Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

rbw ANYCOMMAND: failed to log in to bitwarden instance: failed to parse JSON: missing field Kdf at line 1 column 120 #165

Closed
Pablo12345678901 opened this issue Mar 20, 2024 · 38 comments
Labels
bug Something isn't working can't reproduce

Comments

@Pablo12345678901
Copy link

rbw login: failed to log in to bitwarden instance: failed to parse JSON: missing field Kdf at line 1 column 120

This issue appeared today (I use your tool every day).
Version is the latest : 1.9.0

This is my configuration file :

{"email":"X@Y.Z",
"base_url":"https://vault.bitwarden.com/",
"identity_url":"https://identity.bitwarden.com/",
"notifications_url":"https://notifications.bitwarden.com/",
"lock_timeout":3600,
"sync_interval":1800,
"pinentry":"pinentry",
"client_cert_path":null
}

I tried to add the field 'Kdf' into it with value of 'PDKDF2 SHA-256' as well as '600000' - not working.
I tried to add the field at every possible position within the configuration file (first, second, third, ...) - not working.

I think that Bitwarden changed a setting in the way a request has to be done (API).

Is there any way of seeing the sent and returned content of the JSON ?

Thank you.

@zaibakker
Copy link

Same problem for me when i use rbw sync or login
No pb or error code when i use rbw register

Test on ubuntu 20.04/22.04 with rbw 1.9.0
I created a new account in bitwarden to verify if it was my other account or not

rbw config email xxx
rbw register
rbw sync

i changed pinentry to pinentry-tty but same pb.
i check cnx to api with tcpdump

@ruapho
Copy link

ruapho commented Mar 26, 2024

Happens with a fresh install too.

@ghost
Copy link

ghost commented Mar 26, 2024

Same problem for me.

@adrianschlatter
Copy link

Same problem.

  • rbw 1.9.0
  • Linux rtfm 6.5.0-1013-raspi #16-Ubuntu SMP PREEMPT_DYNAMIC Thu Mar 14 13:46:12 UTC 2024 aarch64 aarch64 aarch64 GNU/Linux

Setup:

  • new installation (OS and rbw)
  • base_url: not set (standard US server)
  • email: set (correctly)
  • registered with OAuth2 client credentials (worked)

Problem:

rbw login throws:

rbw login: failed to log in to bitwarden instance: failed to parse JSON: missing field `Kdf` at line 1 column 120

Note:

I can still use rbw from other machines (Windows, MacOS) where rbw was already installed and registered.

rbw sync does not work anymore on another Ubuntu machine (just hangs without any output). rbw stop-agent did not change anything. rbw login returns immediately (not asking for password; no error). rbw unlock also hangs (no output).

@DavHau
Copy link

DavHau commented Mar 29, 2024

The same problem recently appeared at my machine. Cached passwords could still be used, but I noticed new ones are missing.

An rbw sync resulted first in this error:

rbw sync: failed to sync database from server: failed to parse JSON: missing field `access_token` at line 1 column 25

After an rbw purge and new login, it now results in this error:

rbw get: failed to log in to bitwarden instance: failed to parse JSON: missing field `Kdf` at line 1 column 120

@brooksvb
Copy link

My existing install is still working, but I tried setting up rbw on a fresh system and encountered this error during rbw login

@whitemilan
Copy link

Deleting the config.json file in $HOME/.config/rbw/ fixed it for me. You need to put in your credentials again, though.

@rehhouari
Copy link

Deleting the config.json file in $HOME/.config/rbw/ fixed it for me. You need to put in your credentials again, though.

Sadly it doesn't do anything on a fresh install:

rm ~/.config/rbw/config.json
rbw config set email user@example.com
rbw login
rbw login: failed to log in to bitwarden instance: failed to parse JSON: missing field `Kdf` at line 1 column 120

@zenware
Copy link

zenware commented Mar 30, 2024

I've been trying to get this to work for a few days to no avail -- granted, it's my first time using rbw, so I won't

I haven't been able to pin it down exactly but this does seem to be an issue with the API request/response cycle against the official bitwarden API.

I'm not super familiar with debugging or even reading Rust code, but what I understand looking through the doy/rbw codebase, it seems to be landing on this section of pattern matching during an attempted rbw login that happens behind the scenes for commands like rbw sync etc.

Err(e) => {
return Err(e)
.context("failed to log in to bitwarden instance")
}

Since it's hitting the catchall, rather than the [IncorrectPassword](rbw::error::Error::IncorrectPassword) pattern, I have to imagine the error message shown is based on an API response. Either we're meant to provide the Kdf field (seems unlikely), or we are expecting the API to supply it and it's not, or it's not in the expected location?

