Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix Email 2FA login on native app #4762

Merged
merged 1 commit into from
Jul 17, 2024
Merged

Fix Email 2FA login on native app #4762

merged 1 commit into from
Jul 17, 2024

Conversation

BlackDex
Copy link
Collaborator

The new native android app still seems to send PascalCase entries for Email 2FA. Added aliasses for these keys.

Tested all other 2FA's (Except Duo, which might be fixable via #4637) and they all work fine using the Native Android Beta v2024.7.0 version.

Fixes #4713

@BlackDex
Fix Email 2FA login on native app
b7ddfb4 
The new native android app still seems to send PascalCase entries for
Email 2FA. Added aliasses for these keys.

Tested all other 2FA's (Except Duo, which might be fixable via dani-garcia#4637)
and they all work fine using the Native Android Beta v2024.7.0 version.

Fixes dani-garcia#4713
@BlackDex BlackDex requested a review from dani-garcia July 17, 2024 13:54
@dani-garcia dani-garcia merged commit b27e6e3 into dani-garcia:main Jul 17, 2024
5 checks passed
@Gerardv514
Copy link

I see tested with android, what about iOS?

@BlackDex
Copy link
Collaborator Author

@Gerardv514 Feel free to test it. I do not have an iOS device present to do such testing.

@Gerardv514
Copy link

Gerardv514 commented Jul 17, 2024
edited
Loading

@BlackDex I did already as mentioned in 4713.

I have the native app installed and I am not prompted on any 2fa method. I also made sure I hit log out of the app and tried again.

@BlackDex BlackDex deleted the fix-email-2fa-native-app branch July 17, 2024 18:57
@BlackDex
Copy link
Collaborator Author

@Gerardv514 if you are not prompted then you probably selected the remember checkbox in the client.
Try to fully uninstall or clear it's data and see what happens if you configure it again.

It would be strange, since Vaultwarden shouldn't provide a valid token to login/sync if the 2FA is not provided, or the remember token isn't provided.

@Gerardv514
Copy link

I did an uninstall reinstall Seems to be working now and I believe it maybe due to a new beta version update; so it was probably client side.

Duo isn’t working which is known and being worked on, but using another method such as OTP code works.

@BlackDex
Copy link
Collaborator Author

Nice :) Glad that works.

I'm looking into the Duo PR right now btw. Not sure if i am able to finish that today (or this week).

truecharts-admin referenced this pull request in truecharts/public Aug 12, 2024
@truecharts-admin
chore(deps): update container image docker.io/vaultwarden/server to v…
54290a5 
…1.32.0@71668d2 by renovate (#25023)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
|
[docker.io/vaultwarden/server](https://togithub.com/dani-garcia/vaultwarden)
| minor | `1.31.0` -> `1.32.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>dani-garcia/vaultwarden
(docker.io/vaultwarden/server)</summary>

###
[`v1.32.0`](https://togithub.com/dani-garcia/vaultwarden/releases/tag/1.32.0)

[Compare
Source](https://togithub.com/dani-garcia/vaultwarden/compare/1.31.0...1.32.0)

#### Security Fixes

This release has several CVE Reports fixed and we recommend everybody to
update to the latest version as soon as possible.

-
[CVE-2024-39924](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39924)
Fixed via
[#&#8203;4715](https://togithub.com/dani-garcia/vaultwarden/issues/4715)
-
[CVE-2024-39925](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39925)
Fixed via
[#&#8203;4837](https://togithub.com/dani-garcia/vaultwarden/issues/4837)
-
[CVE-2024-39926](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39926)
Fixed via
[#&#8203;4737](https://togithub.com/dani-garcia/vaultwarden/issues/4737)

#### Other changes

-   Updated web-vault to v2024.6.2
- Fixed issues with password reset enrollment by rolling back a
web-vault commit

