Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Passwordless WebAuthn with Nitrokey 3 does not work #34476

Closed
6 of 9 tasks
hase77 opened this issue Oct 8, 2022 · 19 comments · Fixed by #47240
Closed
6 of 9 tasks

Passwordless WebAuthn with Nitrokey 3 does not work #34476

hase77 opened this issue Oct 8, 2022 · 19 comments · Fixed by #47240
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap 26-feedback bug feature: authentication

Comments

@hase77
Copy link

hase77 commented Oct 8, 2022

⚠️ This issue respects the following points: ⚠️

  • This is a bug, not a question or a configuration/webserver/proxy issue.
  • This issue is not already reported on Github (I've searched it).
  • Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
  • Nextcloud Server is running on 64bit capable CPU, PHP and OS.
  • I agree to follow Nextcloud's Code of Conduct.

Bug description

Tried to setup password-less webauthn with a new Nitrokey 3 results in an exception:
OC\DB\Exceptions\DbalException: An exception occurred while executing a query: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'public_key_credential_id' at row 1

Steps to reproduce

  1. Go to settings and security
  2. Select Add WebAuthn Device for Passwordless Authentication
  3. Enter pin and press button on device
  4. Enter name and press.
  5. Get an endless waiting circle without error message

Expected behavior

Nextcloud would add the new webauthn device or shows a error message at least.

Installation method

Community Docker image

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.0

Web server

Apache (supported)

Database engine version

MariaDB

Is this bug present after an update or on a fresh install?

Updated to a major version (ex. 22.2.3 to 23.0.1)

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

  • Default user-backend (database)
  • LDAP/ Active Directory
  • SSO - SAML
  • Other

Configuration report

{
    "system": {
        "htaccess.RewriteBase": "\/",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "apps_paths": [
            {
                "path": "\/var\/www\/html\/apps",
                "url": "\/apps",
                "writable": false
            },
            {
                "path": "\/var\/www\/html\/custom_apps",
                "url": "\/custom_apps",
                "writable": true
            }
        ],
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "password": "***REMOVED SENSITIVE VALUE***",
            "port": 6379
        },
        "overwriteprotocol": "https",
        "trusted_proxies": "***REMOVED SENSITIVE VALUE***",
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "xxx.xxx.xxx"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "dbtype": "mysql",
        "version": "24.0.6.1",
        "overwrite.cli.url": "https:\/\/xxx.xxx.xxx",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbport": "",
        "dbtableprefix": "oc_",
        "mysql.utf8mb4": true,
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "installed": true,
        "mail_smtpmode": "smtp",
        "mail_smtpsecure": "ssl",
        "mail_sendmailmode": "smtp",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "465",
        "mail_smtpauth": 1,
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "default_phone_region": "de",
        "loglevel": 2,
        "maintenance": false
    }
}

List of activated Apps

Enabled:
  - accessibility: 1.10.0
  - activity: 2.16.0
  - bruteforcesettings: 2.4.0
  - circles: 24.0.1
  - cloud_federation_api: 1.7.0
  - comments: 1.14.0
  - contactsinteraction: 1.5.0
  - dav: 1.22.0
  - federatedfilesharing: 1.14.0
  - federation: 1.14.0
  - files: 1.19.0
  - files_external: 1.16.1
  - files_pdfviewer: 2.5.0
  - files_rightclick: 1.3.0
  - files_sharing: 1.16.2
  - files_trashbin: 1.14.0
  - files_versions: 1.17.0
  - files_videoplayer: 1.13.0
  - firstrunwizard: 2.13.0
  - logreader: 2.9.0
  - lookup_server_connector: 1.12.0
  - nextcloud_announcements: 1.13.0
  - notifications: 2.12.1
  - oauth2: 1.12.0
  - password_policy: 1.14.0
  - photos: 1.6.0
  - privacy: 1.8.0
  - provisioning_api: 1.14.0
  - recommendations: 1.3.0
  - serverinfo: 1.14.0
  - settings: 1.6.0
  - sharebymail: 1.14.0
  - support: 1.7.0
  - survey_client: 1.12.0
  - systemtags: 1.14.0
  - text: 3.5.1
  - theming: 1.15.0
  - twofactor_backupcodes: 1.13.0
  - updatenotification: 1.14.0
  - user_status: 1.4.0
  - viewer: 1.8.0
  - workflowengine: 2.6.0
Disabled:
  - admin_audit
  - dashboard: 7.3.0
  - encryption
  - twofactor_webauthn: 0.3.3
  - user_ldap
  - weather_status: 1.4.0

Nextcloud Signing status

No errors have been found.

