By: Mohana Jeyatharan Account Admin 31 Dec 2021 at 2:44 a.m. CST

12 Responses
Mohana Jeyatharan gravatar
Hi Gluu Support Team, Facing the issue with Super Gluu IOS app authentication. It is failing. Possible to provide some inputs on this Expected Behaviour ------- After registration with Super Gluu app, during authentication (using Super Gluu auth), expected to see "Authentication sucussful". Current Behaviour ------------ After registration of my device(tying user to device), the usual authentication should be sucussful. But with Super Gluu, RP-app and Gluu server in the system, the authentication was not sucussful. The message I get in the Super Gluu IOS app is: Oops! Authentication failed. Try again. We are observed from the oxAuth logs obtained from the Gluu console that we see something like: auth.ws.rs.fido.u2f.U2fAuthenticationWSexception: Signature is not valid It seems the undelying Fido issue. System Details --- 1. Installed Super Gluu app on IOS and did the basic user configuration as per Super Gluu specs 2. In cloud space 2 components running on the same machine. - Gluu server 4.3 running on Ubuntu 20.04 - Oxd server running within Gluu - Oxd-spring test app (obtained from Gluu Git hub) running in the same server as a spring boot jar. Minor modifications to Pom xml and app properties. Configuration details ----- [1]In Gluu server have created a user (other than admin) [2]In Gluu Server, have enabled Super Gluu and made it as the default authentication for default acr field. [3] In Gluu server, in configuration->Manage Custom Scripts, have activated the Super Gluu 2FA authentication.

By Michael Schwartz Account Admin 31 Dec 2021 at 10:55 a.m. CST

Michael Schwartz gravatar
Maybe Zico can help you.

By Mohana Jeyatharan Account Admin 31 Dec 2021 at 8:39 p.m. CST

Mohana Jeyatharan gravatar
Thanks Mike for the assignment

By Mohib Zico Account Admin 31 Dec 2021 at 10:41 p.m. CST

Mohib Zico gravatar
I will test situation in 4.3.x. Will update you.

By Mohib Zico Account Admin 01 Jan 2022 at 8:31 a.m. CST

Mohib Zico gravatar
I created a github issue on that and informed SuperGluu developer: https://github.com/GluuFederation/ios-super-gluu/issues/9

By Mohana Jeyatharan Account Admin 02 Jan 2022 at 1:10 a.m. CST

Mohana Jeyatharan gravatar
Hi Mohib, Noted Thanks. If logs needed let me know. Understand possibly some patch in Super Gluu will be done.

By Mohib Zico Account Admin 06 Jan 2022 at 12:49 p.m. CST

Mohib Zico gravatar
Hi Mohana, I am able to reproduce the issue. Checking internally.

By Mohana Jeyatharan Account Admin 06 Jan 2022 at 6:43 p.m. CST

Mohana Jeyatharan gravatar
Ok, noted Mohib. Thanks.

By Mohib Zico Account Admin 24 Jan 2022 at 11:41 a.m. CST

Mohib Zico gravatar
**Status** We are going to release fix ASAP.

By Janis Kulins user 28 Jan 2022 at 3:29 a.m. CST

Janis Kulins gravatar
is same problem that was reported couple months ago. Root cause is erorr in introduced signature verification. https://github.com/GluuFederation/oxAuth/issues/1525 Data passed to signature verificaiton has different format (lacking base64 in some pleaces etc). Also expired vendor cert.

By Mohib Zico Account Admin 22 Feb 2022 at 8:55 a.m. CST

Mohib Zico gravatar
We released patched release in Playstore and Appstore. It's ready for you to test. Thanks!

By Mohana Jeyatharan Account Admin 22 Feb 2022 at 11:29 p.m. CST

Mohana Jeyatharan gravatar
Hi Mohib, Ok, noted. We can check it with Gluu 4.3 then.

By Mohib Zico Account Admin 21 Mar 2022 at 11:27 p.m. CDT

Mohib Zico gravatar
Hello, Please reopen the ticket if required.