#### What's Changed

- use a custom plan of enterprise tier to fix limits by
[@&#8203;stefan0xC](https://togithub.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4726](https://togithub.com/dani-garcia/vaultwarden/pull/4726)
- chore: Dockerfile to Remove port 3012 by
[@&#8203;calvin-li-developer](https://togithub.com/calvin-li-developer)
in
[https://github.com/dani-garcia/vaultwarden/pull/4725](https://togithub.com/dani-garcia/vaultwarden/pull/4725)
- Fix bug where secureNotes is empty by
[@&#8203;cobyge](https://togithub.com/cobyge) in
[https://github.com/dani-garcia/vaultwarden/pull/4730](https://togithub.com/dani-garcia/vaultwarden/pull/4730)
- Improved HTTP client by
[@&#8203;dani-garcia](https://togithub.com/dani-garcia) in
[https://github.com/dani-garcia/vaultwarden/pull/4740](https://togithub.com/dani-garcia/vaultwarden/pull/4740)
- Update admin interface by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4737](https://togithub.com/dani-garcia/vaultwarden/pull/4737)
- Fix for RSA Keys which are read only by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4744](https://togithub.com/dani-garcia/vaultwarden/pull/4744)
- Fix Email 2FA login on native app by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4762](https://togithub.com/dani-garcia/vaultwarden/pull/4762)
- Update crates & fix crate vulnerability by
[@&#8203;dfunkt](https://togithub.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4771](https://togithub.com/dani-garcia/vaultwarden/pull/4771)
- Fix Dockerfile linter warnings by
[@&#8203;dfunkt](https://togithub.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4763](https://togithub.com/dani-garcia/vaultwarden/pull/4763)
- allow re-invitations of existing users by
[@&#8203;stefan0xC](https://togithub.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4768](https://togithub.com/dani-garcia/vaultwarden/pull/4768)
- Allow to override log level for specific target by
[@&#8203;Timshel](https://togithub.com/Timshel) in
[https://github.com/dani-garcia/vaultwarden/pull/4305](https://togithub.com/dani-garcia/vaultwarden/pull/4305)
- Add support for MFA with Duo's Universal Prompt by
[@&#8203;0x0fbc](https://togithub.com/0x0fbc) in
[https://github.com/dani-garcia/vaultwarden/pull/4637](https://togithub.com/dani-garcia/vaultwarden/pull/4637)
- Allow to increase the note size to 100\_000 by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4772](https://togithub.com/dani-garcia/vaultwarden/pull/4772)
- Update Rust, Crates and GHA by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4783](https://togithub.com/dani-garcia/vaultwarden/pull/4783)
- Duo: use the formatted db email by
[@&#8203;Timshel](https://togithub.com/Timshel) in
[https://github.com/dani-garcia/vaultwarden/pull/4779](https://togithub.com/dani-garcia/vaultwarden/pull/4779)
- Update rust-toolchain.toml to 1.80.0 by
[@&#8203;dfunkt](https://togithub.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4784](https://togithub.com/dani-garcia/vaultwarden/pull/4784)
- fix issue with adding ciphers to organizations on native ios app by
[@&#8203;stefan0xC](https://togithub.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4800](https://togithub.com/dani-garcia/vaultwarden/pull/4800)
- Rewrite the Push Notifications section in the configuration template
by [@&#8203;dfunkt](https://togithub.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4805](https://togithub.com/dani-garcia/vaultwarden/pull/4805)
- Secure send file uploads by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4810](https://togithub.com/dani-garcia/vaultwarden/pull/4810)
- make access_all optional by
[@&#8203;stefan0xC](https://togithub.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4812](https://togithub.com/dani-garcia/vaultwarden/pull/4812)
- Remove lowercase conversion for featureStates by
[@&#8203;dfunkt](https://togithub.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4820](https://togithub.com/dani-garcia/vaultwarden/pull/4820)
- Fix mail::send_incomplete\_2fa_login panic issue by
[@&#8203;dfunkt](https://togithub.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4792](https://togithub.com/dani-garcia/vaultwarden/pull/4792)
- Update crates, web-vault and fixes by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4823](https://togithub.com/dani-garcia/vaultwarden/pull/4823)
- Updated web-vault to v2024.6.2b by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4826](https://togithub.com/dani-garcia/vaultwarden/pull/4826)
- Update Rust to 1.80.1 by [@&#8203;dfunkt](https://togithub.com/dfunkt)
in
[https://github.com/dani-garcia/vaultwarden/pull/4831](https://togithub.com/dani-garcia/vaultwarden/pull/4831)
- Fix data disclosure on organization endpoints by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4837](https://togithub.com/dani-garcia/vaultwarden/pull/4837)

