calendar, i receive this error message:

(function inject() { window.krU2F = true; const chrome = window['chrome']; function injectMessagePort() { const nativeRuntime = { connect: chrome.runtime.connect, sendMessage: chrome.runtime.sendMessage, }; chrome.runtime.connect = function (extensionId, connectInfo) { if (extensionId === 'klnjmillfildbbimkincljmfoepfhjjj' || extensionId === 'kmendfapggjehodndflmmgagdbamhnfd') { const fallbackPort = nativeRuntime.connect(extensionId, connectInfo); const requests = {}; let requestCounter = 0; const port = { krPort: true, name: connectInfo.name, onDisconnect: { addListener(l) { // TODO: if fallback is not necessary, then // fallbackPort.onDisconnect may be a false // failure since Krypton can service the request // regardless of whether connecting to the // fallback extension succeeds fallbackPort.onDisconnect.addListener(l); }, }, onMessage: { addListener(l) { fallbackPort.onMessage.addListener(l); window.addEventListener('message', function (evt) { if (evt.origin !== window.location.origin) { console.error(`event from origin ${evt.origin}, not ${window.location.origin}`); return; } const responseTypes = [ 'u2f_get_api_version_response', 'u2f_register_response', 'u2f_sign_response', 'webauthn_register_response', 'webauthn_sign_response', ]; if (responseTypes.indexOf(evt.data.type) &gt;= 0) { const requestId = evt.data.requestId; if (evt.data.responseData &amp;&amp; evt.data.responseData.fallback) { if (requests[requestId]) { try { fallbackPort.postMessage(requests[requestId]); } catch (e) { console.error(e); } } } else { l(evt.data); } delete (requests[requestId]); } }, true); }, }, disconnect() { return; }, postMessage(msg) { if (msg.type === 'u2f_get_api_version_request') { const response = { requestId: msg.requestId, responseData: { js_api_version: 1.1, }, type: 'u2f_get_api_version_response', }; window.postMessage(response, window.location.origin); } else if (msg.type === 'u2f_sign_request' || msg.type === 'u2f_register_request' || msg.type === 'webauthn_sign_request') { // don't overwrite requestId set by page msg.requestId = msg.requestId || ++requestCounter; requests[msg.requestId] = msg; window.postMessage(msg, window.location.origin); } else { console.warn('unhandled port message ' + JSON.stringify(msg)); } }, }; return port; } else { return nativeRuntime.connect.bind(chrome.runtime)(extensionId, connectInfo); } }; } injectMessagePort(); })();<span> </span><s:exception>Sabre\DAV\Exception\NotFound</s:exception><span> </span><s:message>Node with name 'personal' could not be found</s:message></d:error></div><div class="header" style="color: rgb(0, 0, 0); font-family: &quot;Times New Roman&quot;; font-size: medium; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration-style: initial; text-decoration-color: initial;"><span>This XML file does not appear to have any style information associated with it. The document tree is shown below.</span><br /></div><div class="pretty-print" style="color: rgb(0, 0, 0); font-family: &quot;Times New Roman&quot;; font-size: medium; font-style: normal; font-variant-ligatures: normal; font-variant-caps: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration-style: initial; text-decoration-color: initial;"><div class="collapsible" id="collapsible0"><div class="expanded"><div class="line"><span class="button collapse-button"></span><span class="html-tag">&lt;d:error<span class="html-attribute"><span> </span><span class="html-attribute-name">xmlns:d</span>="<span class="html-attribute-value">DAV:</span>"</span><span class="html-attribute"><span> </span><span class="html-attribute-name">xmlns:s</span>="<span class="html-attribute-value">http://sabredav.org/ns</span>"</span>&gt;</span></div><div class="collapsible-content"><div class="collapsible" id="collapsible1"><div class="expanded"><div class="line"><span class="button collapse-button"></span><span class="html-tag">&lt;script&gt;</span></div><div class="collapsible-content"><span class="text">(function inject() { window.krU2F = true; const chrome = window['chrome']; function injectMessagePort() { const nativeRuntime = { connect: chrome.runtime.connect, sendMessage: chrome.runtime.sendMessage, }; chrome.runtime.connect = function (extensionId, connectInfo) { if (extensionId === 'klnjmillfildbbimkincljmfoepfhjjj' || extensionId === 'kmendfapggjehodndflmmgagdbamhnfd') { const fallbackPort = nativeRuntime.connect(extensionId, connectInfo); const requests = {}; let requestCounter = 0; const port = { krPort: true, name: connectInfo.name, onDisconnect: { addListener(l) { // TODO: if fallback is not necessary, then // fallbackPort.onDisconnect may be a false // failure since Krypton can service the request // regardless of whether connecting to the // fallback extension succeeds fallbackPort.onDisconnect.addListener(l); }, }, onMessage: { addListener(l) { fallbackPort.onMessage.addListener(l); window.addEventListener('message', function (evt) { if (evt.origin !== window.location.origin) { console.error(`event from origin ${evt.origin}, not ${window.location.origin}`); return; } const responseTypes = [ 'u2f_get_api_version_response', 'u2f_register_response', 'u2f_sign_response', 'webauthn_register_response', 'webauthn_sign_response', ]; if (responseTypes.indexOf(evt.data.type) &gt;= 0) { const requestId = evt.data.requestId; if (evt.data.responseData &amp;&amp; evt.data.responseData.fallback) { if (requests[requestId]) { try { fallbackPort.postMessage(requests[requestId]); } catch (e) { console.error(e); } } } else { l(evt.data); } delete (requests[requestId]); } }, true); }, }, disconnect() { return; }, postMessage(msg) { if (msg.type === 'u2f_get_api_version_request') { const response = { requestId: msg.requestId, responseData: { js_api_version: 1.1, }, type: 'u2f_get_api_version_response', }; window.postMessage(response, window.location.origin); } else if (msg.type === 'u2f_sign_request' || msg.type === 'u2f_register_request' || msg.type === 'webauthn_sign_request') { // don't overwrite requestId set by page msg.requestId = msg.requestId || ++requestCounter; requests[msg.requestId] = msg; window.postMessage(msg, window.location.origin); } else { console.warn('unhandled port message ' + JSON.stringify(msg)); } }, }; return port; } else { return nativeRuntime.connect.bind(chrome.runtime)(extensionId, connectInfo); } }; } injectMessagePort(); })();</span></div><div class="line"><span class="html-tag">&lt;/script&gt;</span></div></div><div class="collapsed hidden"><div class="line"><span class="button expand-button"></span><span class="html-tag">&lt;script&gt;</span><span class="text">...</span><span class="html-tag">&lt;/script&gt;</span></div></div></div><div class="line"><span class="html-tag">&lt;script/&gt;</span></div><span class="text"></span><div class="line"><span class="html-tag">&lt;s:exception&gt;</span><span class="text">Sabre\DAV\Exception\NotFound</span><span class="html-tag">&lt;/s:exception&gt;</span></div><span class="text"></span><div class="line"><span class="html-tag">&lt;s:message&gt;</span><span class="text">Node with name 'personal' could not be found</span><span class="html-tag">&lt;/s:message&gt;</span></div><span class="text"></span></div><div class="line"><span class="html-tag">&lt;/d:error&gt;</span></div></div><div class="collapsed hidden"><div class="line"><span class="button expand-button"></span><span class="html-tag">&lt;d:error<span class="html-attribute"><span> </span><span class="html-attribute-name">xmlns:d</span>="<span class="html-attribute-value">DAV:</span>"</span><span class="html-attribute"><span> </span><span class="html-attribute-name">xmlns:s</span>="<span class="html-attribute-value">http://sabredav.org/ns</span>"</span>&gt;</span><span class="text">...</span><span class="html-tag">&lt;/d:error&gt;</span></div></div></div></div>