What I find exceptionally interesting is that rbw register is totally unafflicted by this issue whatsoever, despite having very similar pattern matching cases.

Will attempt to take a closer look at this later and try some manual API requests as well as maybe try to write some integration test cases for rbw that cover this

@FelipeMarcelino
Copy link

Same here, trying this tool today as the first time and not getting this work yet.

@ehartmann
Copy link

Hi,

I'm facing the same issue. I've tracked done to the Bitwarden response on login, the response is

{"message":"Traffic from your network looks unusual. Connect to a different network or try again later. [Error Code 6]"}

So it looks like Bitwarden is detecting my login as a suspicious one.

@rjc
Copy link

rjc commented Apr 4, 2024

Deleting the config.json file in $HOME/.config/rbw/ fixed it for me. You need to put in your credentials again, though.

@whitemilan It was the first thing I had tried, to no avail. Could you describe all the steps exactly, including which server you are connecting, please?

@whitemilan
Copy link

Deleting the config.json file in $HOME/.config/rbw/ fixed it for me. You need to put in your credentials again, though.

@whitemilan It was the first thing I had tried, to no avail. Could you describe all the steps exactly, including which server you are connecting, please?

My mistake. Apparently I tried to log in to bitwarden.com first, which failed because of the missing field Kdf, then deleted the config file and tried again with my works server, which worked. I usually only log in to work with this PC, did not realize the server change.
I can reproduce the error now when logging in to bitwarden.com.
My work server is on version 2022.12.0 if that helps.

@rjc
Copy link

rjc commented Apr 5, 2024

@whitemilan Thanks for confirming that it is indeed an issue when authenticating agains the official bitwarden.com server.

@nozerorma
Copy link

Same here, was working great until today. Thought it was related to the rofi frontend as it asked for pass as usual and then nothing happened.

@ehartmann
Copy link

ehartmann commented Apr 8, 2024

@rjc, I've contacted the Bitwarden support team, but not much help from them.

I'm using the official servers on the EU and as soon as it's not working, whatever I'm trying (rbw purge, rbw register) I could not log in anymore into Bitwarden official servers.

I have another computer (same external IP, same version of rbw, same version of Linux) and everything has been working well for months and is still working well.

On the computer where I cannot access Bitwarden anymore, I've just made some tests using the same User Agent as the official Bitwarden CLI, and now it works perfectly.

Afterward, everything is working well, even without the User-Agent modification.

And thanks a lot for your work on this CLI, it's way more usable than the official one.

@ohmer
Copy link

ohmer commented Apr 9, 2024

Same here on fresh install (MacOS 14.4.1). How did you change the User-Agent @ehartmann?

@ehartmann
Copy link

@ohmer, here is my patch.
patch.txt

@ohmer
Copy link

ohmer commented Apr 9, 2024

Thanks @ehartmann, patched against tag 1.9.0 and no dice :-/

Did the register with API key:

❯ cat ~/Library/Application\ Support/rbw/device_id
<HIDDEN UUID4>
❯ cat ~/Library/Application\ Support/rbw/config.json
{"email":"<HIDDEN EMAIL>","base_url":null,"identity_url":null,"notifications_url":null,"lock_timeout":3600,"sync_interval":3600,"pinentry":"pinentry","client_cert_path":null}⏎
❯ target/debug/rbw login
rbw login: failed to log in to bitwarden instance: failed to parse JSON: missing field `Kdf` at line 1 column 120

@dylantompkins
Copy link

Also having this issue

@mdimitro
Copy link

@ohmer, here is my patch. patch.txt

I applied this patch against 1.9.0 on Arch, and rbw now works perfectly for me FWIW.

@nozerorma
Copy link

@ohmer, here is my patch. patch.txt

Applied against 1.9.0 on Tuxedo (Debian base) + EU server, working great

@tarantoj
Copy link

@ohmer, here is my patch. patch.txt

works great on NixOS after rbw purge, thanks!

pkgs.rbw.overrideAttrs (oldAttrs: {
      patches =
        oldAttrs.patches
        ++ [
          (
            pkgs.fetchpatch {
              name = "add-useragent.patch";
              url = "https://github.com/doy/rbw/files/14921243/patch.txt";
              sha256 = "sha256-SS+PTWA1UTsluts9Qtv+q3LJ22PTRUZ+usOB0aqz3Rk=";
            }
          )
        ];
    })

@ghost
Copy link

ghost commented Apr 10, 2024

Same problem for me.

Update: I randomly tried again to login in today, without modifying any setting, and it worked flawlessly for some unknown reason.

