Ask user for user id instead of chat id (aka simpler Telegram setup) #110
Comments
|
Hey, @Dretech :) So, you've set up a new bot, started a conversation from your Telegram user and checked the ID with the "ID Bot", correct? Is that the ID you entered? Is there anything in your |
|
Hi Christoph, Thank you for your quick reply.
Yes, I did The last line of my nextcloud.log file is: The latest version of php-intl is installed. So what is causing this error? |
This doesn't read like it would cause any problems here. |
|
Thank you for your reply. Can you describe which records in the database are made (and what contents they must have) after Telegram 2fa is activated? (The Telegram 2fa app has changed since I made the first version). |
|
Take a look at the admin docs: https://github.com/nextcloud/twofactor_gateway/tree/master/doc/admin#telegram |
|
I followed the instructions in the admin docs. I can't find anything in the admin docs about which database records will be created after enabling 2fa with Telegram for u user. |
|
You don't (and shouldn't) change any database values manually, the interactive commands will do that for you. That's what they are for 😉 Once that's done, go to your personal settings in the Nextcloud UI and you'll find the gateway user settings in the security section. |
|
After running After that I tried to fill in my Telegram ID in the personal - security settings of the web interface of Nextcloud. After entering my Telegram id I got the next error message (see enclosed printscreen). (Before making the printscreen I changed my Telegram ID to 999999999, but the error message is concerning my real Telegram ID).
|
|
Did you receive a code after entering your telegram ID? How did you update to the latest version of this app? Are there any entries in your nextcloud.log when that error occurs? |
|
No, I did not receive a code after entering my Telegram (user) ID. I installed the app from the apps menu (in the right top of Nextcldoud) see printscreen below. Below you will find today's records of nextcloud.log containing 'Telegram': |
|
I have the same problem. Some one can help us |
So somewhere around twofactor_gateway/lib/Service/Gateway/Telegram/Gateway.php Lines 82 to 95 in 1f855c5 Could you manually check the updates on your bot to see if they contain the event of a new conversation with your user? |
|
It seems Nextcloud does not connect to Telegram. After trying to enable Telegram 2fa in Nextcloud the status of the Telegram Api is:
The full conents of the json repsonse is: Tonight I also tested the first version of the Telegram 2fa code I created and that is still working. |
You have to first contact the bot before you will be able to send messages as a bot. That is how you can use bots to send authentication code. The bot is not allowed to initiate the conversation. Does it work now? Can you enter the ID you got from the id bot and receive a confirmation message? |
|
No, it does not work now. I don't get a conformation message after sending my Telegram ID. I forgot to write that in the message yesterday. |
|
I will try to add more debug logging to the Telegram code to help debug these scenarios. |
|
Thanks |
|
I'm having a similar issue. I use the same bot in other applications for getting notifications from my server, so I guess it is up and working properly (we do not need to create any special command on the bot, right?). After introducing the "message": {"Exception":"UnexpectedValueException","Message":"Only integers, floats and strings are allowed as value","Code":0," ... }The value I've introduced is compose by 8 positive integers. I've also tried with the "User Name" provided by the |
|
@mmartinortiz please see #126, test the provided package and report back the debug log entries. Thanks. |
|
Hi @ChristophWurst, After installing the provided package, this is the last line of {
"reqId": "Jg20asmA0bX4a6kiIFQZ",
"level": 3,
"time": "2018-10-07T09:12:17+00:00",
"remoteAddr": "172.18.0.1",
"user": "m",
"app": "index",
"method": "POST",
"url": "\/index.php\/apps\/twofactor_gateway\/settings\/telegram\/verification\/start",
"message": {
"Exception": "UnexpectedValueException",
"Message": "Only integers, floats and strings are allowed as value",
"Code": 0,
"Trace": [
{
"file": "\/config\/www\/nextcloud\/apps\/twofactor_gateway\/lib\/Service\/Gateway\/Telegram\/Gateway.php",
"line": 107,
"function": "setUserValue",
"class": "OC\\AllConfig",
"type": "->",
"args": [
"m",
"twofactor_gateway",
"telegram_chat_id",
null
]
},
{
"file": "\/config\/www\/nextcloud\/apps\/twofactor_gateway\/lib\/Service\/Gateway\/Telegram\/Gateway.php",
"line": 75,
"function": "getChatId",
"class": "OCA\\TwoFactorGateway\\Service\\Gateway\\Telegram\\Gateway",
"type": "->",
"args": [
{
"__class__": "OC\\User\\User"
},
{
"__class__": "Telegram\\Bot\\Api"
},
99999999
]
},
{
"file": "\/config\/www\/nextcloud\/apps\/twofactor_gateway\/lib\/Service\/SetupService.php",
"line": 92,
"function": "send",
"class": "OCA\\TwoFactorGateway\\Service\\Gateway\\Telegram\\Gateway",
"type": "->",
"args": [
{
"__class__": "OC\\User\\User"
},
"99999999",
"666666 is your Nextcloud verification code."