Nextcloud Logs

{"reqId":"Ckpd6o14fZSJxAz3LRjZ","level":3,"time":"2022-10-08T08:15:32+00:00","remoteAddr":"2a02:8108:9140:2800:25:9f63:2411:cacb","user":"Sebastian","app":"index","method":"POST","url":"/settings/api/personal/webauthn/registration","message":"An exception occurred while executing a query: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'public_key_credential_id' at row 1","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0","version":"24.0.6.1","exception":{"Exception":"OC\\DB\\Exceptions\\DbalException","Message":"An exception occurred while executing a query: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'public_key_credential_id' at row 1","Code":1406,"Trace":[{"file":"/var/www/html/lib/private/DB/QueryBuilder/QueryBuilder.php","line":329,"function":"wrap","class":"OC\\DB\\Exceptions\\DbalException","type":"::","args":[{"__class__":"Doctrine\\DBAL\\Exception\\DriverException"}]},{"file":"/var/www/html/lib/public/AppFramework/Db/QBMapper.php","line":139,"function":"executeStatement","class":"OC\\DB\\QueryBuilder\\QueryBuilder","type":"->","args":[]},{"file":"/var/www/html/lib/public/AppFramework/Db/QBMapper.php","line":164,"function":"insert","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->","args":[{"__class__":"OC\\Authentication\\WebAuthn\\Db\\PublicKeyCredentialEntity","id":null}]},{"file":"/var/www/html/lib/private/Authentication/WebAuthn/CredentialRepository.php","line":88,"function":"insertOrUpdate","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->","args":[{"__class__":"OC\\Authentication\\WebAuthn\\Db\\PublicKeyCredentialEntity","id":null}]},{"file":"/var/www/html/lib/private/Authentication/WebAuthn/Manager.php","line":171,"function":"saveAndReturnCredentialSource","class":"OC\\Authentication\\WebAuthn\\CredentialRepository","type":"->","args":[{"__class__":"Webauthn\\PublicKeyCredentialSource"},"Nitro"]},{"file":"/var/www/html/apps/settings/lib/Controller/WebAuthnController.php","line":103,"function":"finishRegister","class":"OC\\Authentication\\WebAuthn\\Manager","type":"->","args":[{"__class__":"Webauthn\\PublicKeyCredentialCreationOptions"},"Nitro","{\"id\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"rawId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==\",\"response\":{\"clientDataJSON\":\"eyJjaGFsbGVuZ2UiOiJ0cloySVlVckhrMkdPek5zTURuNzJxbUtMV01lQjNzWkowX3ltc0tjYnlrIiwib3JpZ2luIjoiaHR0cHM6Ly9jbG91ZC5oYXNlLmRldiIsInR5cGUiOiJ3ZWJhdXRobi5jcmVhdGUifQ==\",\"attestationObject\":\"o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVkBSH3NTuTo9Vi7AOKyK2W8z4G83ZMDtSRv4vrrs/w7rjaXRQAAAAcAAAAAAAAAAAAAAAAAAAAAAMSjAFignGtcgnKsUpQQ9rQtUQy3QUQHkiEA1HnqlQauIneg+mo74hWlr8kueJYYNUOt3JnV049yigN93pqABa1AFcUpbZkZbIzOM6Ker7WYySM2Q3moAafNzNgtU1I0HR0u2dM3gW8UqFViote7r7b/kfSbFqbaz1hLsD5lw7qGcNkXa+MkN8WuPEDwA/Ub6KiggMqC9igb+8aLNrS1FC3B6RahZQFMMmm42a759bHYqPgxAlCrx3NtYOnKA3rG29QlmRi6pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg+jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y=\"}}"]},{"file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","line":225,"function":"finishRegistration","class":"OCA\\Settings\\Controller\\WebAuthnController","type":"->","args":["Nitro","{\"id\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"rawId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==\",\"response\":{\"clientDataJSON\":\"eyJjaGFsbGVuZ2UiOiJ0cloySVlVckhrMkdPek5zTURuNzJxbUtMV01lQjNzWkowX3ltc0tjYnlrIiwib3JpZ2luIjoiaHR0cHM6Ly9jbG91ZC5oYXNlLmRldiIsInR5cGUiOiJ3ZWJhdXRobi5jcmVhdGUifQ==\",\"attestationObject\":\"o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVkBSH3NTuTo9Vi7AOKyK2W8z4G83ZMDtSRv4vrrs/w7rjaXRQAAAAcAAAAAAAAAAAAAAAAAAAAAAMSjAFignGtcgnKsUpQQ9rQtUQy3QUQHkiEA1HnqlQauIneg+mo74hWlr8kueJYYNUOt3JnV049yigN93pqABa1AFcUpbZkZbIzOM6Ker7WYySM2Q3moAafNzNgtU1I0HR0u2dM3gW8UqFViote7r7b/kfSbFqbaz1hLsD5lw7qGcNkXa+MkN8WuPEDwA/Ub6KiggMqC9igb+8aLNrS1FC3B6RahZQFMMmm42a759bHYqPgxAlCrx3NtYOnKA3rG29QlmRi6pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg+jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y=\"}}"]},{"file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","line":133,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Settings\\Controller\\WebAuthnController"},"finishRegistration"]},{"file":"/var/www/html/lib/private/AppFramework/App.php","line":172,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Settings\\Controller\\WebAuthnController"},"finishRegistration"]},{"file":"/var/www/html/lib/private/Route/Router.php","line":298,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\Settings\\Controller\\WebAuthnController","finishRegistration",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},["settings.WebAuthn.finishRegistration"]]},{"file":"/var/www/html/lib/base.php","line":1030,"function":"match","class":"OC\\Route\\Router","type":"->","args":["/settings/api/personal/webauthn/registration"]},{"file":"/var/www/html/index.php","line":36,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"/var/www/html/lib/private/DB/Exceptions/DbalException.php","Line":71,"Previous":{"Exception":"Doctrine\\DBAL\\Exception\\DriverException","Message":"An exception occurred while executing a query: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'public_key_credential_id' at row 