#### New Contributors

- [@&#8203;cobyge](https://togithub.com/cobyge) made their first
contribution in
[https://github.com/dani-garcia/vaultwarden/pull/4730](https://togithub.com/dani-garcia/vaultwarden/pull/4730)
- [@&#8203;0x0fbc](https://togithub.com/0x0fbc) made their first
contribution in
[https://github.com/dani-garcia/vaultwarden/pull/4637](https://togithub.com/dani-garcia/vaultwarden/pull/4637)

**Full Changelog**:
dani-garcia/vaultwarden@1.31.0...1.32.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://togithub.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yNS4wIiwidXBkYXRlZEluVmVyIjoiMzguMjUuMCIsInRhcmdldEJyYW5jaCI6Im1hc3RlciIsImxhYmVscyI6WyJhdXRvbWVyZ2UiLCJ1cGRhdGUvZG9ja2VyL2dlbmVyYWwvbm9uLW1ham9yIl19-->
renovate bot referenced this pull request in NorkzYT/Wolflith Aug 15, 2024
@renovate
chore(deps): update vaultwarden/server docker tag to v1.32.0 (#816)
78a35cf 
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [vaultwarden/server](https://togithub.com/dani-garcia/vaultwarden) |
minor | `1.31.0` -> `1.32.0` |

---

### Release Notes

<details>
<summary>dani-garcia/vaultwarden (vaultwarden/server)</summary>

###
[`v1.32.0`](https://togithub.com/dani-garcia/vaultwarden/releases/tag/1.32.0)

[Compare
Source](https://togithub.com/dani-garcia/vaultwarden/compare/1.31.0...1.32.0)

#### Security Fixes

This release has several CVE Reports fixed and we recommend everybody to
update to the latest version as soon as possible.

-
[CVE-2024-39924](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39924)
Fixed via
[#&#8203;4715](https://togithub.com/dani-garcia/vaultwarden/issues/4715)
-
[CVE-2024-39925](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39925)
Fixed via
[#&#8203;4837](https://togithub.com/dani-garcia/vaultwarden/issues/4837)
-
[CVE-2024-39926](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-39926)
Fixed via
[#&#8203;4737](https://togithub.com/dani-garcia/vaultwarden/issues/4737)

#### Other changes

-   Updated web-vault to v2024.6.2
- Fixed issues with password reset enrollment by rolling back a
web-vault commit

