U2F doesn't work on gitea/gitea:latest docker image #5314

New Issue

Closed

opened 2025-11-02 06:21:15 -06:00 by GiteaMirror · 6 comments

GiteaMirror commented 2025-11-02 06:21:15 -06:00

Owner

Copy Link

Originally created by @jerheij on GitHub (Apr 27, 2020).

• Gitea version (or commit ref): docker: gitea/gitea:latest
• Git version: n/a
• Client Operating system: Windows 10
• Client browser: Firefox and Edge
• Host OS: CentOS 7
• Host Docker version: Docker CE version 19.03.8
• Database (use [x]):
  • PostgreSQL
  • MySQL
  • MSSQL
  • SQLite
• Can you reproduce the bug at https://try.gitea.io:
  • Yes (provide example URL)
  • No
  • Not relevant

Description

When I upgrade my docker container to the newest gitea release (gitea/gitea:latest) the yubikey authentication attempt causes the error attached. When I downgrade the gitea to 1.11.4 (gitea/gitea:1.11.4) the yubikey authentication works without issues.

Screenshots

Originally created by @jerheij on GitHub (Apr 27, 2020). - Gitea version (or commit ref): docker: gitea/gitea:latest - Git version: n/a - Client Operating system: Windows 10 - Client browser: Firefox and Edge - Host OS: CentOS 7 - Host Docker version: Docker CE version 19.03.8 - Database (use `[x]`): - [ ] PostgreSQL - [x] MySQL - [ ] MSSQL - [ ] SQLite - Can you reproduce the bug at https://try.gitea.io: - [x] Yes (provide example URL) - [ ] No - [ ] Not relevant ## Description When I upgrade my docker container to the newest gitea release (gitea/gitea:latest) the yubikey authentication attempt causes the error attached. When I downgrade the gitea to 1.11.4 (gitea/gitea:1.11.4) the yubikey authentication works without issues. ## Screenshots 

GiteaMirror added the issue/criticalissue/confirmedtype/bug labels 2025-11-02 06:21:15 -06:00

GiteaMirror closed this issue 2025-11-02 06:21:15 -06:00

GiteaMirror commented 2025-11-02 06:21:16 -06:00

Author

Owner

Copy Link

@6543 commented on GitHub (Apr 27, 2020):

Can Confirm for: yubikey with linux(5.6.3) + firefox 75.0 (64-bit)

@6543 commented on GitHub (Apr 27, 2020): Can Confirm for: yubikey with linux(5.6.3) + firefox 75.0 (64-bit)

GiteaMirror commented 2025-11-02 06:21:16 -06:00

Author

Owner

Copy Link

@lafriks commented on GitHub (Apr 27, 2020):

Solo U2F also does not work on master branch on Linux + Firefox

@lafriks commented on GitHub (Apr 27, 2020): Solo U2F also does not work on master branch on Linux + Firefox

GiteaMirror commented 2025-11-02 06:21:16 -06:00

Author

Owner

Copy Link

@rgessner commented on GitHub (May 4, 2020):

Almost the same problem.

But here comes only a very short U2F window (<1sec) and then immediately a fallback to the configured TOTP method.

configuration:
podman (Fedora 32) with gitea/gitea:latest
Browser: Chrome and Firefox

( gitea/gitea:1.11.4 runs without problems)

@rgessner commented on GitHub (May 4, 2020): Almost the same problem. But here comes only a very short U2F window (<1sec) and then immediately a fallback to the configured TOTP method. configuration: podman (Fedora 32) with gitea/gitea:latest Browser: Chrome and Firefox ( gitea/gitea:1.11.4 runs without problems)

GiteaMirror commented 2025-11-02 06:21:16 -06:00

Author

Owner

Copy Link

@CirnoT commented on GitHub (May 4, 2020):

https://github.com/grantila/u2f-api/issues/21
https://github.com/Yubico/libu2f-host/issues/130

The world has generally decided to move towards WebAuthn instead of direct protocol implementations, and so we need to do the same. The library we're using can not do that and seems abandoned.

https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API
https://webauthn.bin.coffee/