1","Code":1406,"Trace":[{"file":"/var/www/html/3rdparty/doctrine/dbal/src/Connection.php","line":1780,"function":"convert","class":"Doctrine\\DBAL\\Driver\\API\\MySQL\\ExceptionConverter","type":"->","args":[{"__class__":"Doctrine\\DBAL\\Driver\\PDO\\Exception"},{"__class__":"Doctrine\\DBAL\\Query"}]},{"file":"/var/www/html/3rdparty/doctrine/dbal/src/Connection.php","line":1719,"function":"handleDriverException","class":"Doctrine\\DBAL\\Connection","type":"->","args":[{"__class__":"Doctrine\\DBAL\\Driver\\PDO\\Exception"},{"__class__":"Doctrine\\DBAL\\Query"}]},{"file":"/var/www/html/3rdparty/doctrine/dbal/src/Connection.php","line":1173,"function":"convertExceptionDuringQuery","class":"Doctrine\\DBAL\\Connection","type":"->","args":[{"__class__":"Doctrine\\DBAL\\Driver\\PDO\\Exception"},"INSERT INTO `oc_webauthn` (`name`, `uid`, `public_key_credential_id`, `data`) VALUES(?, ?, ?, ?)",["Nitro","Sebastian","owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==","{\"publicKeyCredentialId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"transports\":[],\"attestationType\":\"none\",\"trustPath\":{\"type\":\"Webauthn\\\\TrustPath\\\\EmptyTrustPath\"},\"aaguid\":\"00000000-0000-0000-0000-000000000000\",\"credentialPublicKey\":\"pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg-jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y\",\"userHandle\":\"U2ViYXN0aWFu\",\"counter\":7,\"otherUI\":null}"],[2,2,2,2]]},{"file":"/var/www/html/lib/private/DB/Connection.php","line":294,"function":"executeStatement","class":"Doctrine\\DBAL\\Connection","type":"->","args":["INSERT INTO `oc_webauthn` (`name`, `uid`, `public_key_credential_id`, `data`) VALUES(?, ?, ?, ?)",["Nitro","Sebastian","owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==","{\"publicKeyCredentialId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"transports\":[],\"attestationType\":\"none\",\"trustPath\":{\"type\":\"Webauthn\\\\TrustPath\\\\EmptyTrustPath\"},\"aaguid\":\"00000000-0000-0000-0000-000000000000\",\"credentialPublicKey\":\"pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg-jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y\",\"userHandle\":\"U2ViYXN0aWFu\",\"counter\":7,\"otherUI\":null}"],[2,2,2,2]]},{"file":"/var/www/html/3rdparty/doctrine/dbal/src/Query/QueryBuilder.php","line":354,"function":"executeStatement","class":"OC\\DB\\Connection","type":"->","args":["INSERT INTO `oc_webauthn` (`name`, `uid`, `public_key_credential_id`, `data`) VALUES(:dcValue1, :dcValue2, :dcValue3, :dcValue4)",["Nitro","Sebastian","owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==","{\"publicKeyCredentialId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"transports\":[],\"attestationType\":\"none\",\"trustPath\":{\"type\":\"Webauthn\\\\TrustPath\\\\EmptyTrustPath\"},\"aaguid\":\"00000000-0000-0000-0000-000000000000\",\"credentialPublicKey\":\"pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg-jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y\",\"userHandle\":\"U2ViYXN0aWFu\",\"counter\":7,\"otherUI\":null}"],[2,2,2,2]]},{"file":"/var/www/html/lib/private/DB/QueryBuilder/QueryBuilder.php","line":281,"function":"execute","class":"Doctrine\\DBAL\\Query\\QueryBuilder","type":"->","args":[]},{"file":"/var/www/html/lib/private/DB/QueryBuilder/QueryBuilder.php","line":327,"function":"execute","class":"OC\\DB\\QueryBuilder\\QueryBuilder","type":"->","args":[]},{"file":"/var/www/html/lib/public/AppFramework/Db/QBMapper.php","line":139,"function":"executeStatement","class":"OC\\DB\\QueryBuilder\\QueryBuilder","type":"->","args":[]},{"file":"/var/www/html/lib/public/AppFramework/Db/QBMapper.php","line":164,"function":"insert","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->","args":[{"__class__":"OC\\Authentication\\WebAuthn\\Db\\PublicKeyCredentialEntity","id":null}]},{"file":"/var/www/html/lib/private/Authentication/WebAuthn/CredentialRepository.php","line":88,"function":"insertOrUpdate","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->","args":[{"__class__":"OC\\Authentication\\WebAuthn\\Db\\PublicKeyCredentialEntity","id":null}]},{"file":"/var/www/html/lib/private/Authentication/WebAuthn/Manager.php","line":171,"function":"saveAndReturnCredentialSource","class":"OC\\Authentication\\WebAuthn\\CredentialRepository","type":"->","args":[{"__class__":"Webauthn\\PublicKeyCredentialSource"},"Nitro"]},{"file":"/var/www/html/apps/settings/lib/Controller/WebAuthnController.php","line":103,"function":"finishRegister","class":"OC\\Authentication\\WebAuthn\\Manager","type":"->","args":[{"__class__":"Webauthn\\PublicKeyCredentialCreationOptions"},"Nitro","{\"id\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"rawId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==\",\"response\":{\"clientDataJSON\":\"eyJjaGFsbGVuZ2UiOiJ0cloySVlVckhrMkdPek5zTURuNzJxbUtMV01lQjNzWkowX3ltc0tjYnlrIiwib3JpZ2luIjoiaHR0cHM6Ly9jbG91ZC5oYXNlLmRldiIsInR5cGUiOiJ3ZWJhdXRobi5jcmVhdGUifQ==\",\"attestationObject\":\"o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVkBSH3NTuTo9Vi7AOKyK2W8z4G83ZMDtSRv4vrrs/w7rjaXRQAAAAcAAAAAAAAAAAAAAAAAAAAAAMSjAFignGtcgnKsUpQQ9rQtUQy3QUQHkiEA1HnqlQauIneg+mo74hWlr8kueJYYNUOt3JnV049yigN93pqABa1AFcUpbZkZbIzOM6Ker7WYySM2Q3moAafNzNgtU1I0HR0u2dM3gW8UqFViote7r7b/kfSbFqbaz1hLsD5lw7qGcNkXa+MkN8WuPEDwA/Ub6KiggMqC9igb+8aLNrS1FC3B6RahZQFMMmm42a759bHYqPgxAlCrx3NtYOnKA3rG29QlmRi6pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg+jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y=\"}}"]},{"file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","line":225,"function":"finishRegistration","class":"OCA\\Settings\\Controller\\WebAuthnController","type":"->","args":["Nitro","{\"id\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"rawId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==\",\"response\":{\"clientDataJSON\":\"eyJjaGFsbGVuZ2UiOiJ0cloySVlVckhrMkdPek5zTURuNzJxbUtMV01lQjNzWkowX3ltc0tjYnlrIiwib3JpZ2luIjoiaHR0cHM6Ly9jbG91ZC5oYXNlLmRldiIsInR5cGUiOiJ3ZWJhdXRobi5jcmVhdGUifQ==\",\"attestationObject\":\"o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVkBSH3NTuTo9Vi7AOKyK2W8z4G83ZMDtSRv4vrrs/w7rjaXRQAAAAcAAAAAAAAAAAAAAAAAAAAAAMSjAFignGtcgnKsUpQQ9rQtUQy3QUQHkiEA1HnqlQauIneg+mo74hWlr8kueJYYNUOt3JnV049yigN93pqABa1AFcUpbZkZbIzOM6Ker7WYySM2Q3moAafNzNgtU1I0HR0u2dM3gW8UqFViote7r7b/kfSbFqbaz1hLsD5lw7qGcNkXa+MkN8WuPEDwA/Ub6KiggMqC9igb+8aLNrS1FC3B6RahZQFMMmm42a759bHYqPgxAlCrx3NtYOnKA3rG29QlmRi6pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg+jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y=\"}}"]},{"file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","line":133,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Settings\\Controller\\WebAuthnController"},"finishRegistration"]},{"file":"/var/www/html/lib/private/AppFramework/App.php","line":172,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Settings\\Controller\\WebAuthnController"},"finishRegistration"]},{"file":"/var/www/html/lib/private/Route/Router.php","line":298,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\Settings\\Controller\\WebAuthnController","finishRegistration",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},["settings.WebAuthn.finishRegistration"]]},{"file":"/var/www/html/lib/base.php","line":1030,"function":"match","class":"OC\\Route\\Router","type":"->","args":["/settings/api/personal/webauthn/registration"]},{"file":"/var/www/html/index.php","line":36,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"/var/www/html/3rdparty/doctrine/dbal/src/Driver/API/MySQL/ExceptionConverter.php","Line":114,"Previous":{"Exception":"Doctrine\\DBAL\\Driver\\PDO\\Exception","Message":"SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'public_key_credential_id' at row 1","Code":1406,"Trace":[{"file":"/var/www/html/3rdparty/doctrine/dbal/src/Driver/PDO/Statement.php","line":94,"function":"new","class":"Doctrine\\DBAL\\Driver\\PDO\\Exception","type":"::","args":[{"__class__":"PDOException","errorInfo":["22001",1406,"Data too long for column 'public_key_credential_id' at row 1"]}]},{"file":"/var/www/html/3rdparty/doctrine/dbal/src/Connection.php","line":1163,"function":"execute","class":"Doctrine\\DBAL\\Driver\\PDO\\Statement","type":"->","args":[]},{"file":"/var/www/html/lib/private/DB/Connection.php","line":294,"function":"executeStatement","class":"Doctrine\\DBAL\\Connection","type":"->","args":["INSERT INTO `oc_webauthn` (`name`, `uid`, `public_key_credential_id`, `data`) VALUES(?, ?, ?, ?)",["Nitro","Sebastian","owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==","{\"publicKeyCredentialId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"transports\":[],\"attestationType\":\"none\",\"trustPath\":{\"type\":\"Webauthn\\\\TrustPath\\\\EmptyTrustPath\"},\"aaguid\":\"00000000-0000-0000-0000-000000000000\",\"credentialPublicKey\":\"pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg-jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y\",\"userHandle\":\"U2ViYXN0aWFu\",\"counter\":7,\"otherUI\":null}"],[2,2,2,2]]},{"file":"/var/www/html/3rdparty/doctrine/dbal/src/Query/QueryBuilder.php","line":354,"function":"executeStatement","class":"OC\\DB\\Connection","type":"->","args":["INSERT INTO `oc_webauthn` (`name`, `uid`, `public_key_credential_id`, `data`) VALUES(:dcValue1, :dcValue2, :dcValue3, :dcValue4)",["Nitro","Sebastian","owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==","{\"publicKeyCredentialId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"transports\":[],\"attestationType\":\"none\",\"trustPath\":{\"type\":\"Webauthn\\\\TrustPath\\\\EmptyTrustPath\"},\"aaguid\":\"00000000-0000-0000-0000-000000000000\",\"credentialPublicKey\":\"pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg-jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y\",\"userHandle\":\"U2ViYXN0aWFu\",\"counter\":7,\"otherUI\":null}"],[2,2,2,2]]},{"file":"/var/www/html/lib/private/DB/QueryBuilder/QueryBuilder.php","line":281,"function":"execute","class":"Doctrine\\DBAL\\Query\\QueryBuilder","type":"->","args":[]},{"file":"/var/www/html/lib/private/DB/QueryBuilder/QueryBuilder.php","line":327,"function":"execute","class":"OC\\DB\\QueryBuilder\\QueryBuilder","type":"->","args":[]},{"file":"/var/www/html/lib/public/AppFramework/Db/QBMapper.php","line":139,"function":"executeStatement","class":"OC\\DB\\QueryBuilder\\QueryBuilder","type":"->","args":[]},{"file":"/var/www/html/lib/public/AppFramework/Db/QBMapper.php","line":164,"function":"insert","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->","args":[{"__class__":"OC\\Authentication\\WebAuthn\\Db\\PublicKeyCredentialEntity","id":null}]},{"file":"/var/www/html/lib/private/Authentication/WebAuthn/CredentialRepository.php","line":88,"function":"insertOrUpdate","