Passwordless authentication is not Working in Firefox at all, I cant add any tokens to any account.
U2F is working fine in Firefox.
There are HTTP 500 Errors logged for example.com/settings/api/personal/webauthn/registration
Using Google Chrome, adding keys is working like expected on some accounts, on others, after clicking on add WebAuthn device, nothing is happening, and adding the key dont works. On accounts where this is the Case, there are HTTP 403 Errors logged for example.com/settings/api/personal/webauthn/registration, and in the Nextcloud Logs is nothing logged.
[/details]
Nextcloud version (eg, 18.0.2): 19.0.0
Operating system and version (eg, Ubuntu 20.04): Ubuntu 20.04 LTS
Apache or nginx version (eg, Apache 2.4.25): 2.4.41
PHP version (eg, 7.1): 7.4
The issue you are facing:
Is this the first time you’ve seen this error? (Y/N):Y
Steps to replicate it:
- Log in to Account with Firefox Browser
- Try to add a token for Passwordless authentication
The output of your Nextcloud log in Admin > Logging:
{"reqId":"*****","level":3,"time":"2020-06-28T23:14:57+00:00","remoteAddr":"*****","user":"*****","app":"index","method":"POST","url":"/settings/api/personal/webauthn/registration","message":{"Exception":"Assert\\InvalidArgumentException","Message":"The attestation statement format \"packed\" is not supported.","Code":32,"Trace":[{"file":"/var/www/nextcloud/3rdparty/beberlei/assert/lib/Assert/Assertion.php","line":1769,"function":"createException","class":"Assert\\Assertion","type":"::"},{"file":"/var/www/nextcloud/3rdparty/web-auth/webauthn-lib/src/AttestationStatement/AttestationStatementSupportManager.php","line":37,"function":"true","class":"Assert\\Assertion","type":"::"},{"file":"/var/www/nextcloud/3rdparty/web-auth/webauthn-lib/src/AttestationStatement/AttestationObjectLoader.php","line":83,"function":"get","class":"Webauthn\\AttestationStatement\\AttestationStatementSupportManager","type":"->"},{"file":"/var/www/nextcloud/3rdparty/web-auth/webauthn-lib/src/PublicKeyCredentialLoader.php","line":120,"function":"load","class":"Webauthn\\AttestationStatement\\AttestationObjectLoader","type":"->"},{"file":"/var/www/nextcloud/3rdparty/web-auth/webauthn-lib/src/PublicKeyCredentialLoader.php","line":80,"function":"createResponse","class":"Webauthn\\PublicKeyCredentialLoader","type":"->"},{"file":"/var/www/nextcloud/3rdparty/web-auth/webauthn-lib/src/PublicKeyCredentialLoader.php","line":107,"function":"loadArray","class":"Webauthn\\PublicKeyCredentialLoader","type":"->"},{"file":"/var/www/nextcloud/lib/private/Authentication/WebAuthn/Manager.php","line":147,"function":"load","class":"Webauthn\\PublicKeyCredentialLoader","type":"->"},{"file":"/var/www/nextcloud/apps/settings/lib/Controller/WebAuthnController.php","line":101,"function":"finishRegister","class":"OC\\Authentication\\WebAuthn\\Manager","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":170,"function":"finishRegistration","class":"OCA\\Settings\\Controller\\WebAuthnController","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php","line":100,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/App.php","line":137,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->"},{"file":"/var/www/nextcloud/lib/private/AppFramework/Routing/RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::"},{"function":"__invoke","class":"OC\\AppFramework\\Routing\\RouteActionHandler","type":"->"},{"file":"/var/www/nextcloud/lib/private/Route/Router.php","line":297,"function":"call_user_func"},{"file":"/var/www/nextcloud/lib/base.php","line":1007,"function":"match","class":"OC\\Route\\Router","type":"->"},{"file":"/var/www/nextcloud/index.php","line":37,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/nextcloud/3rdparty/beberlei/assert/lib/Assert/Assertion.php","Line":2752,"CustomMessage":"--"},"userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0","version":"19.0.0.12","id":"5ef9247c51a08"}
The output of your config.php file in /path/to/nextcloud
(make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'passwordsalt' => '*****',
'secret' => '*****',
'trusted_domains' =>
array (
0 => '*****',
),
'trusted_proxies' =>
array (
0 => '*****',
),
'datadirectory' => '*****',
'dbtype' => 'mysql',
'version' => '19.0.0.12',
'overwrite.cli.url' => '*****',
'htaccess.RewriteBase' => '/',
'dbname' => '*****',
'dbhost' => '*****',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => '*****',
'dbpassword' => '*****',
'installed' => true,
'instanceid' => '*****',
'memcache.local' => '\\OC\\Memcache\\APCu',
'memcache.distributed' => '\\OC\\Memcache\\Redis',
'memcache.locking' => '\\OC\\Memcache\\Redis',
'redis' =>
array (
'host' => '*****',
'port' => *****,
'dbindex' => 0,
'password' => '*****'
),
'mail_smtpmode' => '*****',
'mail_smtpsecure' => '*****,
'mail_sendmailmode' => '*****',
'mail_from_address' => '*****',
'mail_domain' => '*****',
'mail_smtpauthtype' => '*****',
'mail_smtpauth' => ******,
'mail_smtphost' => '*****',
'mail_smtpport' => '*****',
'mail_smtpname' => '******',
'mail_smtppassword' => '*****',
'maintenance' => false,
'twofactor_enforced' => 'true',
'twofactor_enforced_groups' =>
array (
),
'twofactor_enforced_excluded_groups' =>
array (
),
);