Anmeldung mit Sicherheitsschlüssel schlägt fehl, wenn sie durch Tastaturnavigation ausgelöst wird

Wolftallemo · 29. März 2023 um 15:47

Beim Versuch, sich bei einem Konto mit aktivierter Sicherheitsschlüssel anzumelden, führt das Auslösen der Schaltfläche mit der Eingabetaste anstelle eines Klicks zu einer Fehlermeldung “Ungültiger Schlüssel”, obwohl ich weiß, dass er gültig ist. Sobald dies geschieht, funktioniert es überhaupt nicht mehr und weitere Anmeldeversuche schlagen fehl, bis ein Neuladen erfolgt.

Der Versuch, es durch Klicken auf die Schaltfläche erneut zu versuchen, führt zu einer “Challenge-Übereinstimmungsfehler”, und schließlich gibt die Eingabe eines TOTP-Codes einen unbekannten Fehler zurück (devtools zeigt, dass der Code für die zweite Authentifizierungsstufe nie tatsächlich in der Anfrage gesendet wird).

Der TOTP-Fehler hat den folgenden Stacktrace

ArgumentError (`otp` should be a String)
rotp (6.2.2) lib/rotp/otp.rb:42:in `verify'
rotp (6.2.2) lib/rotp/totp.rb:46:in `block in verify'
rotp (6.2.2) lib/rotp/totp.rb:45:in `each'
rotp (6.2.2) lib/rotp/totp.rb:45:in `verify'
app/models/concerns/second_factor_manager.rb:50:in `block in authenticate_totp'
activerecord (7.0.4.3) lib/active_record/relation/delegation.rb:88:in `each'
activerecord (7.0.4.3) lib/active_record/relation/delegation.rb:88:in `each'
app/models/concerns/second_factor_manager.rb:43:in `authenticate_totp'
app/models/concerns/second_factor_manager.rb:124:in `authenticate_second_factor'
app/controllers/session_controller.rb:659:in `authenticate_second_factor'
app/controllers/session_controller.rb:318:in `create'
actionpack (7.0.4.3) lib/action_controller/metal/basic_implicit_render.rb:6:in `send_action'
actionpack (7.0.4.3) lib/abstract_controller/base.rb:215:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/rendering.rb:53:in `process_action'
actionpack (7.0.4.3) lib/abstract_controller/callbacks.rb:234:in `block in process_action'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:118:in `block in run_callbacks'
app/controllers/application_controller.rb:414:in `block in with_resolved_locale'
i18n (1.12.0) lib/i18n.rb:322:in `with_locale'
app/controllers/application_controller.rb:414:in `with_resolved_locale'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:127:in `block in run_callbacks'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:138:in `run_callbacks'
actionpack (7.0.4.3) lib/abstract_controller/callbacks.rb:233:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/rescue.rb:22:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/instrumentation.rb:67:in `block in process_action'
activesupport (7.0.4.3) lib/active_support/notifications.rb:206:in `block in instrument'
activesupport (7.0.4.3) lib/active_support/notifications/instrumenter.rb:24:in `instrument'
activesupport (7.0.4.3) lib/active_support/notifications.rb:206:in `instrument'
actionpack (7.0.4.3) lib/action_controller/metal/instrumentation.rb:66:in `process_action'
actionpack (7.0.4.3) lib/action_controller/metal/params_wrapper.rb:259:in `process_action'
activerecord (7.0.4.3) lib/active_record/railties/controller_runtime.rb:27:in `process_action'
actionpack (7.0.4.3) lib/abstract_controller/base.rb:151:in `process'
actionview (7.0.4.3) lib/action_view/rendering.rb:39:in `process'
rack-mini-profiler (3.0.0) lib/mini_profiler/profiling_methods.rb:85:in `block in profile_method'
actionpack (7.0.4.3) lib/action_controller/metal.rb:188:in `dispatch'
actionpack (7.0.4.3) lib/action_controller/metal.rb:251:in `dispatch'
actionpack (7.0.4.3) lib/action_dispatch/routing/route_set.rb:49:in `dispatch'
actionpack (7.0.4.3) lib/action_dispatch/routing/route_set.rb:32:in `serve'
actionpack (7.0.4.3) lib/action_dispatch/journey/router.rb:50:in `block in serve'
actionpack (7.0.4.3) lib/action_dispatch/journey/router.rb:32:in `each'
actionpack (7.0.4.3) lib/action_dispatch/journey/router.rb:32:in `serve'
actionpack (7.0.4.3) lib/action_dispatch/routing/route_set.rb:852:in `call'
lib/middleware/omniauth_bypass_middleware.rb:74:in `call'
rack (2.2.6.4) lib/rack/tempfile_reaper.rb:15:in `call'
rack (2.2.6.4) lib/rack/conditional_get.rb:40:in `call'
rack (2.2.6.4) lib/rack/head.rb:12:in `call'
actionpack (7.0.4.3) lib/action_dispatch/http/permissions_policy.rb:38:in `call'
lib/content_security_policy/middleware.rb:12:in `call'
lib/middleware/anonymous_cache.rb:369:in `call'
rack (2.2.6.4) lib/rack/session/abstract/id.rb:266:in `context'
rack (2.2.6.4) lib/rack/session/abstract/id.rb:260:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/cookies.rb:704:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/callbacks.rb:27:in `block in call'
activesupport (7.0.4.3) lib/active_support/callbacks.rb:99:in `run_callbacks'
actionpack (7.0.4.3) lib/action_dispatch/middleware/callbacks.rb:26:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/debug_exceptions.rb:28:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/show_exceptions.rb:26:in `call'
logster (2.12.2) lib/logster/middleware/reporter.rb:43:in `call'
railties (7.0.4.3) lib/rails/rack/logger.rb:40:in `call_app'
railties (7.0.4.3) lib/rails/rack/logger.rb:27:in `call'
config/initializers/100-quiet_logger.rb:20:in `call'
config/initializers/100-silence_logger.rb:29:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/remote_ip.rb:93:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/request_id.rb:26:in `call'
lib/middleware/enforce_hostname.rb:24:in `call'
rack (2.2.6.4) lib/rack/method_override.rb:24:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/executor.rb:14:in `call'
rack (2.2.6.4) lib/rack/sendfile.rb:110:in `call'
actionpack (7.0.4.3) lib/action_dispatch/middleware/host_authorization.rb:131:in `call'
rack-mini-profiler (3.0.0) lib/mini_profiler/profiler.rb:249:in `call'
message_bus (4.3.2) lib/message_bus/rack/middleware.rb:60:in `call'
lib/middleware/request_tracker.rb:228:in `call'
railties (7.0.4.3) lib/rails/engine.rb:530:in `call'
railties (7.0.4.3) lib/rails/railtie.rb:226:in `public_send'
railties (7.0.4.3) lib/rails/railtie.rb:226:in `method_missing'
rack (2.2.6.4) lib/rack/urlmap.rb:74:in `block in call'
rack (2.2.6.4) lib/rack/urlmap.rb:58:in `each'
rack (2.2.6.4) lib/rack/urlmap.rb:58:in `call'
unicorn (6.1.0) lib/unicorn/http_server.rb:634:in `process_client'
unicorn (6.1.0) lib/unicorn/http_server.rb:739:in `worker_loop'
unicorn (6.1.0) lib/unicorn/http_server.rb:547:in `spawn_missing_workers'
unicorn (6.1.0) lib/unicorn/http_server.rb:143:in `start'
unicorn (6.1.0) bin/unicorn:128:in `<top (required)>'
vendor/bundle/ruby/3.2.0/bin/unicorn:25:in `load'
vendor/bundle/ruby/3.2.0/bin/unicorn:25:in `<main>'