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->","args":[{"__class__":"OC\\Authentication\\WebAuthn\\Db\\PublicKeyCredentialEntity","id":null}]},{"file":"/var/www/html/lib/private/Authentication/WebAuthn/Manager.php","line":171,"function":"saveAndReturnCredentialSource","class":"OC\\Authentication\\WebAuthn\\CredentialRepository","type":"->","args":[{"__class__":"Webauthn\\PublicKeyCredentialSource"},"Nitro"]},{"file":"/var/www/html/apps/settings/lib/Controller/WebAuthnController.php","line":103,"function":"finishRegister","class":"OC\\Authentication\\WebAuthn\\Manager","type":"->","args":[{"__class__":"Webauthn\\PublicKeyCredentialCreationOptions"},"Nitro","{\"id\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"rawId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==\",\"response\":{\"clientDataJSON\":\"eyJjaGFsbGVuZ2UiOiJ0cloySVlVckhrMkdPek5zTURuNzJxbUtMV01lQjNzWkowX3ltc0tjYnlrIiwib3JpZ2luIjoiaHR0cHM6Ly9jbG91ZC5oYXNlLmRldiIsInR5cGUiOiJ3ZWJhdXRobi5jcmVhdGUifQ==\",\"attestationObject\":\"o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVkBSH3NTuTo9Vi7AOKyK2W8z4G83ZMDtSRv4vrrs/w7rjaXRQAAAAcAAAAAAAAAAAAAAAAAAAAAAMSjAFignGtcgnKsUpQQ9rQtUQy3QUQHkiEA1HnqlQauIneg+mo74hWlr8kueJYYNUOt3JnV049yigN93pqABa1AFcUpbZkZbIzOM6Ker7WYySM2Q3moAafNzNgtU1I0HR0u2dM3gW8UqFViote7r7b/kfSbFqbaz1hLsD5lw7qGcNkXa+MkN8WuPEDwA/Ub6KiggMqC9igb+8aLNrS1FC3B6RahZQFMMmm42a759bHYqPgxAlCrx3NtYOnKA3rG29QlmRi6pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg+jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y=\"}}"]},{"file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","line":225,"function":"finishRegistration","class":"OCA\\Settings\\Controller\\WebAuthnController","type":"->","args":["Nitro","{\"id\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"rawId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==\",\"response\":{\"clientDataJSON\":\"eyJjaGFsbGVuZ2UiOiJ0cloySVlVckhrMkdPek5zTURuNzJxbUtMV01lQjNzWkowX3ltc0tjYnlrIiwib3JpZ2luIjoiaHR0cHM6Ly9jbG91ZC5oYXNlLmRldiIsInR5cGUiOiJ3ZWJhdXRobi5jcmVhdGUifQ==\",\"attestationObject\":\"o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVkBSH3NTuTo9Vi7AOKyK2W8z4G83ZMDtSRv4vrrs/w7rjaXRQAAAAcAAAAAAAAAAAAAAAAAAAAAAMSjAFignGtcgnKsUpQQ9rQtUQy3QUQHkiEA1HnqlQauIneg+mo74hWlr8kueJYYNUOt3JnV049yigN93pqABa1AFcUpbZkZbIzOM6Ker7WYySM2Q3moAafNzNgtU1I0HR0u2dM3gW8UqFViote7r7b/kfSbFqbaz1hLsD5lw7qGcNkXa+MkN8WuPEDwA/Ub6KiggMqC9igb+8aLNrS1FC3B6RahZQFMMmm42a759bHYqPgxAlCrx3NtYOnKA3rG29QlmRi6pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg+jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y=\"}}"]},{"file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","line":133,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Settings\\Controller\\WebAuthnController"},"finishRegistration"]},{"file":"/var/www/html/lib/private/AppFramework/App.php","line":172,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Settings\\Controller\\WebAuthnController"},"finishRegistration"]},{"file":"/var/www/html/lib/private/Route/Router.php","line":298,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\Settings\\Controller\\WebAuthnController","finishRegistration",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},["settings.WebAuthn.finishRegistration"]]},{"file":"/var/www/html/lib/base.php","line":1030,"function":"match","class":"OC\\Route\\Router","type":"->","args":["/settings/api/personal/webauthn/registration"]},{"file":"/var/www/html/index.php","line":36,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"/var/www/html/3rdparty/doctrine/dbal/src/Driver/PDO/Exception.php","Line":26,"Previous":{"Exception":"PDOException","Message":"SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'public_key_credential_id' at row 1","Code":"22001","Trace":[{"file":"/var/www/html/3rdparty/doctrine/dbal/src/Driver/PDO/Statement.php","line":92,"function":"execute","class":"PDOStatement","type":"->","args":[null]},{"file":"/var/www/html/3rdparty/doctrine/dbal/src/Connection.php","line":1163,"function":"execute","class":"Doctrine\\DBAL\\Driver\\PDO\\Statement","type":"->","args":[]},{"file":"/var/www/html/lib/private/DB/Connection.php","line":294,"function":"executeStatement","class":"Doctrine\\DBAL\\Connection","type":"->","args":["INSERT INTO `oc_webauthn` (`name`, `uid`, `public_key_credential_id`, `data`) VALUES(?, ?, ?, ?)",["Nitro","Sebastian","owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==","{\"publicKeyCredentialId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"transports\":[],\"attestationType\":\"none\",\"trustPath\":{\"type\":\"Webauthn\\\\TrustPath\\\\EmptyTrustPath\"},\"aaguid\":\"00000000-0000-0000-0000-000000000000\",\"credentialPublicKey\":\"pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg-jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y\",\"userHandle\":\"U2ViYXN0aWFu\",\"counter\":7,\"otherUI\":null}"],[2,2,2,2]]},{"file":"/var/www/html/3rdparty/doctrine/dbal/src/Query/QueryBuilder.php","line":354,"function":"executeStatement","class":"OC\\DB\\Connection","type":"->","args":["INSERT INTO `oc_webauthn` (`name`, `uid`, `public_key_credential_id`, `data`) VALUES(:dcValue1, :dcValue2, :dcValue3, :dcValue4)",["Nitro","Sebastian","owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==","{\"publicKeyCredentialId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"transports\":[],\"attestationType\":\"none\",\"trustPath\":{\"type\":\"Webauthn\\\\TrustPath\\\\EmptyTrustPath\"},\"aaguid\":\"00000000-0000-0000-0000-000000000000\",\"credentialPublicKey\":\"pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg-jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y\",\"userHandle\":\"U2ViYXN0aWFu\",\"counter\":7,\"otherUI\":null}"],[2,2,2,2]]},{"file":"/var/www/html/lib/private/DB/QueryBuilder/QueryBuilder.php","line":281,"function":"execute","class":"Doctrine\\DBAL\\Query\\QueryBuilder","type":"->","args":[]},{"file":"/var/www/html/lib/private/DB/QueryBuilder/QueryBuilder.php","line":327,"function":"execute","class":"OC\\DB\\QueryBuilder\\QueryBuilder","type":"->","args":[]},{"file":"/var/www/html/lib/public/AppFramework/Db/QBMapper.php","line":139,"function":"executeStatement","class":"OC\\DB\\QueryBuilder\\QueryBuilder","type":"->","args":[]},{"file":"/var/www/html/lib/public/AppFramework/Db/QBMapper.php","line":164,"function":"insert","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->","args":[{"__class__":"OC\\Authentication\\WebAuthn\\Db\\PublicKeyCredentialEntity","id":null}]},{"file":"/var/www/html/lib/private/Authentication/WebAuthn/CredentialRepository.php","line":88,"function":"insertOrUpdate","class":"OCP\\AppFramework\\Db\\QBMapper","type":"->","args":[{"__class__":"OC\\Authentication\\WebAuthn\\Db\\PublicKeyCredentialEntity","id":null}]},{"file":"/var/www/html/lib/private/Authentication/WebAuthn/Manager.php","line":171,"function":"saveAndReturnCredentialSource","class":"OC\\Authentication\\WebAuthn\\CredentialRepository","type":"->","args":[{"__class__":"Webauthn\\PublicKeyCredentialSource"},"Nitro"]},{"file":"/var/www/html/apps/settings/lib/Controller/WebAuthnController.php","line":103,"function":"finishRegister","class":"OC\\Authentication\\WebAuthn\\Manager","type":"->","args":[{"__class__":"Webauthn\\PublicKeyCredentialCreationOptions"},"Nitro","{\"id\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"rawId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==\",\"response\":{\"clientDataJSON\":\"eyJjaGFsbGVuZ2UiOiJ0cloySVlVckhrMkdPek5zTURuNzJxbUtMV01lQjNzWkowX3ltc0tjYnlrIiwib3JpZ2luIjoiaHR0cHM6Ly9jbG91ZC5oYXNlLmRldiIsInR5cGUiOiJ3ZWJhdXRobi5jcmVhdGUifQ==\",\"attestationObject\":\"o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVkBSH3NTuTo9Vi7AOKyK2W8z4G83ZMDtSRv4vrrs/w7rjaXRQAAAAcAAAAAAAAAAAAAAAAAAAAAAMSjAFignGtcgnKsUpQQ9rQtUQy3QUQHkiEA1HnqlQauIneg+mo74hWlr8kueJYYNUOt3JnV049yigN93pqABa1AFcUpbZkZbIzOM6Ker7WYySM2Q3moAafNzNgtU1I0HR0u2dM3gW8UqFViote7r7b/kfSbFqbaz1hLsD5lw7qGcNkXa+MkN8WuPEDwA/Ub6KiggMqC9igb+8aLNrS1FC3B6RahZQFMMmm42a759bHYqPgxAlCrx3NtYOnKA3rG29QlmRi6pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg+jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y=\"}}"]},{"file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","line":225,"function":"finishRegistration","class":"OCA\\Settings\\Controller\\WebAuthnController","type":"->","args":["Nitro","{\"id\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO-IVpa_JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq-1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6-2_5H0mxam2s9YS7A-ZcO6hnDZF2vjJDfFrjxA8AP1G-iooIDKgvYoG_vGiza0tRQtwekWoWUBTDJpuNmu-fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug\",\"type\":\"public-key\",\"rawId\":\"owBYoJxrXIJyrFKUEPa0LVEMt0FEB5IhANR56pUGriJ3oPpqO+IVpa/JLniWGDVDrdyZ1dOPcooDfd6agAWtQBXFKW2ZGWyMzjOinq+1mMkjNkN5qAGnzczYLVNSNB0dLtnTN4FvFKhVYqLXu6+2/5H0mxam2s9YS7A+ZcO6hnDZF2vjJDfFrjxA8AP1G+iooIDKgvYoG/vGiza0tRQtwekWoWUBTDJpuNmu+fWx2Kj4MQJQq8dzbWDpygN6xtvUJZkYug==\",\"response\":{\"clientDataJSON\":\"eyJjaGFsbGVuZ2UiOiJ0cloySVlVckhrMkdPek5zTURuNzJxbUtMV01lQjNzWkowX3ltc0tjYnlrIiwib3JpZ2luIjoiaHR0cHM6Ly9jbG91ZC5oYXNlLmRldiIsInR5cGUiOiJ3ZWJhdXRobi5jcmVhdGUifQ==\",\"attestationObject\":\"o2NmbXRkbm9uZWdhdHRTdG10oGhhdXRoRGF0YVkBSH3NTuTo9Vi7AOKyK2W8z4G83ZMDtSRv4vrrs/w7rjaXRQAAAAcAAAAAAAAAAAAAAAAAAAAAAMSjAFignGtcgnKsUpQQ9rQtUQy3QUQHkiEA1HnqlQauIneg+mo74hWlr8kueJYYNUOt3JnV049yigN93pqABa1AFcUpbZkZbIzOM6Ker7WYySM2Q3moAafNzNgtU1I0HR0u2dM3gW8UqFViote7r7b/kfSbFqbaz1hLsD5lw7qGcNkXa+MkN8WuPEDwA/Ub6KiggMqC9igb+8aLNrS1FC3B6RahZQFMMmm42a759bHYqPgxAlCrx3NtYOnKA3rG29QlmRi6pQECAyYgASFYIEGtLVGh8CAFNEHC2yG0Cnu2T8fxyFiv2X8VFbKOVNI0IlggRCg+jKdMzpYQpwXNmwFJELfGJ931BJIYXxAU3QJrB9Y=\"}}"]},{"file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","line":133,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Settings\\Controller\\WebAuthnController"},"finishRegistration"]},{"file":"/var/www/html/lib/private/AppFramework/App.php","line":172,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OCA\\Settings\\Controller\\WebAuthnController"},"finishRegistration"]},{"file":"/var/www/html/lib/private/Route/Router.php","line":298,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\Settings\\Controller\\WebAuthnController","finishRegistration",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},["settings.WebAuthn.finishRegistration"]]},{"file":"/var/www/html/lib/base.php","line":1030,"function":"match","class":"OC\\Route\\Router","type":"->","args":["/settings/api/personal/webauthn/registration"]},{"file":"/var/www/html/index.php","line":36,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"/var/www/html/3rdparty/doctrine/dbal/src/Driver/PDO/Statement.php","Line":92}}},"CustomMessage":"--"}}

