starred/vaultwarden
1
0
Fork 0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2026-02-05 00:29:40 +03:00
Code Issues 32 Packages Projects Releases 10 Wiki Activity

Cannot register U2F key #115

New Issue
Closed
opened 2026-02-04 17:06:33 +03:00 by OVERLORD · 9 comments
OVERLORD commented 2026-02-04 17:06:33 +03:00
Owner
Copy Link

Originally created by @odensc on GitHub (Oct 27, 2018).

When I go to register a U2F key in the web vault, it errors on POST /api/two-factor/get-u2f-challenge.

Originally created by @odensc on GitHub (Oct 27, 2018). When I go to register a U2F key in the web vault, it errors on `POST /api/two-factor/get-u2f-challenge`.
OVERLORD added the bug label 2026-02-04 17:06:33 +03:00
OVERLORD commented 2026-02-04 17:06:48 +03:00
Author
Owner
Copy Link

@mprasil commented on GitHub (Oct 27, 2018):

Can you post the whole error log message?

@mprasil commented on GitHub (Oct 27, 2018): Can you post the whole error log message?
OVERLORD commented 2026-02-04 17:06:53 +03:00
Author
Owner
Copy Link

@jmmco commented on GitHub (Oct 28, 2018):

I'm getting the same error logs from the container:

POST /api/two-factor/get-u2f application/json; charset=utf-8:,
    => Outcome: Success,
    => Matched: POST /api/two-factor/get-u2f,
    => Response succeeded.,
GET /images/4.png:,
    => Matched: GET /<p..>,
POST /api/two-factor/get-u2f-challenge application/json; charset=utf-8:,
    => Error: No matching routes for POST /api/two-factor/get-u2f-challenge application/json; charset=utf-8.,
    => Warning: Responding with 404 Not Found catcher.

This is after clicking the Read Key in the FIDO U2F modal.

UPDATE:
I tried 1.3.0-alpine and was able to register the key then go to alpine and use the key. Seems there's a new step in the U2F registration.

@jmmco commented on GitHub (Oct 28, 2018): I'm getting the same error logs from the container: ``` POST /api/two-factor/get-u2f application/json; charset=utf-8:, => Outcome: Success, => Matched: POST /api/two-factor/get-u2f, => Response succeeded., GET /images/4.png:, => Matched: GET /<p..>, POST /api/two-factor/get-u2f-challenge application/json; charset=utf-8:, => Error: No matching routes for POST /api/two-factor/get-u2f-challenge application/json; charset=utf-8., => Warning: Responding with 404 Not Found catcher. ``` This is after clicking the Read Key in the FIDO U2F modal. UPDATE: I tried `1.3.0-alpine` and was able to register the key then go to `alpine` and use the key. Seems there's a new step in the U2F registration.
OVERLORD commented 2026-02-04 17:07:09 +03:00
Author
Owner
Copy Link

@dani-garcia commented on GitHub (Oct 28, 2018):

It seems the web vault has changed the APIs used for u2f, probably in version 2.4.0 when support for multiple keys was implemented.

For now, if you need to use u2f keys, you can use bitwarden_rs 1.2.0, which uses an older web vault version that should hopefully work.

Hopefully next week I'll have some time to investigate further and fix this.

@dani-garcia commented on GitHub (Oct 28, 2018): It seems the web vault has changed the APIs used for u2f, probably in version 2.4.0 when support for multiple keys was implemented. For now, if you need to use u2f keys, you can use bitwarden_rs 1.2.0, which uses an older web vault version that should hopefully work. Hopefully next week I'll have some time to investigate further and fix this.
OVERLORD commented 2026-02-04 17:07:17 +03:00
Author
Owner
Copy Link

@pwlgrzs commented on GitHub (Nov 2, 2018):

I presume this is related, I wanted to activate Duo on my instance but getting this:

POST /api/two-factor/get-duo application/json; charset=utf-8:
    => Error: No matching routes for POST /api/two-factor/get-duo application/json; charset=utf-8.                                          
    => Warning: Responding with 404 Not Found catcher.
    => Response succeeded.
@pwlgrzs commented on GitHub (Nov 2, 2018): I presume this is related, I wanted to activate Duo on my instance but getting this: ``` POST /api/two-factor/get-duo application/json; charset=utf-8: => Error: No matching routes for POST /api/two-factor/get-duo application/json; charset=utf-8. => Warning: Responding with 404 Not Found catcher. => Response succeeded. ```
OVERLORD commented 2026-02-04 17:07:30 +03:00
Author
Owner
Copy Link

@dani-garcia commented on GitHub (Nov 2, 2018):

Duo support is not implemented at the moment

@dani-garcia commented on GitHub (Nov 2, 2018): Duo support is not implemented at the moment
OVERLORD commented 2026-02-04 17:07:35 +03:00
Author
Owner
Copy Link

@RomanHargrave commented on GitHub (Nov 8, 2018):

The "/api/two-factor/got-u2f" endpoint appeared in jslib at 4b7962d - "add support for u2f setup apis"

@RomanHargrave commented on GitHub (Nov 8, 2018): The "/api/two-factor/got-u2f" endpoint appeared in jslib at [4b7962d - "add support for u2f setup apis"](/bitwarden/jslib/commit/4b7962dc8fba73003be1ae651013f5f817496551)
OVERLORD commented 2026-02-04 17:07:41 +03:00
Author
Owner
Copy Link

@RomanHargrave commented on GitHub (Nov 9, 2018):

I have tested and confirmed that at minimum, adding the new endpoint is enough to make u2f enrollment and authentication function.

Of course, this all is still single-key.

@RomanHargrave commented on GitHub (Nov 9, 2018): I have tested and confirmed that _at minimum_, adding the new endpoint is enough to make u2f enrollment and authentication function. Of course, this all is still single-key.
OVERLORD commented 2026-02-04 17:07:49 +03:00
Author
Owner
Copy Link

@RomanHargrave commented on GitHub (Nov 9, 2018):

I have a PR in the works (branch multiple-u2f on my fork). Presently, it only re-adds support for single-key u2f; however, I would like to support the multi-key functionality in the Vault.

@RomanHargrave commented on GitHub (Nov 9, 2018): I have a PR in the works (branch `multiple-u2f` on my fork). Presently, it only re-adds support for single-key u2f; however, I would like to support the multi-key functionality in the Vault.
OVERLORD commented 2026-02-04 17:07:57 +03:00
Author
Owner
Copy Link

@dani-garcia commented on GitHub (Nov 9, 2018):

The PR has been merged now, so I'll close this. If anyone finds another problem, please open another issue.

@dani-garcia commented on GitHub (Nov 9, 2018): The PR has been merged now, so I'll close this. If anyone finds another problem, please open another issue.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
SSO
Third party
better for forum
bug
bug
documentation
duplicate
enhancement
future Vault
future Vault
future Vault
good first issue
help wanted
low priority
notes
pull-request
Mirrored from GitHub Pull Request
 question
troubleshooting
wontfix
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/vaultwarden#115
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?