@CirnoT commented on GitHub (May 4, 2020): https://github.com/grantila/u2f-api/issues/21 https://github.com/Yubico/libu2f-host/issues/130 The world has generally decided to move towards WebAuthn instead of direct protocol implementations, and so we need to do the same. The library we're using can not do that and seems abandoned. https://developer.mozilla.org/en-US/docs/Web/API/Web_Authentication_API https://webauthn.bin.coffee/

GiteaMirror commented 2025-11-02 06:21:17 -06:00

Author

Owner

Copy Link

@kolaente commented on GitHub (May 6, 2020):

Ping @jonasfranz

@kolaente commented on GitHub (May 6, 2020): Ping @jonasfranz

GiteaMirror commented 2025-11-02 06:21:17 -06:00

Author

Owner

Copy Link

@jonasfranz commented on GitHub (May 6, 2020):

I've looked into this problem. It seems that $.post(...).success()does not work anymore. The u2f api javascript library we're using is outdated and the new version is not backward-compatible to our implementation. I think it makes no sense to stay with u2f since webauthn is the de-facto new standard. In a first step we should roll out a hot fix regarding the jquery stuff.

@jonasfranz commented on GitHub (May 6, 2020): I've looked into this problem. It seems that `$.post(...).success()`does not work anymore. The u2f api javascript library we're using is outdated and the new version is not backward-compatible to our implementation. I think it makes no sense to stay with u2f since webauthn is the de-facto new standard. In a first step we should roll out a hot fix regarding the jquery stuff.

GiteaMirror referenced this issue 2025-11-02 06:56:47 -06:00

Correct comments another users in PR #6461

GiteaMirror referenced this issue 2025-11-02 15:31:12 -06:00

[PR #5314] [MERGED] Restrict permission check on repositories and fix some problems #17754