Additional info

Client: Windows 11 22H2, Firefox 105

@hase77 hase77 added 0. Needs triage Pending check for reproducibility or if it fits our roadmap bug labels Oct 8, 2022
@jans23
Copy link

jans23 commented Oct 9, 2022

Please try updating your Nitrokey 3.

@hase77
Copy link
Author

hase77 commented Oct 10, 2022

Thanks, as soon as this bug https://github.com/Nitrokey/pynitrokey/issues/272 is fixed I will try this!

@hase77
Copy link
Author

hase77 commented Oct 10, 2022

Checked the firmware version with an linux-livecd, it's already the latest version 1.2.2 for the nitrokey 3.

@robin-nitrokey
Copy link

I cannot reproduce this issue with a Nitrokey 3 CN running firmware version 1.2.0 on cloud.nitrokey.com. For me, all steps (registration, passwordless login, 2FA) work.

@szszszsz
Copy link

szszszsz commented Oct 10, 2022

The publicKeyCredentialId field in the provided logs is 262 bytes long. If it is stored verbatim (edit: in base64), it will not fit to the 255-long column.

Edit: when decoded, it takes only 196 bytes (compare with cat | base64 --decode | wc -c).

@hase77
Copy link
Author

hase77 commented Oct 11, 2022

The nextcloud security scanner says cloud.nitrokey.com uses Nextcloud 23.0.9.1, I use Nextcloud 24.0.6.1.

Used this as an dirty "bugfix":
alter table oc_webauthn modify public_key_credential_id varchar(300);
to change field size higher than 255. Don't know what the webauthn standard says about a size limit. Maybe bug in the nitrokey 3 firmware (I use an Nitrokey 3 A)?

@szszszsz
Copy link

szszszsz commented Oct 11, 2022

  • There is no size limit in spec for FIDO2. It is common to use varchar column to store IDs, but directly (in binary).
  • Base64 encoding makes the usable field size 63B 195 bytes out of 255 bytes (3/4 of the original size).

@zevlee
Copy link

zevlee commented Oct 19, 2022

I have the same problem when attempting to register a Nitrokey 3A Mini. I'm using v1.2.2 of the firmware and Nextcloud 25. Other websites work just fine.

[index] Error: OC\DB\Exceptions\DbalException: An exception occurred while executing a query: SQLSTATE[22001]: String data, right truncated: 1406 Data too long for column 'public_key_credential_id' at row 1 at <<closure>>

 0. /var/www/nextcloud/lib/private/DB/QueryBuilder/QueryBuilder.php line 329
    OC\DB\Exceptions\DbalException::wrap()
 1. /var/www/nextcloud/lib/public/AppFramework/Db/QBMapper.php line 139
    OC\DB\QueryBuilder\QueryBuilder->executeStatement()
 2. /var/www/nextcloud/apps/twofactor_webauthn/lib/Db/PublicKeyCredentialEntityMapper.php line 132
    OCP\AppFramework\Db\QBMapper->insert()
 3. /var/www/nextcloud/apps/twofactor_webauthn/lib/Repository/WebauthnPublicKeyCredentialSourceRepository.php line 91
    OCA\TwoFactorWebauthn\Db\PublicKeyCredentialEntityMapper->insertOrUpdate()
 4. /var/www/nextcloud/apps/twofactor_webauthn/lib/Service/WebAuthnManager.php line 233
    OCA\TwoFactorWebauthn\Repository\WebauthnPublicKeyCredentialSourceRepository->saveCredentialSource()
 5. /var/www/nextcloud/apps/twofactor_webauthn/lib/Controller/SettingsController.php line 68
    OCA\TwoFactorWebauthn\Service\WebAuthnManager->finishRegister()
 6. /var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line 225
    OCA\TwoFactorWebauthn\Controller\SettingsController->finishRegister()
 7. /var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line 133
    OC\AppFramework\Http\Dispatcher->executeController()
 8. /var/www/nextcloud/lib/private/AppFramework/App.php line 172
    OC\AppFramework\Http\Dispatcher->dispatch()
 9. /var/www/nextcloud/lib/private/Route/Router.php line 298
    OC\AppFramework\App::main()
10. /var/www/nextcloud/lib/base.php line 1030
    OC\Route\Router->match()
11. /var/www/nextcloud/index.php line 36
    OC::handleRequest()

@zevlee
Copy link

zevlee commented Nov 4, 2022

There is a comment by @tbpoetke on the Two-Factor WebAuthn repository that may provide insight to fixing this issue:

ok, I managed to fix it for myself:

I connected to my Nextcloud db and entered this statement:

ALTER TABLE twofactor_webauthn_registrations MODIFY public_key_credential_id VARCHAR(5000);

@diroots
Copy link

diroots commented Apr 28, 2023

same error here with nitrokey 3A mini. latest 1.3.1 firmware, and tested on nc25 and nc24

one more precision to give :

  • registration works in firefox ESR 102 : in table, the pub key inserted in public_key_credential_id field is 244 chars
  • registration fails in chromium 112 : i do see in the logged error that the public_key_credential_id that is tried to be inserted, and fails is 268 chars,..

