Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fido2 authentication not working when on MySQL #1107

Closed
jgomer2001 opened this issue Mar 25, 2022 · 2 comments
Closed

Fido2 authentication not working when on MySQL #1107

jgomer2001 opened this issue Mar 25, 2022 · 2 comments
Assignees
@jgomer2001
Labels
comp-jans-fido2 Component affected by issue or PR needs-triage Issue or PR yet to be triaged. Add more labels or details that will help during triage review.
Milestone
1.1.3

Comments

@jgomer2001
Copy link
Contributor

jgomer2001 commented Mar 25, 2022
edited
Loading

Two weeks ago, authentication was working fine with fido2 after properly widening a column, see #1044

A couple of days ago it started to fail again (in both VM and CN environments). Some findings:

  • No errors shown in fido2.log despite the authentication failure. Strangely, this log contains persistence-related statements which should be in fido2_persistence.log instead. The persistence log remains empty all the time.
  • The only interesting log message is found in jans-auth_script log: Fido2. Authenticate for step 2. Get invalid authentication status from Fido2 server
  • I added a print authenticationStatusEntity to fido2 script and this is the output after formatting:
 "cause2":"Failed to build search entries query. Key: 'people', expression: 'doc.jansCodeChallenge = obYFDiMssezrEN3LQBGT0_k1diSXvcFTI-xIIb3-iZ8'",
 "cause1":"io.jans.orm.exception.EntryPersistenceException: Failed to find entries with key: 'people'",
 "servlet":"io.jans.fido2.service.app.ResteasyInitializer",
 "cause4":"java.sql.SQLSyntaxErrorException: Unknown column 'doc.jansCodeChallengeHash' in 'field list'",
 "cause3":"com.querydsl.core.QueryException: Caught SQLSyntaxErrorException for select doc.jansStatus, doc.jansCodeChallengeHash, doc.jansAuthData, doc.jansCodeChallenge, doc.jansId, doc.creationDate, doc.personInum, doc.dn, doc.doc_id\nfrom gluu.jansFido2AuthnEntry doc\nwhere doc.jansCodeChallenge = ?\norder by creationDate asc",
 "cause0":"org.jboss.resteasy.spi.UnhandledException: io.jans.orm.exception.EntryPersistenceException: Failed to find entries with key: 'people'",
 "message":"org.jboss.resteasy.spi.UnhandledException: io.jans.orm.exception.EntryPersistenceException: Failed to find entries with key: 'people'",
 "url":"/jans-fido2/restv1/assertion/result",
 "status":"500"

The above means:

  • something is off in fido2 logging. I opened an issue in this regard
  • There is usage of non existing column jansCodeChallengeHash in jansFido2AuthnEntry. I checked the history of bean io.jans.fido2.model.entry.Fido2Entry and it contains a field for challengeHash which has been there from the initial commit of the file. I cannot explain why we see this error only until now. The challengeHash should be part of bean Fido2RegistrationEntry only I suppose.

To make my tests quicker, I simply added the column to table jansFido2AuthnEntry but again found the problem of issue #1044 (data too long). I opened a separate issue because column jansAuthData needs better sizing.
@jgomer2001 jgomer2001 added comp-jans-fido2 Component affected by issue or PR needs-triage Issue or PR yet to be triaged. Add more labels or details that will help during triage review. labels Mar 25, 2022
maduvena added a commit that referenced this issue Apr 5, 2022
@maduvena
fix: Data too long for column #1107
8eb2c70
maduvena added a commit that referenced this issue Apr 5, 2022
@maduvena
fix: #1107 jansCodeChallengeHash missing
65ac184
@maduvena maduvena mentioned this issue Apr 5, 2022
Merged
5 tasks
@jgomer2001 jgomer2001 mentioned this issue Apr 20, 2022
Closed
@jgomer2001 jgomer2001 reopened this Apr 20, 2022
@jgomer2001 jgomer2001 assigned jgomer2001 and unassigned yurem Apr 20, 2022
@jgomer2001
Copy link
Contributor Author

jgomer2001 commented Apr 20, 2022
edited
Loading

There are serious problems with this fix. I'll take a look

jgomer2001 added a commit that referenced this issue Apr 22, 2022
@jgomer2001
fix: adjust beans and schema #1107
34469c5
@jgomer2001 jgomer2001 mentioned this issue Apr 22, 2022
Merged
yurem pushed a commit that referenced this issue Apr 22, 2022
@jgomer2001
fix: adjust beans and schema #1107 (#1248)
369129d
@mo-auto mo-auto mentioned this issue May 18, 2022
Merged
This was referenced May 18, 2022
Merged
Merged
@moabu moabu added this to the 1.0.1 milestone Jun 15, 2022
@moabu moabu modified the milestones: 1.0.1, 1.0.2 Jul 8, 2022
@moabu moabu modified the milestones: 1.0.2, 1.0.3 Aug 30, 2022
@moabu moabu modified the milestones: 1.0.3, 1.0.4 Nov 3, 2022
@moabu moabu modified the milestones: 1.0.4, 1.0.5 Nov 14, 2022
@moabu moabu modified the milestones: 1.0.5, 1.0.6 Dec 1, 2022
@moabu moabu added this to the 1.0.11 milestone Mar 16, 2023
@moabu moabu modified the milestones: 1.0.11, 1.0.12 Apr 5, 2023
@moabu moabu modified the milestones: 1.0.12, 1.0.13 Apr 18, 2023
@moabu moabu modified the milestones: 1.0.13, 1.0.14 May 10, 2023
@moabu moabu modified the milestones: 1.0.14, 1.0.15 Jun 20, 2023
@moabu moabu modified the milestones: 1.0.15, 1.0.16 Jul 12, 2023
@moabu moabu modified the milestones: 1.0.16, 1.0.17 Aug 2, 2023
@moabu moabu modified the milestones: 1.0.17, 1.0.18 Sep 18, 2023
@moabu moabu modified the milestones: 1.0.18, 1.0.21 Nov 22, 2023
@moabu moabu modified the milestones: 1.0.21, 1.0.22 Dec 14, 2023
@moabu moabu modified the milestones: 1.0.22, 1.0.23 Feb 1, 2024
@moabu moabu modified the milestones: 1.1.0, 1.1.1 Mar 14, 2024
@moabu moabu modified the milestones: 1.1.1, 1.1.2 May 1, 2024
@moabu moabu modified the milestones: 1.1.2, 1.1.3 May 29, 2024
@jgomer2001 jgomer2001 mentioned this issue Jun 11, 2024
Closed
@jgomer2001
Copy link
Contributor Author

It is working now with 1.1.3-snapshot deb package in FF and chrome

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jgomer2001 jgomer2001

Labels
comp-jans-fido2 Component affected by issue or PR needs-triage Issue or PR yet to be triaged. Add more labels or details that will help during triage review.
Projects
None yet
Milestone
1.1.3
Development

No branches or pull requests
3 participants
@jgomer2001 @yurem @moabu