GiteaMirror referenced this issue 2025-11-02 16:02:41 -06:00

[PR #5515] [MERGED] fix adding reaction fail for read permission user #17822

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

release/v1.25

release/v1.24

release/v1.23

release/v1.22

release/v1.21

release/v1.20

release/v1.19

release/v1.18

release/v1.17

release/v1.16

release/v1.15

release/v1.14

release/v1.13

release/v1.12

release/v1.11

release/v1.10

release/v1.9

release/v1.8

v1.25.3

v1.25.2

v1.25.1

v1.25.0

v1.24.7

v1.25.0-rc0

v1.26.0-dev

v1.24.6

v1.24.5

v1.24.4

v1.24.3

v1.24.2

v1.24.1

v1.24.0

v1.23.8

v1.24.0-rc0

v1.25.0-dev

v1.23.7

v1.23.6

v1.23.5

v1.23.4

v1.23.3

v1.23.2

v1.23.1

v1.23.0

v1.23.0-rc0

v1.24.0-dev

v1.22.6

v1.22.5

v1.22.4

v1.22.3

v1.22.2

v1.22.1

v1.22.0

v1.23.0-dev

v1.22.0-rc1

v1.21.11

v1.22.0-rc0

v1.21.10

v1.21.9

v1.21.8

v1.21.7

v1.21.6

v1.21.5

v1.21.4

v1.21.3

v1.21.2

v1.20.6

v1.21.1

v1.21.0

v1.21.0-rc2

v1.21.0-rc1

v1.20.5

v1.22.0-dev

v1.21.0-rc0

v1.20.4

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.19.4

v1.21.0-dev

v1.20.0-rc2

v1.20.0-rc1

v1.20.0-rc0

v1.19.3

v1.19.2

v1.19.1

v1.19.0

v1.19.0-rc1

v1.20.0-dev

v1.19.0-rc0

v1.18.5

v1.18.4

v1.18.3

v1.18.2

v1.18.1

v1.18.0

v1.17.4

v1.18.0-rc1

v1.19.0-dev

v1.18.0-rc0

v1.17.3

v1.17.2

v1.17.1

v1.17.0

v1.17.0-rc2

v1.16.9

v1.17.0-rc1

v1.18.0-dev

v1.16.8

v1.16.7

v1.16.6

v1.16.5

v1.16.4

v1.16.3

v1.16.2

v1.16.1

v1.16.0

v1.15.11

v1.17.0-dev

v1.16.0-rc1

v1.15.10

v1.15.9

v1.15.8

v1.15.7

v1.15.6

v1.15.5

v1.15.4

v1.15.3

v1.15.2

v1.15.1

v1.14.7

v1.15.0

v1.15.0-rc3

v1.14.6

v1.15.0-rc2

v1.14.5

v1.16.0-dev

v1.15.0-rc1

v1.14.4

v1.14.3

v1.14.2

v1.14.1

v1.14.0

v1.13.7

v1.14.0-rc2

v1.13.6

v1.13.5

v1.14.0-rc1

v1.15.0-dev

v1.13.4

v1.13.3

v1.13.2

v1.13.1

v1.13.0

v1.12.6

v1.13.0-rc2

v1.14.0-dev

v1.13.0-rc1

v1.12.5

v1.12.4

v1.12.3

v1.12.2

v1.12.1

v1.11.8

v1.12.0

v1.11.7

v1.12.0-rc2

v1.11.6

v1.12.0-rc1

v1.13.0-dev

v1.11.5

v1.11.4

v1.11.3

v1.10.6

v1.12.0-dev

v1.11.2

v1.10.5

v1.11.1

v1.10.4

v1.11.0

v1.11.0-rc2

v1.10.3

v1.11.0-rc1

v1.10.2

v1.10.1

v1.10.0

v1.9.6

v1.9.5

v1.10.0-rc2

v1.11.0-dev

v1.10.0-rc1

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-rc2

v1.10.0-dev

v1.9.0-rc1

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.8.0-rc3

v1.7.6

v1.8.0-rc2

v1.7.5

v1.8.0-rc1

v1.9.0-dev

v1.7.4

v1.7.3

v1.7.2

v1.7.1

v1.7.0

v1.7.0-rc3

v1.6.4

v1.7.0-rc2

v1.6.3

v1.7.0-rc1

v1.7.0-dev

v1.6.2

v1.6.1

v1.6.0

v1.6.0-rc2

v1.5.3

v1.6.0-rc1

v1.6.0-dev

v1.5.2

v1.5.1

v1.5.0

v1.5.0-rc2

v1.5.0-rc1

v1.5.0-dev

v1.4.3

v1.4.2

v1.4.1

v1.4.0

v1.4.0-rc3

v1.4.0-rc2

v1.3.3

v1.4.0-rc1

v1.3.2

v1.3.1

v1.3.0

v1.3.0-rc2

v1.3.0-rc1

v1.2.3

v1.2.2

v1.2.1

v1.2.0

v1.2.0-rc3

v1.2.0-rc2

v1.1.4

v1.2.0-rc1

v1.1.3

v1.1.2

v1.1.1

v1.1.0

v1.0.2

v1.0.1

v1.0.0

v0.9.99

Labels

Clear labels

$20

$250

$50

$500

backport/done

💎 Bounty

docs-update-needed

good first issue

hacktoberfest

issue/bounty

issue/confirmed

issue/critical

issue/duplicate

issue/needs-feedback

issue/not-a-bug

issue/regression

issue/stale

issue/workaround

lgtm/need 2

modifies/api

modifies/translation

outdated/backport/v1.18

outdated/theme/markdown

outdated/theme/timetracker

performance/bigrepo

performance/cpu

performance/memory

performance/speed

pr/breaking

proposal/accepted

proposal/rejected

pr/wip

pull-request

Mirrored from GitHub Pull Request

reviewed/wontfix

💰 Rewarded

skip-changelog

status/blocked

topic/accessibility

topic/api

topic/authentication

topic/build

topic/code-linting

topic/commit-signing

topic/content-rendering

topic/deployment

topic/distribution

topic/federation

topic/gitea-actions

topic/issues

topic/lfs

topic/mobile

topic/moderation

topic/packages

topic/pr

topic/projects

topic/repo

topic/repo-migration

topic/security

topic/theme

topic/ui

topic/ui-interaction

topic/ux

topic/webhooks

topic/wiki

type/bug

type/deprecation

type/docs

type/enhancement

type/feature

type/miscellaneous

type/proposal

type/question

type/refactoring

type/summary

type/testing

type/upstream

No Label issue/confirmed issue/critical type/bug

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/gitea#5314