@zaibakker
Copy link

@ohmer
I applied the patch an ubuntu. It rock too!

@skeetmtp
Copy link

works also here
Who's up to make a PR ?

@proxict
Copy link
Contributor

proxict commented Apr 15, 2024

Unfortunately, the patch doesn't cut it for me. I'm registered on the US server, using Argon KDF.
What I've tried:

  • rbw purge
  • rm ~/.config/rbw/config.json
  • rbw config set email <email>
  • rbw register (fill in my client ID and client secret)
  • rbw login

Still getting the same failed to parse JSON: missing field Kdf at line 1 column 120 error.

EDIT: turns out, the old version of rbw-agent was still running. After killing the rbw-agent and restarting it (after recompiling with the patch), it works flawlessly. Thanks @ehartmann!

@Davidca089
Copy link

@mdimitro
Hey whats up?
If you dont mind me asking, how did you apply this with to your Arch system?

@ruapho
Copy link

ruapho commented Apr 16, 2024

Install Rust

  1. git clone https://github.com/doy/rbw.git
  2. cd rbw
  3. wget https://github.com/doy/rbw/files/14921243/patch.txt
  4. git apply patch.txt
  5. cargo build --release

rbw and rbw-agent are compiled into target/release

The patch worked for me too, thx @ehartmann

@rjc
Copy link

rjc commented Apr 16, 2024

  1. git patch patch.txt

Might be worth editing your reply and correcting the command in step 4.

@adrianschlatter
Copy link

adrianschlatter commented Apr 17, 2024

Very strange: My problem went away today. I still have rbw 1.9.0 (unpatched, not uninstalled / reinstalled, no config purge etc). as before but I got some updates via apt upgrade. Among other things, I got a kernel upgrade to

  • Linux rtfm 6.5.0-1014-raspi #17-Ubuntu SMP PREEMPT_DYNAMIC Thu Mar 21 11:24:03 UTC 2024 aarch64 aarch64 aarch64 GNU/Linux

from previously

  • Linux rtfm 6.5.0-1013-raspi #16-Ubuntu SMP PREEMPT_DYNAMIC Thu Mar 14 13:46:12 UTC 2024 aarch64 aarch64 aarch64 GNU/Linux

After a system reboot, rbw workes again. I cannot say for sure whether the kernel upgrade is the root cause, mind.

EDIT: Looking at the kernel dates, I have the impression I already got the kernel update before the problem started (but I had not rebooted the system, yet). Could this be a "pending reboot" problem?

@Myned
Copy link

Myned commented Apr 17, 2024

I can second being able to login via rbw now without the patch (and I never applied the patch to begin with). I assume this is because Bitwarden received enough complaints to either remove some restrictions such as the user agent or whitelisted rbw specifically.

@rjc
Copy link

rjc commented Apr 18, 2024

Like both @adrianschlatter and @Myned, I can now also sync again - I hadn't tried the patch on any of my systems and am no longer getting any login, or sync, issues.

This, obviously, had nothing to do with any software updates on any of my machines - I use rbw on both OpenBSD and macOS.

@doy
Copy link
Owner

doy commented Apr 20, 2024

is anyone still having trouble here? i don't currently see any issues logging into either the official bitwarden server or my personal vaultwarden. i'm not really comfortable impersonating the official bitwarden client as the patch above does, but i will start setting a real user agent string so that hopefully we can differentiate rbw traffic from other bot traffic.

@doy doy added bug Something isn't working can't reproduce labels Apr 20, 2024
@proxict
Copy link
Contributor

proxict commented Apr 20, 2024

I can confirm that rbw sync works again even without the patch. Setting a proper user-agent definitely sounds like a good idea though.

@ehartmann
Copy link

Hey @doy , it's also working on my side without my patch. I do agree that rbw should use its user-agent that's the reason why I did not create a pull request for this workaround.

@Pablo12345678901
Copy link
Author

I confirm too that working again without the patch on Guix OS with rbw v1.9.0. Really weird... The initial issue is not present anymore.

@mdimitro
Copy link

mdimitro commented Apr 22, 2024

@Davidca089
Seems this problem fixed itself, but in case it helps in the future:

What I did was duplicate Arch's package build instructions for rbw using the Arch Build System (see the wiki), saved the patch.txt into the root folder (next to the PKGBUILD), and then appended this line to the prepare() section:
patch --strip=1 --input=../patch.txt (may need to alter the strip value or the "../" for any given package/patch, as needed)
Then I simply ran makepkg(8) and installed the result.

Apologies for the delayed response, I guess I don't have notifications enabled.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working can't reproduce
Projects
None yet
Development

No branches or pull requests