]
},
{
"file": "\/config\/www\/nextcloud\/apps\/twofactor_gateway\/lib\/Controller\/SettingsController.php",
"line": 90,
"function": "startSetup",
"class": "OCA\\TwoFactorGateway\\Service\\SetupService",
"type": "->",
"args": [
{
"__class__": "OC\\User\\User"
},
"telegram",
"99999999"
]
},
{
"file": "\/config\/www\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php",
"line": 166,
"function": "startVerification",
"class": "OCA\\TwoFactorGateway\\Controller\\SettingsController",
"type": "->",
"args": [
"telegram",
"99999999"
]
},
{
"file": "\/config\/www\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php",
"line": 99,
"function": "executeController",
"class": "OC\\AppFramework\\Http\\Dispatcher",
"type": "->",
"args": [
{
"__class__": "OCA\\TwoFactorGateway\\Controller\\SettingsController"
},
"startVerification"
]
},
{
"file": "\/config\/www\/nextcloud\/lib\/private\/AppFramework\/App.php",
"line": 118,
"function": "dispatch",
"class": "OC\\AppFramework\\Http\\Dispatcher",
"type": "->",
"args": [
{
"__class__": "OCA\\TwoFactorGateway\\Controller\\SettingsController"
},
"startVerification"
]
},
{
"file": "\/config\/www\/nextcloud\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php",
"line": 47,
"function": "main",
"class": "OC\\AppFramework\\App",
"type": "::",
"args": [
"OCA\\TwoFactorGateway\\Controller\\SettingsController",
"startVerification",
{
"__class__": "OC\\AppFramework\\DependencyInjection\\DIContainer"
},
{
"gateway": "telegram",
"_route": "twofactor_gateway.settings.startVerification"
}
]
},
{
"function": "__invoke",
"class": "OC\\AppFramework\\Routing\\RouteActionHandler",
"type": "->",
"args": [
{
"gateway": "telegram",
"_route": "twofactor_gateway.settings.startVerification"
}
]
},
{
"file": "\/config\/www\/nextcloud\/lib\/private\/Route\/Router.php",
"line": 297,
"function": "call_user_func",
"args": [
{
"__class__": "OC\\AppFramework\\Routing\\RouteActionHandler"
},
{
"gateway": "telegram",
"_route": "twofactor_gateway.settings.startVerification"
}
]
},
{
"file": "\/config\/www\/nextcloud\/lib\/base.php",
"line": 987,
"function": "match",
"class": "OC\\Route\\Router",
"type": "->",
"args": [
"\/apps\/twofactor_gateway\/settings\/telegram\/verification\/start"
]
},
{
"file": "\/config\/www\/nextcloud\/index.php",
"line": 42,
"function": "handleRequest",
"class": "OC",
"type": "::",
"args": [
]
}
],
"File": "\/config\/www\/nextcloud\/lib\/private\/AllConfig.php",
"Line": 214,
"CustomMessage": "--"
},
"userAgent": "Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko\/20100101 Firefox\/62.0",
"version": "14.0.2.0"
} |
|
Did you actually set the log level to 0/debug? |
{
"reqId": "Jg20asmA0bX4a6kiIFQZ",
"level": 0,
"time": "2018-10-07T09:12:17+00:00",
"remoteAddr": "172.18.0.1",
"user": "m",
"app": "core",
"method": "POST",
"url": "\/index.php\/apps\/twofactor_gateway\/settings\/telegram\/verification\/start",
"message": "Scss is disabled for \/config\/www\/nextcloud\/core\/css\/jquery-ui-fixes.scss, ignoring",
"userAgent": "Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko\/20100101 Firefox\/62.0",
"version": "14.0.2.0"
}
{
"reqId": "Jg20asmA0bX4a6kiIFQZ",
"level": 0,
"time": "2018-10-07T09:12:17+00:00",
"remoteAddr": "172.18.0.1",
"user": "m",
"app": "core",
"method": "POST",
"url": "\/index.php\/apps\/twofactor_gateway\/settings\/telegram\/verification\/start",