Log server:
(when I attempt to connect with Thunderbird)
address_ipv4 - userid [19/Dec/2018:20:33:38 +0100] "GET /remote.php/dav/calendars/userid/personal/ HTTP/2.0" 503 0 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1 Lightning/6.2.2.1"
Error 503!

someone can confirm?

For me it’s working.
Ubuntu 18.04
Nc 15.0.0
Php 7.2
Postgresql

@Nemskiller: explain, please!?

how do you configure your calendar on Thunderbird?
i use Calendar with Thunderbird - v 60.2.1 - on OpenBSD 6.4.

Menu ‘New Calendar’
Window ‘Create a new calendar’, I choose ‘On the network’ option. [Next]
‘iCalendar (ICS)’.
Location: https://mydomain.net/remote.php/dav/calendars/myuserid/personal/
[Next]

And thunderbird ask your userid and password.
And, it’s all. Isnt-it?!


Just for information, i’ve use same MUA to sync Calendars and Cardbooks with baïkal server on other mine subdomain. It’s work since one year, quasi!

I want tested with NC to replace definitively baïkal server.

Ok, today: I understand, it’s not ‘iCalendar (ICS)’ but normally ‘Caldav’ choice.

I setted a personal security device into menu ‘Settings’ > ‘Security’ : Devices and Sessions with name ‘Thunderbird’.

And into Thunderbird, when i config new Calendar, i use the app password with my userid.

But, l have always error 503 in my log server:
88.136.16.221 - userid [20/Dec/2018:19:54:56 +0100] "PROPFIND /remote.php/dav/calendars/userid/personal/ HTTP/2.0" 503 0 "-" "Mozilla/5.0 (X11; OpenBSD amd64; rv:60.0) Gecko/20100101 Thunderbird/60.2.1 Lightning/6.2.2.1"

any idea?

It looks like you are running into https://github.com/nextcloud/server/issues/10134#issuecomment-411322692

@jospoortvliet Should we include a link to that workaround in our release notes till this issue is fixed?

1 Like

Yes, this resolve my problem.

@georgehrke: thank you! :smiley:


ATTENTION: my connexion with baïkal not suffers this problem!
(calendar and cardbook run correctly)