mirror of
https://github.com/nextcloud/twofactor_gateway.git
synced 2026-04-25 09:05:55 +03:00
[GH-ISSUE #23] Nextcloud 2 factor authentication with Telegram #12
Labels
No labels
0. to triage
1. to develop
3. to review
blocked
bug
discussion
duplicate
enhancement
enhancement
gateway:signal
gateway:signal
gateway:signal
gateway:sms
gateway:telegram
hacktoberfest
help wanted
invalid
needs info
php
pull-request
question
technical debt
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference
starred/twofactor_gateway-nextcloud#12
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
Originally created by @Dretech on GitHub (Oct 4, 2017).
Original GitHub issue: https://github.com/nextcloud/twofactor_gateway/issues/23
Hi,
A few weeks a sent a message in the Nextcloud forum about 2 factor authentication with Telegram. In the meanwhile I made some PHP code for 2fa with Telegram. I want to try to add this code to the Nextcloud 2fa php-code, but I don't have experience with such a big projects like Nextcloud. You wrote in the Nextcloud forum that you will give me some pointers to get started. Can you give me that pointers?
Kind regards,
Dretech
@ChristophWurst commented on GitHub (Oct 4, 2017):
Hey @Dretech,
a Telegram integration would be pretty cool. Thanks for working on this :)
Don't worry, this app is fairly small and I can guide you with the required steps. Basically, we do have an interface any provider or messaging gateway has to implement. The interface is located at https://github.com/nextcloud/twofactor_sms/blob/master/lib/Service/ISmsService.php. It's really simple, there's just one method you have to implement. The provider gets the recipient and the message as parameter, which you then have to push to Telegram.
For the configuration, you have to adjust
github.com/nextcloud/twofactor_sms@5278a27d2b/lib/AppInfo/Application.php (L47-L58)to also allow Telegram as a configured provider. Just addtelegramas a new case of that switch statement and return the class of your implementation.That should be it. Does that make sense? Let me know if you need any more information, I can help you further :)
You can find two existing implementations at https://github.com/nextcloud/twofactor_sms/tree/master/lib/Service/SmsProvider.
@ChristophWurst commented on GitHub (Oct 4, 2017):
On a general note, if you need help setting up a dev environment, check out https://docs.nextcloud.com/server/12/developer_manual/general/devenv.html.
@ChristophWurst commented on GitHub (Oct 4, 2017):
Feel free to push your changes in the form of a pull request to this repository as soon as you've started you work. Even if it's not finished yet. This will allow me to give you some early feedback on the implementation 😉
@Dretech commented on GitHub (Oct 11, 2017):
Hi Christoph,
Last week I replied your messages by email, but I think that you did not receive them.
The contents of the mails was:
Thank you for your replies. In the meanwhile a installed github and the development version of Nextcloud 12 in Github. (It took some more time than expected to get git working, but now it's running :-) .)
In the mail below you give links of the two_factor sms code, but I don't know how to install and activate that code in my Nextcloud development environment in git. I assume that after installing the two factor SMS code I can find the php code in the apps directory of my Nextcloud development environment.
Another question: Can you add me to the git project so I am able to create a new branche?
Thanks in advance for your reply.
Dretech
@ChristophWurst commented on GitHub (Oct 16, 2017):
cdto theappsdirectory and clone this repository there. Then,cdback and runphp -f ./occ app:install twofactor_smsin your Nextcloud root directory.Just clone the repository and open the pull request here :)
@Dretech commented on GitHub (Oct 30, 2017):
Thanks for your reply. After running sudo -u http php -f ./occ app:install twofactor_sms I got the following message:
twofactor_sms already installed
I the settings of Nextcloud I don't have any options for configuring the SMS authentification.
Thanks in advance for your reply.
@ChristophWurst commented on GitHub (Oct 30, 2017):
Please see the readme.
@Dretech commented on GitHub (Oct 30, 2017):
Thank you.
Next question :-( : Where can I find the files referred to in lines 27-29 of WebSmsDe.php?
(
use OCP\Http\Client\IClient;
use OCP\Http\Client\IClientService;
use OCP\IConfig;
)
@ChristophWurst commented on GitHub (Oct 30, 2017):
They are part of the Nextcloud server component, https://github.com/nextcloud/server.
https://docs.nextcloud.com/server/12/developer_manual/.
@Dretech commented on GitHub (Nov 13, 2017):
Hi Christoph,
A few minutes ago I sent you a pull request of my first steps of the 2fa for Telegram in Nextcloud. I hope you did receive it.