"message": "Scss is disabled for \/config\/www\/nextcloud\/core\/css\/server.scss, ignoring",
"userAgent": "Mozilla\/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko\/20100101 Firefox\/62.0",
"version": "14.0.2.0"
}The rest of the entries related to |
|
Again, please enable debug logging. The entry you provided just shows where the error happened, although there must be more log entries fore that. For reference, see https://github.com/nextcloud/twofactor_gateway/pull/126/files. There are numerous logging statements before Please see https://docs.nextcloud.com/server/14/admin_manual/configuration_server/logging_configuration.html and report back when you've got the debug logs. |
|
Maybe I'm stating the obvious, but you have to reproduce the error in order to get the debug statements. Changing the log level post mortem won't magically recover them. |
|
For the sake of clarity, I'll list the steps I've followed for the logs provided:
Since my server is used by several users, I see now that the debug lines got quickly lost. In any case, here are the debug messages (directly from the web interface log)//: I've used the logged |
|
Okay. So there are no updates available for the server. Did you (re)start the conversation with the bot as instructed on the provider settings page? The app can't map telegram users to Nextcloud users if they haven't started a chat recently. |
|
Please elaborate how these other systems are set up. What do you enter so that the system knows which Telegram user/chat to send messages to? I'm not a Telegram pro, in fact I haven only really used shortly to implement this feature. But from what I've researched on the topic there is no way for a bot to start the conversation with a user, so the user has to start it first. This first message will trigger an event which can be read by the telegram API. We use this event to map Nextcloud users to Telegram chats. |
|
In few words, the mechanism to get the bot up and running is what you described:
From there, you can configure any program to make use of the Telegram API. The Bot Token and the Chat Id are the two things you need for receiving messages from your bot. In my case, and previously to the Nextcloud 2FA, I configured my bot to be used by my server, that sends me messages about system updates, users, etc. I also configured the bot, with the same Bot Token and Chat Id in other docker containers for getting messages from the services they were running. From the debug logs of the gateway, I see that the message is requested to be sent, but it never reach the Telegram API. Could it be that the API used by the gateway is not sending the message for some reason? can we increase the debug level of the API without introducing additional traces to see what is happening? (It has been decades since I programmed in PHP and things have changed a lot, I'm sorry if my questions are too evident) |
|
Please keep in mind that with this Nextcloud app, the admin knows and configures the bot, while users just have access to their Telegram account/ID. All they know is the bot ID.
What section of the code/process are you talking about? If the app fails to read the chat ID it obviously never sends out any Telegram message. |
That is something I wanted to ask. Since each user may have its own bot for authentification. Should not be the configuration (bot token and chat id) be done in the user's setting space?
