Forced TOTP setup not working if backup codes are set #1160
Description
Steps to reproduce
- Enable 2FA via TOTP
- Generate backup codes
- Disable 2FA
- Log out
- As admin, force 2FA for user or for all users
- Log in as user
- Select TOTP
Expected behaviour
User gets shown a valid QR code
Actual behaviour
QR code says "undefined"
Server configuration
Operating system: Ubuntu 20.04.3
Web server: Apache 2.4.41
Database: MariaDB 10.3.31
PHP version: 7.4.3
Version: 22.2.3 with and without nextcloud/server#29752 applied
Updated from an older version or fresh install: Updated from older version
List of activated apps:
- accessibility: 1.8.0
- activity: 2.15.0
- admin_audit: 1.12.0
- bruteforcesettings: 2.2.0
- cloud_federation_api: 1.5.0
- dav: 1.19.0
- federatedfilesharing: 1.12.0
- files: 1.17.0
- files_accesscontrol: 1.12.1
- files_automatedtagging: 1.12.0
- files_pdfviewer: 2.3.1
- files_retention: 1.11.1
- files_rightclick: 1.1.0
- files_sharing: 1.14.0
- files_trashbin: 1.12.0
- files_versions: 1.15.0
- geoblocker: 0.5.1
- impersonate: 1.9.0
- logreader: 2.7.0
- lookup_server_connector: 1.10.0
- oauth2: 1.10.0
- password_policy: 1.12.0
- privacy: 1.6.0
- provisioning_api: 1.12.0
- richdocuments: 4.2.3
- richdocumentscode: 6.4.1303
- serverinfo: 1.12.0
- settings: 1.4.0
- sharebymail: 1.12.0
- support: 1.5.0
- systemtags: 1.12.0
- theming: 1.13.0
- twofactor_backupcodes: 1.11.0
- twofactor_totp: 6.1.0
- updatenotification: 1.12.0
- user_ldap: 1.12.1
- viewer: 1.6.0
- workflowengine: 2.4.0
Client configuration
Browser: Firefox, Chrome, Edge
Logs
Server log (data/nextcloud.log)
{
"reqId": "n40xtIRWukNzjUqKis72",
"level": 3,
"time": "2021-11-23T10:55:07+01:00",
"remoteAddr": "***REMOVED SENSITIVE VALUE***",
"user": "0BD0C313-28FD-4BCE-AC6B-C5357F25CF53",
"app": "PHP",
"method": "GET",
"url": "/index.php/login/setupchallenge",
"message": "Undefined index: redirect_url at /var/www/html/nextcloud/core/templates/twofactorsetupselection.php#36",
"userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Edg/96.0.1054.29",
"version": "22.2.3.0",
"exception": {
"Exception": "Error",
"Message": "Undefined index: redirect_url at /var/www/html/nextcloud/core/templates/twofactorsetupselection.php#36",
"Code": 0,
"Trace": [
{
"file": "/var/www/html/nextcloud/core/templates/twofactorsetupselection.php",
"line": 36,
"function": "onError",
"class": "OC\\Log\\ErrorHandler",
"type": "::"
},
{
"file": "/var/www/html/nextcloud/lib/private/Template/Base.php",
"line": 180,
"args": [
"/var/www/html/nextcloud/core/templates/twofactorsetupselection.php"
],
"function": "include"
},
{
"file": "/var/www/html/nextcloud/lib/private/Template/Base.php",
"line": 150,
"function": "load",
"class": "OC\\Template\\Base",
"type": "->"
},
{
"file": "/var/www/html/nextcloud/lib/private/legacy/OC_Template.php",
"line": 179,
"function": "fetchPage",
"class": "OC\\Template\\Base",
"type": "->"
},
{
"file": "/var/www/html/nextcloud/lib/public/AppFramework/Http/TemplateResponse.php",
"line": 204,
"function": "fetchPage",
"class": "OC_Template",
"type": "->"
},
{
"file": "/var/www/html/nextcloud/lib/private/AppFramework/Http/Dispatcher.php",
"line": 171,
"function": "render",
"class": "OCP\\AppFramework\\Http\\TemplateResponse",
"type": "->"
},
{
"file": "/var/www/html/nextcloud/lib/private/AppFramework/App.php",
"line": 156,
"function": "dispatch",
"class": "OC\\AppFramework\\Http\\Dispatcher",
"type": "->"
},
{
"file": "/var/www/html/nextcloud/lib/private/Route/Router.php",
"line": 302,
"function": "main",
"class": "OC\\AppFramework\\App",
"type": "::"
},
{
"file": "/var/www/html/nextcloud/lib/base.php",
"line": 1006,
"function": "match",
"class": "OC\\Route\\Router",
"type": "->"
},
{
"file": "/var/www/html/nextcloud/index.php",
"line": 36,
"function": "handleRequest",
"class": "OC",
"type": "::"
}
],
"File": "/var/www/html/nextcloud/lib/private/Log/ErrorHandler.php",
"Line": 92,
"CustomMessage": "--"
}
}