[Bug]: Passwordless login does not work anymore #37396
Description
⚠️ This issue respects the following points: ⚠️
- This is a bug, not a question or a configuration/webserver/proxy issue.
- This issue is not already reported on Github (I've searched it).
- Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
- Nextcloud Server is running on 64bit capable CPU, PHP and OS.
- I agree to follow Nextcloud's Code of Conduct.
Bug description
FIDO2 login via "Mit einem Gerät anmelden" does not work anymore.
FIDO-Stick blinks as expected, after touching it, the login process is stuck at https://nextcloud.mysecretdomain.de/login?clear=1
It did work before updating via docker image.
Steps to reproduce
- Go to login page
- Click "Mit einem Gerät anmelden "
- Touch blinking FIDO device
- Be stuck in
... /login?clear=1
Expected behavior
Login by touching FIDO device.
Installation method
Community Docker image
Operating system
Debian/Ubuntu
PHP engine version
None
Web server
None
Database engine version
None
Is this bug present after an update or on a fresh install?
None
Are you using the Nextcloud Server Encryption module?
None
What user-backends are you using?
- Default user-backend (database)
- LDAP/ Active Directory
- SSO - SAML
- Other
Configuration report
{
"system": {
"htaccess.RewriteBase": "\/",
"memcache.local": "\\OC\\Memcache\\APCu",
"apps_paths": [
{
"path": "\/var\/www\/html\/apps",
"url": "\/apps",
"writable": false
},
{
"path": "\/var\/www\/html\/custom_apps",
"url": "\/custom_apps",
"writable": true
}
],
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": {
"0": "nextcloud.ylde.de:443",
"1": "localhost:8080",
"3": "192.168.188.67",
"4": "172.17.0.1",
"5": "127.0.0.1"
},
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"dbtype": "mysql",
"version": "26.0.0.11",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"maintenance": false,
"theme": "",
"loglevel": "2",
"log_rotate_size": 104857600,
"data-fingerprint": "b7cb40d9a3957a8f9f0b691fa7144781",
"mail_smtpmode": "smtp",
"mail_smtpsecure": "tls",
"mail_sendmailmode": "smtp",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_smtpauthtype": "LOGIN",
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "587",
"mail_smtpauth": 1,
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"trashbin_retention_obligation": "auto, 1",
"app_install_overwrite": [
"contacts",
"bruteforcesettings",
"spreed",
"whiteboard"
],
"overwritehost": "nextcloud.ylde.de",
"overwriteprotocol": "https",
"overwritewebroot": "\/",
"overwrite.cli.url": "https:\/\/nextcloud.ylde.de",
"trusted_proxies": "***REMOVED SENSITIVE VALUE***",
"default_phone_region": "DE",
"enable_previews": true,
"enabledPreviewProviders": [
"OC\\Preview\\Movie",
"OC\\Preview\\PNG",
"OC\\Preview\\JPEG",
"OC\\Preview\\GIF",
"OC\\Preview\\BMP",
"OC\\Preview\\XBitmap",
"OC\\Preview\\MP3",
"OC\\Preview\\MP4",
"OC\\Preview\\TXT",
"OC\\Preview\\MarkDown"
],
"debug": "false",
"log_type": "errorlog"
}
}List of activated Apps
Enabled:
- activity: 2.18.0
- admin_audit: 1.16.0
- bruteforcesettings: 2.6.0
- calendar: 4.3.1
- circles: 26.0.0
- cloud_federation_api: 1.9.0
- comments: 1.16.0
- contacts: 5.2.0
- dashboard: 7.6.0
- dav: 1.25.0
- eidlogin: 1.0.12
- federatedfilesharing: 1.16.0
- federation: 1.16.0
- files: 1.21.1
- files_pdfviewer: 2.7.0
- files_rightclick: 1.5.0
- files_sharing: 1.18.0
- files_trashbin: 1.16.0
- files_versions: 1.19.1
- firstrunwizard: 2.15.0
- logreader: 2.11.0
- lookup_server_connector: 1.14.0
- nextcloud_announcements: 1.15.0
- notifications: 2.14.0
- oauth2: 1.14.0
- password_policy: 1.16.0
- photos: 2.2.0
- privacy: 1.10.0
- provisioning_api: 1.16.0
- related_resources: 1.1.0-alpha1
- serverinfo: 1.16.0
- settings: 1.8.0
- sharebymail: 1.16.0
- spreed: 16.0.1
- systemtags: 1.16.0
- text: 3.7.2
- theming: 2.1.1
- twofactor_backupcodes: 1.15.0
- updatenotification: 1.16.0
- user_status: 1.6.0
- viewer: 1.10.0
- weather_status: 1.6.0
- workflowengine: 2.8.0
Disabled:
- contactsinteraction: 1.7.0 (installed 1.4.0)
- encryption: 2.14.0
- files_external: 1.18.0
- recommendations: 1.5.0 (installed 1.4.0)
- support: 1.9.0 (installed 1.1.0)
- survey_client: 1.14.0 (installed 1.6.0)
- suspicious_login: 4.4.0
- twofactor_totp: 8.0.0-alpha.0 (installed 4.1.3)
- user_ldap: 1.16.0Nextcloud Signing status
No errors have been found.Nextcloud Logs
No response
Additional info
Usage of NC server via docker-compose.yml
...
app:
image: nextcloud:latest
...
I update NC regularly (daily basis), however, I'm not sure if the bug was introduced with 747e2718e98f, 1ab67f263045 or before.