I have added the case Telegram to apps/towfactor_sms/lib/AppInfo/Application.php
I have also made a file apps/two_factor_sms/lib/Service/SmsProvider/Telegram.php
I figured out that the configuration examples in https://github.com/nextcloud/twofactor_sms#supported-sms-services are ment for the appliation, not for the users. I don't know how to store user settings, so I hard coded temporarily in line 56 of Telegram.php the the Telegram User ID.
I have made the following configuration settings for the Telegram 2fa:
./occ config:app:set twofactor_sms sms_provider --value "telegram"
./occ config:app:set twofactor_sms telegram_url --value "https://api.telegram.org/bot"
./occ config:app:set twofactor_sms telegram_bot_token --value "your Telegram bot token"
Can you tell me how I can test my configuration (when I filled in my Telegram user ID and Telegram bot token?
Kind regards,
Dretech
@ChristophWurst commented on GitHub (Nov 13, 2017):
GitHub still shows 0 pull requests. Did you submit it somewhere else? Can you please share a link to it? :)
@Dretech commented on GitHub (Nov 13, 2017):
I used the command below from the apps directory:
git pull https://github.com/nextcloud/twofactor_sms.git master
I hope it is the correct command.
@ChristophWurst commented on GitHub (Nov 13, 2017):
That pulls remote changes into your local repository. You have to push yours somewhere, for example to your forked repository.
See https://help.github.com/articles/about-collaborative-development-models/, https://help.github.com/articles/about-pull-requests/ or more general https://git-scm.com/book/en/v1/Git-Basics :)
@Dretech commented on GitHub (Nov 13, 2017):
Thank you for your patience! And thank you that you give me such kind of instructions so I learn to work with git by myself!
I made 2 push requests using the web interface. Can you find them?
@ChristophWurst commented on GitHub (Nov 13, 2017):
I found them, yes. However, you created a pull request for your forked repository. If your plan is to integrate this into this repository you have to select this repository as base. On GitHub you go to your fork >
new pull request, which leads you to https://github.com/nextcloud/twofactor_sms/compare/master...Dretech:master. On that page you see the current diff of the two repositories.So far this looks like you're working towards the right direction :)
I know git and GitHub and their work flows can be a bit overwhelming at the beginning, but you'll learn how to use it 😉
@Dretech commented on GitHub (Nov 20, 2017):
Thank you for you reply. Can you tell me where I can setup my telegram 2fa in Nextcloud. I want to test it.
@ChristophWurst commented on GitHub (Nov 20, 2017):
See https://docs.nextcloud.com/server/12/developer_manual/general/devenv.html. Basically, you put the app code into the
appsdirectory, likeapps/twofactor_sms.@Dretech commented on GitHub (Nov 20, 2017):
I put the files in the apps/twofactor_sms directory. I tried to install the twofactor_sms app, but nextclouds responds with: "twofactor_sms already installed".
I think it is a previous version of the twofactor_sms. How can I uninstall this?
@ChristophWurst commented on GitHub (Nov 20, 2017):
Simply replace the php files in
apps/twofactor_sms. That should be enough. There's nothing copied to another place. The Nextcloud server just keeps track of a list of installed and enabled apps.@Dretech commented on GitHub (Nov 20, 2017):
I added the files for 2fa with Telegram to that directory. How can I activate the 2fa? (I already made the 2fa configuration settings for Telegram, see my first post of last monday.)
@ChristophWurst commented on GitHub (Nov 20, 2017):
See
github.com/nextcloud/twofactor_sms@566a63445f/lib/Provider/SmsProvider.php (L150)and https://github.com/nextcloud/twofactor_sms#websmsde how to set the user preference (phone number)@Dretech commented on GitHub (Nov 23, 2017):
I followed your instructions, but still the app is not working. It seems that apps/twofactor_sms/lib/AppInfo/Application.php has not started.
@ChristophWurst commented on GitHub (Nov 23, 2017):
Strange. It's started here, which will be triggered for every incoming request
github.com/nextcloud/twofactor_sms@566a63445f/appinfo/app.php (L23)@Dretech commented on GitHub (Nov 24, 2017):
I get the impression that lib/Provider/SmsProvider.php also does not start. I did deliberately create a syntax error in appinfo/app.php, but I do not get an error message.
