Can't register or login with an U2F key on Firefox

[kilaketia]

Steps to reproduce

1. Go on security tab
2. Try to register an U2F key

or

1. Login on nextcloud
2. Use a backup code or another 2FA method because it's says "Sign Failed" for U2F key

Expected behaviour

Tell us what should happen

Press the register button, nextcloud ask to press the key, user have to put a name for the key.

User try to login, nextcloud ask to press the key, user press the key and the user is logged.

Actual behaviour

Tell us what happens instead

Press the register button, nextcloud don't ask to press the key, user can put a name but the apply button don't work.

User try to login but he is stuck with a "Sign failed" error when he have to press the key.

Server configuration

Operating system: Debian 10

Web server: Apache/2.4.38-3

Database: MariaDB/10.3.18-0

PHP version: PHP 7.3.11-1

Version: (see admin page) 18.0.0

Updated from an older version or fresh install: fresh install

List of activated apps:

- accessibility: 1.4.0
  - activity: 2.11.0
  - calendar: 2.0.1
  - cloud_federation_api: 1.1.0
  - comments: 1.8.0
  - contacts: 3.1.8
  - dav: 1.14.0
  - documentserver_community: 0.1.3
  - federatedfilesharing: 1.8.0
  - federation: 1.8.0
  - files: 1.13.1
  - files_pdfviewer: 1.7.0
  - files_rightclick: 0.15.2
  - files_sharing: 1.10.1
  - files_trashbin: 1.8.0
  - files_versions: 1.11.0
  - files_videoplayer: 1.7.0
  - firstrunwizard: 2.7.0
  - logreader: 2.3.0
  - lookup_server_connector: 1.6.0
  - mail: 1.1.1
  - nextcloud_announcements: 1.7.0
  - notifications: 2.6.0
  - oauth2: 1.6.0
  - onlyoffice: 4.1.4
  - password_policy: 1.8.0
  - photos: 1.0.0
  - privacy: 1.2.0
  - provisioning_api: 1.8.0
  - recommendations: 0.6.0
  - serverinfo: 1.8.0
  - settings: 1.0.0
  - sharebymail: 1.8.0
  - support: 1.1.0
  - survey_client: 1.6.0
  - systemtags: 1.8.0
  - text: 2.0.0
  - theming: 1.9.0
  - twofactor_backupcodes: 1.7.0
  - twofactor_u2f: 5.0.2
  - updatenotification: 1.8.0
  - viewer: 1.2.0
  - workflowengine: 2.0.0

The content of config/config.php:

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "192.168.69.246"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "18.0.0.10",
        "overwrite.cli.url": "https:\/\/192.168.69.246",
        "htaccess.RewriteBase": "\/",
        "overwriteprotocol": "https",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true
    }
}

Client configuration

Browser: Firefox 72

Operating system: Arch Linux / Windows 10

Logs

Browser log

On login :

On register :

[ChristophWurst]

Do you use more than one domain/IP for your Nextcloud?

The error 2 indicates something's wrong with the appID https://developers.yubico.com/U2F/Libraries/Client_error_codes.html. I'm not sure if it can work with IP. You might need a domain.

[kilaketia]

One IP for now, will test again with a domain later that week.

[strugee]

Duplicate of #342 - see #554 (comment) (which is also a duplicate of #342) for why. tl;Dr Firefox does not support the U2F API.

If I'm missing something comment and we can reopen :-)

[ChristophWurst]

tl;Dr Firefox does not support the U2F API.

See #554 (comment). It actually does.

[kilaketia]

My bad, it does work well with a domain but not with an IP.

Thanks for the heads up !