@szaimen

This comment was marked as resolved.

@hase77
Copy link
Author

hase77 commented Jun 2, 2023

Error still exists in 26.0.2. Tested with FF 113.0.2 and Chrome 114.

@Henne1191
Copy link

Seeing this issue with Nitrokey 3C and current firmware 1.4.0 on managed Nextcloud instance

@hase77
Copy link
Author

hase77 commented Jun 16, 2023

Nextcloud 27.0.0 and the error still exists.

@diroots
Copy link

diroots commented Jun 16, 2023

Nextcloud 27.0.0 and the error still exists.

until public_key_credential_id field length remains 255 long as per the initial field creation in this migration, this error will still exist,...

@NightDragon1
Copy link

Nextcloud 27.0.0 and the error still exists.

until public_key_credential_id field length remains 255 long as per the initial field creation in this migration, this error will still exist,...

So the workaround is to set field to 512.

@szszszsz
Copy link

So the workaround is to set field to 512.

Just 300 is enough, as per #34476 (comment).
The actual key length is around 196 bytes binary, and encoded in base64 this makes 262 bytes (7 bytes more than allowed).

@simontretter
Copy link

simontretter commented Aug 28, 2023

Can confirm. Same issue when using Solokeys and NC 26.0.5.

@diroots
Copy link

diroots commented Aug 28, 2023

Hi @szaimen @ChristophWurst is the possible fix from PR #36769 only blocked because of #36769 (comment) ?

@joshtrichards joshtrichards changed the title [Bug]: Passwordless WebAuthn with Nitrokey 3 does not work Passwordless WebAuthn with Nitrokey 3 does not work Aug 28, 2023
susnux added a commit that referenced this issue Aug 14, 2024
* Resolves #34476

There is no maximum length defined in the standard,
most common the length is between 128 and 200 characters,
but as we store it not in plain data but base64 encoded the length can grow about 1/3.

We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.
So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
@susnux susnux closed this as completed in b582630 Aug 14, 2024
backportbot bot pushed a commit that referenced this issue Aug 14, 2024
* Resolves #34476

There is no maximum length defined in the standard,

most common the length is between 128 and 200 characters,

but as we store it not in plain data but base64 encoded the length can grow about 1/3.

We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.

So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

[skip ci]
susnux added a commit that referenced this issue Aug 14, 2024
* Resolves #34476

There is no maximum length defined in the standard,
most common the length is between 128 and 200 characters,
but as we store it not in plain data but base64 encoded the length can grow about 1/3.
We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.
So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
backportbot bot pushed a commit that referenced this issue Aug 14, 2024
* Resolves #34476

There is no maximum length defined in the standard,

most common the length is between 128 and 200 characters,

but as we store it not in plain data but base64 encoded the length can grow about 1/3.

We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.

So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>

[skip ci]
backportbot bot pushed a commit that referenced this issue Aug 14, 2024
* Resolves #34476

There is no maximum length defined in the standard,
most common the length is between 128 and 200 characters,
but as we store it not in plain data but base64 encoded the length can grow about 1/3.

We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.
So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
susnux added a commit that referenced this issue Aug 15, 2024
* Resolves #34476

There is no maximum length defined in the standard,
most common the length is between 128 and 200 characters,
but as we store it not in plain data but base64 encoded the length can grow about 1/3.
We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.
So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
susnux added a commit that referenced this issue Aug 15, 2024
* Resolves #34476

There is no maximum length defined in the standard,
most common the length is between 128 and 200 characters,
but as we store it not in plain data but base64 encoded the length can grow about 1/3.
We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.
So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
susnux added a commit that referenced this issue Aug 22, 2024
* Resolves #34476

There is no maximum length defined in the standard,
most common the length is between 128 and 200 characters,
but as we store it not in plain data but base64 encoded the length can grow about 1/3.

We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.
So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
susnux added a commit that referenced this issue Aug 22, 2024
* Resolves #34476

There is no maximum length defined in the standard,
most common the length is between 128 and 200 characters,
but as we store it not in plain data but base64 encoded the length can grow about 1/3.

We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.
So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
nickvergessen pushed a commit that referenced this issue Aug 22, 2024
* Resolves #34476

There is no maximum length defined in the standard,
most common the length is between 128 and 200 characters,
but as we store it not in plain data but base64 encoded the length can grow about 1/3.

We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.
So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
susnux added a commit that referenced this issue Aug 27, 2024
* Resolves #34476

There is no maximum length defined in the standard,
most common the length is between 128 and 200 characters,
but as we store it not in plain data but base64 encoded the length can grow about 1/3.
We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.
So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
susnux added a commit that referenced this issue Aug 27, 2024
* Resolves #34476

There is no maximum length defined in the standard,
most common the length is between 128 and 200 characters,
but as we store it not in plain data but base64 encoded the length can grow about 1/3.
We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.
So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
susnux added a commit that referenced this issue Aug 30, 2024
* Resolves #34476

There is no maximum length defined in the standard,
most common the length is between 128 and 200 characters,
but as we store it not in plain data but base64 encoded the length can grow about 1/3.
We had a regression with 'Nitrokey 3' which created IDs with 196 byte length -> 262 bytes encoded base64.
So to be save we increase the size to 512 bytes.

Signed-off-by: Ferdinand Thiessen <opensource@fthiessen.de>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
0. Needs triage Pending check for reproducibility or if it fits our roadmap 26-feedback bug feature: authentication
Projects
None yet