The contents of the database table oc_appconfig is:
appid | configkey | configvalue
twofactor_sms | sms_provider | telegram
twofactor_sms | telegram_bot_token | your telegram bot api token
twofactor_sms | telegram_url | https://api.telegram.org/bot
The contents of the database table oc_preferences is:
userid | appid | configkey | configvalue
nextclouddev | twofactor_sms | phone | 31612345678
@ChristophWurst commented on GitHub (Nov 24, 2017):
Could you please double-check whether the app is installed and enabled by posting the output of
php -f ./occ app:list?@Dretech commented on GitHub (Nov 24, 2017):
When I run the command above, Nextcloud indicates twofactor_sms is disabled
When I try to install Twofactor SMS with php -f ./occ app:install twofactor_sms Nextcloud gives the following message:
twofactor_sms already installed
When I try to enable twofactor_sms with php -f ./occ app:enable twofactor_sms Nextcloud gives the following message:
[Exception]
App "Two Factor SMS Provider" cannot be installed because it is not compati
ble with this version of the server.
I am running the following version of Nextcloud for the implementation of 2fa with Telegram: Nextcloud 13.0.0 alpha
@ChristophWurst commented on GitHub (Nov 24, 2017):
Ha! Forgot to tell you this: edit
appinfo/info.xmland increase the max-version of Nextcloud to 13 😉@Dretech commented on GitHub (Nov 25, 2017):
Thank you for your reply! Now I as able to enable twofactor_sms, but unfortunately the app does not start. After enabling twofactor_sms nextcloud gave the next message:
twofactor_sms enabled
But after running php -f ./occ app:list I discovered that twofactor_sms still is in the list with disabled apps.
Below you will find the last line of my data/nextcloud.log file. I my opinion the twofactor_sms app does not start because line 59 of apps/twofactor_sms/lib/Appinfo/Application.php (see below the log file).
{"reqId":"K2WOTKK1wSzswNl3gkDP","level":3,"time":"2017-11-25T07:40:07+00:00","remoteAddr":"","user":"--","app":"no app in context","method":"--","url":"--","message":"Exception: {"Exception":"ParseError","Message":"syntax error, unexpected 'return' (T_RETURN)","Code":0,"Trace":"#0 \/srv\/http\/nextcloud_dev\/lib\/composer\/composer\/ClassLoader.php(322): Composer\\Autoload\\includeFile('\/srv\/http\/nextc...')\n#1 [internal function]: Composer\\Autoload\\ClassLoader->loadClass('OCA\\\\TwoFactorSm...')\n#2 \/srv\/http\/nextcloud_dev\/apps\/twofactor_sms\/appinfo\/app.php(23): spl_autoload_call('OCA\\\\TwoFactorSm...')\n#3 \/srv\/http\/nextcloud_dev\/lib\/private\/legacy\/app.php(232): require_once('\/srv\/http\/nextc...')\n#4 \/srv\/http\/nextcloud_dev\/lib\/private\/legacy\/app.php(150): OC_App::requireAppFile('twofactor_sms')\n#5 \/srv\/http\/nextcloud_dev\/lib\/private\/legacy\/app.php(125): OC_App::loadApp('twofactor_sms')\n#6 \/srv\/http\/nextcloud_dev\/lib\/private\/Console\/Application.php(104): OC_App::loadApps()\n#7 \/srv\/http\/nextcloud_dev\/console.php(91): OC\\Console\\Application->loadCommands(Object(Symfony\\Component\\Console\\Input\\ArgvInput), Object(Symfony\\Component\\Console\\Output\\ConsoleOutput))\n#8 \/srv\/http\/nextcloud_dev\/occ(11): require_once('\/srv\/http\/nextc...')\n#9 {main}","File":"\/srv\/http\/nextcloud_dev\/apps\/twofactor_sms\/lib\/AppInfo\/Application.php","Line":59}","userAgent":"--","version":"13.0.0.5"}
The contents of Lines 53 - 60 of apps/twofactor_sms/lib/Appinfo/Application.php is:
53 switch ($name) {
54 case 'websms.de':
55 return WebSmsDe::class;
56 case 'playsms':
57 return PlaySMS::class;
58 case 'telegram'
59 return Telegram::class;
60 }
@ChristophWurst commented on GitHub (Nov 25, 2017):
:is missing at the end of the line.Generally,
find . -name \*.php -not -path './vendor/*' -exec php -l "{}" \;will help you discover those syntax errors the next time.@Dretech commented on GitHub (Nov 25, 2017):
oooops, thank you for your reply!
One step further ;-) : The following error is:
I tried to understand the trace of the internal server error, but at the moment I do not understand the error. Possibly you could you help me.