#### What's Changed

- use a custom plan of enterprise tier to fix limits by
[@&#8203;stefan0xC](https://togithub.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4726](https://togithub.com/dani-garcia/vaultwarden/pull/4726)
- chore: Dockerfile to Remove port 3012 by
[@&#8203;calvin-li-developer](https://togithub.com/calvin-li-developer)
in
[https://github.com/dani-garcia/vaultwarden/pull/4725](https://togithub.com/dani-garcia/vaultwarden/pull/4725)
- Fix bug where secureNotes is empty by
[@&#8203;cobyge](https://togithub.com/cobyge) in
[https://github.com/dani-garcia/vaultwarden/pull/4730](https://togithub.com/dani-garcia/vaultwarden/pull/4730)
- Improved HTTP client by
[@&#8203;dani-garcia](https://togithub.com/dani-garcia) in
[https://github.com/dani-garcia/vaultwarden/pull/4740](https://togithub.com/dani-garcia/vaultwarden/pull/4740)
- Update admin interface by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4737](https://togithub.com/dani-garcia/vaultwarden/pull/4737)
- Fix for RSA Keys which are read only by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4744](https://togithub.com/dani-garcia/vaultwarden/pull/4744)
- Fix Email 2FA login on native app by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4762](https://togithub.com/dani-garcia/vaultwarden/pull/4762)
- Update crates & fix crate vulnerability by
[@&#8203;dfunkt](https://togithub.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4771](https://togithub.com/dani-garcia/vaultwarden/pull/4771)
- Fix Dockerfile linter warnings by
[@&#8203;dfunkt](https://togithub.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4763](https://togithub.com/dani-garcia/vaultwarden/pull/4763)
- allow re-invitations of existing users by
[@&#8203;stefan0xC](https://togithub.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4768](https://togithub.com/dani-garcia/vaultwarden/pull/4768)
- Allow to override log level for specific target by
[@&#8203;Timshel](https://togithub.com/Timshel) in
[https://github.com/dani-garcia/vaultwarden/pull/4305](https://togithub.com/dani-garcia/vaultwarden/pull/4305)
- Add support for MFA with Duo's Universal Prompt by
[@&#8203;0x0fbc](https://togithub.com/0x0fbc) in
[https://github.com/dani-garcia/vaultwarden/pull/4637](https://togithub.com/dani-garcia/vaultwarden/pull/4637)
- Allow to increase the note size to 100\_000 by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4772](https://togithub.com/dani-garcia/vaultwarden/pull/4772)
- Update Rust, Crates and GHA by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4783](https://togithub.com/dani-garcia/vaultwarden/pull/4783)
- Duo: use the formatted db email by
[@&#8203;Timshel](https://togithub.com/Timshel) in
[https://github.com/dani-garcia/vaultwarden/pull/4779](https://togithub.com/dani-garcia/vaultwarden/pull/4779)
- Update rust-toolchain.toml to 1.80.0 by
[@&#8203;dfunkt](https://togithub.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4784](https://togithub.com/dani-garcia/vaultwarden/pull/4784)
- fix issue with adding ciphers to organizations on native ios app by
[@&#8203;stefan0xC](https://togithub.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4800](https://togithub.com/dani-garcia/vaultwarden/pull/4800)
- Rewrite the Push Notifications section in the configuration template
by [@&#8203;dfunkt](https://togithub.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4805](https://togithub.com/dani-garcia/vaultwarden/pull/4805)
- Secure send file uploads by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4810](https://togithub.com/dani-garcia/vaultwarden/pull/4810)
- make access_all optional by
[@&#8203;stefan0xC](https://togithub.com/stefan0xC) in
[https://github.com/dani-garcia/vaultwarden/pull/4812](https://togithub.com/dani-garcia/vaultwarden/pull/4812)
- Remove lowercase conversion for featureStates by
[@&#8203;dfunkt](https://togithub.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4820](https://togithub.com/dani-garcia/vaultwarden/pull/4820)
- Fix mail::send_incomplete\_2fa_login panic issue by
[@&#8203;dfunkt](https://togithub.com/dfunkt) in
[https://github.com/dani-garcia/vaultwarden/pull/4792](https://togithub.com/dani-garcia/vaultwarden/pull/4792)
- Update crates, web-vault and fixes by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4823](https://togithub.com/dani-garcia/vaultwarden/pull/4823)
- Updated web-vault to v2024.6.2b by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4826](https://togithub.com/dani-garcia/vaultwarden/pull/4826)
- Update Rust to 1.80.1 by [@&#8203;dfunkt](https://togithub.com/dfunkt)
in
[https://github.com/dani-garcia/vaultwarden/pull/4831](https://togithub.com/dani-garcia/vaultwarden/pull/4831)
- Fix data disclosure on organization endpoints by
[@&#8203;BlackDex](https://togithub.com/BlackDex) in
[https://github.com/dani-garcia/vaultwarden/pull/4837](https://togithub.com/dani-garcia/vaultwarden/pull/4837)

#### New Contributors

- [@&#8203;cobyge](https://togithub.com/cobyge) made their first
contribution in
[https://github.com/dani-garcia/vaultwarden/pull/4730](https://togithub.com/dani-garcia/vaultwarden/pull/4730)
- [@&#8203;0x0fbc](https://togithub.com/0x0fbc) made their first
contribution in
[https://github.com/dani-garcia/vaultwarden/pull/4637](https://togithub.com/dani-garcia/vaultwarden/pull/4637)

**Full Changelog**:
dani-garcia/vaultwarden@1.31.0...1.32.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 10pm every weekday,every
weekend,before 5am every weekday" in timezone America/New_York,
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View the
[repository job log](https://developer.mend.io/github/NorkzYT/Wolflith).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yNi4xIiwidXBkYXRlZEluVmVyIjoiMzguMjYuMSIsInRhcmdldEJyYW5jaCI6InN0YWdpbmciLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIiwibWlub3IiLCJyZW5vdmF0ZSJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dani-garcia dani-garcia dani-garcia approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

2FA via Email or WebAuthn fails on new app
3 participants
@BlackDex @Gerardv514 @dani-garcia