sam · 31. März 2023 um 00:23

Umgeht die Problemumgehung, neu zu beginnen und den richtigen Schlüssel zu verwenden, das Problem?

Ich stimme vollkommen zu, dass wir uns hier anmutiger verhalten sollten.

Wolftallemo · 31. März 2023 um 00:44

Aktualisieren behebt das Problem, ja. Aber in diesem Fall ist es keine Frage der Verwendung des falschen Schlüssels, da ich nur den in iCloud gespeicherten Schlüssel verwendet habe. Die Aufforderung wurde mir überhaupt nicht angezeigt.

Obwohl ich dies mit keinem anderen Browser als Safari auslösen konnte.

Thema		Antworten	Aufrufe
Cannot complete 2FA with TOTP code if verifying with security key fails Bug	1	549	4. November 2021
Hitting enter key after entering password reloads page when managing 2FA UX	2	688	30. Oktober 2019
Error message displaying at login with Linux/Firefox Support passkey	8	569	17. April 2024
Cannot authenticate with yubikey when verifying new email Bug	12	966	16. Juni 2020
The 'enter' key does nothing when logging in on Android Bug	10	1476	9. Januar 2017

Anmeldung mit Sicherheitsschlüssel schlägt fehl, wenn sie durch Tastaturnavigation ausgelöst wird

Verwandte Themen