Trace:
Last line of data/nextcloud.log:
{"reqId":"x9557G78Exa58IdXrTKX","level":3,"time":"2017-11-25T16:11:15+00:00","remoteAddr":"192.168.2.1","user":"nextclouddev","app":"index","method":"POST","url":"\/ncdev\/index.php\/login","message":"Exception: {\"Exception\":\"Exception\",\"Message\":\"Could not load two-factor auth provider OCA\\\\TwoFactorSms\\\\Provider\\\\SmsProvider\",\"Code\":0,\"Trace\":\"#0 \\\/srv\\\/http\\\/nextcloud_dev\\\/lib\\\/private\\\/Authentication\\\/TwoFactorAuth\\\/Manager.php(104): OC\\\\Authentication\\\\TwoFactorAuth\\\\Manager->getProviders(Object(OC\\\\User\\\\User))\\n#1 \\\/srv\\\/http\\\/nextcloud_dev\\\/core\\\/Controller\\\/LoginController.php(287): OC\\\\Authentication\\\\TwoFactorAuth\\\\Manager->isTwoFactorAuthenticated(Object(OC\\\\User\\\\User))\\n#2 [internal function]: OC\\\\Core\\\\Controller\\\\LoginController->tryLogin(*** sensitive parameters replaced ***)\\n#3 \\\/srv\\\/http\\\/nextcloud_dev\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(160): call_user_func_array(Array, Array)\\n#4 \\\/srv\\\/http\\\/nextcloud_dev\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(90): OC\\\\AppFramework\\\\Http\\\\Dispatcher->executeController(Object(OC\\\\Core\\\\Controller\\\\LoginController), 'tryLogin')\\n#5 \\\/srv\\\/http\\\/nextcloud_dev\\\/lib\\\/private\\\/AppFramework\\\/App.php(114): OC\\\\AppFramework\\\\Http\\\\Dispatcher->dispatch(Object(OC\\\\Core\\\\Controller\\\\LoginController), 'tryLogin')\\n#6 \\\/srv\\\/http\\\/nextcloud_dev\\\/lib\\\/private\\\/AppFramework\\\/Routing\\\/RouteActionHandler.php(47): OC\\\\AppFramework\\\\App::main('OC\\\\\\\\Core\\\\\\\\Control...', 'tryLogin', Object(OC\\\\AppFramework\\\\DependencyInjection\\\\DIContainer), Array)\\n#7 [internal function]: OC\\\\AppFramework\\\\Routing\\\\RouteActionHandler->__invoke(Array)\\n#8 \\\/srv\\\/http\\\/nextcloud_dev\\\/lib\\\/private\\\/Route\\\/Router.php(297): call_user_func(Object(OC\\\\AppFramework\\\\Routing\\\\RouteActionHandler), Array)\\n#9 \\\/srv\\\/http\\\/nextcloud_dev\\\/lib\\\/base.php(972): OC\\\\Route\\\\Router->match('\\\/login')\\n#10 \\\/srv\\\/http\\\/nextcloud_dev\\\/index.php(40): OC::handleRequest()\\n#11 {main}\",\"File\":\"\\\/srv\\\/http\\\/nextcloud_dev\\\/lib\\\/private\\\/Authentication\\\/TwoFactorAuth\\\/Manager.php\",\"Line\":176}","userAgent":"Mozilla\/5.0 (X11; Linux x86_64; rv:57.0) Gecko\/20100101 Firefox\/57.0","version":"13.0.0.5"}@ChristophWurst commented on GitHub (Nov 25, 2017):
Is the code available somewhere on GitHub?
@Dretech commented on GitHub (Nov 25, 2017):
I created a pull request from Dretech/twofactor_sms to (if I understand it) Nextcloud/twofactor_sms
@Dretech commented on GitHub (Dec 11, 2017):
Did you find my pull request at https://github.com/nextcloud/twofactor_sms/pull/24 ?
Another totally different question: May I mention your name in an article about contributing to open source projects for a Dutch magazine called Linux Magazine?
@ChristophWurst commented on GitHub (Dec 11, 2017):
I did see it. Unfortunately I'm very busy at the moment and I've not yet found the time to look into it, sorry.
Sure 😀
@Dretech commented on GitHub (Dec 12, 2017):
The next few weeks I also have some other (volunteer) activities (also writing the article) to do. I guess I can spend some time for the 2FA with Telegram in January. The article is planned for the first issue of 2018 and I will send you a pdf of it.
@ChristophWurst commented on GitHub (Jan 22, 2018):
I think I've found the issue. In
lib/AppInfo/Application.php, your newly added class is not included at the top. Add ause …statement just like the other two providers.@Dretech commented on GitHub (Jan 31, 2018):
Thank you. The error is gone, but Nextcloud does not ask for the two factor identification. After enabling twofactor_sms with php -f ./occ app:enable twofactor_sms
twofactor_sms enabled Nextcloud replies with:
twofactor_sms enabled
But when I try to login in Nextcloud there is no two factor authentication. When I run php -f ./occ app:list after logging in the twofactor_sms is disabled.
@ChristophWurst commented on GitHub (Jan 31, 2018):
Sounds like the app causes errors and thus Nextcloud disables it. Did you have a look at the
data/nextcloud.logfile? The error should be logged, if one occurs.@Dretech commented on GitHub (Feb 3, 2018):
Thank you for your reply. I made a mistake in the line for Telegram in lib/AppInfo/Application.php.
Unfortunately the app does not work. I got the following error:
_Technical details:
Line 97 of SmsProvider.php is:
$otp = new Otp();
and is as far I can see not related to the twofactor authentication with Telegram.
The log line in data/nextcloud.log concerned to this error is:
_{"reqId":"59BhYXeEOE1WC4bI4RKo","level":3,"time":"2018-02-03T08:24:45+00:00","remoteAddr":"192.168.2.1","user":"nextclouddev","app":"index","method":"GET","url":"/ncdev/index.php/login/challenge/sms","message":"Exception: {"Exception":"Error","Message":"Class 'Otp\\Otp' not found","Code":0,"Trace":"#0 \/srv\/http\/nextcloud_dev\/core\/Controller\/TwoFactorChallengeController.php(129): OCA\\TwoFactorSms\\Provider\\SmsProvider->getTemplate(Object(OC\\User\\User))\n#1 [internal function]: OC\\Core\\Controller\\TwoFactorChallengeController->showChallenge('sms', NULL)\n#2 \/srv\/http\/nextcloud_dev\/lib\/private\/AppFramework\/Http\/Dispatcher.php(160): call_user_func_array(Array, Array)\n#3 \/srv\/http\/nextcloud_dev\/lib\/private\/AppFramework\/Http\/Dispatcher.php(90): OC\\AppFramework\\Http\\Dispatcher->executeController(Object(OC\\Core\\Controller\\TwoFactorChallengeController), 'showChallenge')\n#4 \/srv\/http\/nextcloud_dev\/lib\/private\/AppFramework\/App.php(114): OC\\AppFramework\\Http\\Dispatcher->dispatch(Object(OC\\Core\\Controller\\TwoFactorChallengeController), 'showChallenge')\n#5 \/srv\/http\/nextcloud_dev\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php(47): OC\\AppFramework\\App::main('OC\\\\Core\\\\Control...', 'showChallenge', Object(OC\\AppFramework\\DependencyInjection\\DIContainer), Array)\n#6 [internal function]: OC\\AppFramework\\Routing\\RouteActionHandler->_invoke(Array)\n#7 \/srv\/http\/nextcloud_dev\/lib\/private\/Route\/Router.php(297): call_user_func(Object(OC\\AppFramework\\Routing\\RouteActionHandler), Array)\n#8 \/srv\/http\/nextcloud_dev\/lib\/base.php(972): OC\\Route\\Router->match('\/login\/challeng...')\n#9 \/srv\/http\/nextcloud_dev\/index.php(40): OC::handleRequest()\n#10 {main}","File":"\/srv\/http\/nextcloud_dev\/apps\/twofactor_sms\/lib\/Provider\/SmsProvider.php","Line":97}","userAgent":"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0","version":"13.0.0.5"}
@ChristophWurst commented on GitHub (Feb 3, 2018):
Did you run
composer installto install composer dependencies?@Dretech commented on GitHub (Feb 5, 2018):
Thank you for your reply and patience!
After installing and running composer the 2FA with Telegram is working!!!!
I do have two questions to improve the Telegram 2FA:
@ChristophWurst commented on GitHub (Feb 5, 2018):
This is just for debugging purposes, hence line
github.com/nextcloud/twofactor_sms@207c13d38b/templates/challenge.php (L13)could and should be removed.You have to store that in the oc_preferences table as documented in the readme.
@Dretech commented on GitHub (Feb 5, 2018):
Thanks! I added the Telegram ID to the oc_preferences table and now I am able to set Telegram as a 2fa for each user who wants to use it!
Shall I make a pull request of my code and make some documentation?
@ChristophWurst commented on GitHub (Feb 5, 2018):
Yes, that would be great. You seem to already have submitted two pull requests. It's sufficient to just use a single git branch and a single pull requests on GitHub that contains all the necessary changes.
@Dretech commented on GitHub (Feb 10, 2018):
I made the pull request with all the new code and changes compared to nextcloud/twofactor_sms.
André
@ChristophWurst commented on GitHub (Mar 26, 2018):
Fixed by #34 🚀