From the last debug line The chat id was correct, but my bot never received the message. The API is asked to send the message, but from the log we do not know if it really sends it. |
No. There is one bot for all users. |
|
How did you actually obtain the chat ID? |
In my opinion the bot token is stored in the Nextcloud administrator setting space and the chad id in the user setting space. Because the administrator is the person who can activate the 2fa app. |
@Dretech, I agree, but the user is the person that decides to use it. A user can have already a specific bot for its personal use. But I understand that the administrator can set a bot as a "default bot"
@ChristophWurst, Can I ask for the technical reasons for that?
Using the get id bot (as stated on the admin docs) |
That doesn't make sense to me. Correct me if I'm wrong, but as far as I understood, every chat has it's own unique id. And so does every user. In order for a bot to send a message, it has to know the chat id of the conversation with the user. What the id bot tells you is your user ID. If it tells you a chat ID, that can only be the conversation with the id bot but now with your 2FA bot. Now, this app asks you to start a conversation with your 2FA bot. It then asks you to enter your user ID obtained through the id bot. This app will then check for newly started conversations of the provided user ID. If a match is found, it can get the chat ID of the conversation between your user and the 2FA bot. This is how the current setup logic works. If there were any way for a user to (easily) get the chat ID of the chat with the 2FA bot, we could have them enter that directly and skip the lookup step in the bot updates. |
There are no technical reasons/limitations. This app simply integrates Telegram in a way it is easy to set up and use for everyone. We must not assume that anybody can and wants to set up their own bot as that is a very technical procedure. |
FYI: this is almost exactly what the official bot docs suggest, except that we don't rely on an initial shared secret: https://core.telegram.org/bots#deep-linking-example Edit: also see https://stackoverflow.com/questions/31078710/how-to-obtain-telegram-chat-id-for-a-specific-user. |
I agree with this. Moreover the administrator has to install the 2fa app and in my opinion is setting up the Telegram bot part of the job for the administrator. |
|
I am having the same issue. I'm also using my bot for other projects such as Domoticz or my own Python script, yet I was unable to get it to work with Nextcloud. I am using the official Nextcloud docker 14.0.3-apache with the extra debugging version of the twofactor_gateway which can be found here: #126 To setup and configure the app, I followed the exact same instructions as this guy, who got it working: https://translate.google.com/translate?sl=auto&tl=en&js=y&prev=_t&hl=nl&ie=UTF-8&u=https%3A%2F%2Fmatoken.org%2Fblog%2F2018%2F09%2F19%2Ftwo-factor-authentication-using-nextgram-14-telegram%2F%23_occ_%25E3%2582%25B3%25E3%2583%259E%25E3%2583%25B3%25E3%2583%2589%25E3%2581%25A7_telegram_bot_%25E3%2581%25AE%25E3%2583%2588%25E3%2583%25BC%25E3%2582%25AF%25E3%2583%25B3%25E8%25A8%25AD%25E5%25AE%259A&edit-text= The debug logging is big chunk of text, but apart from the 404 regarding the Kind regards. |
|
Please see #110 (comment) and tell me if you're on the same page with what is a Telegram user ID and a Telegram chat ID. I have the feeling this is being used interchangeably while there's a huge difference.
Here, for example. You should see the USER_ID and not chat id. This part confuses me. |
|
Telegram User ID: The ID returned by https://t.me/my_id_bot which in my case was the 'CHATID_REMOVED_FOR_PRIVACY' so it should be correct, right? Telegram Chat ID: The ID of the chat with your bot, which can be obtained by forwarding a message received from your bot to https://telegram.me/get_id_bot . I am using the same instructions as this guy, who also used the Telegram User ID |
|
I've been gathering some definitions about the different terms we are using in this thread, so all we can be in the same line:
With the services/applications I am running, I use the bot token as I've tried using the complete token, as well as only the part after the semicolon together with my user id (as equivalent to chat id, because it is a private conversation). In every case, the debug log obtained with the twofactor_gateway version with extended debug support (obtained here](#126)) does not differ from my previous logs. |
|
@mmartinortiz thanks a lot for trying to make this finally clear for everyone 😉
This part confuses me. Doesn't that say that the user ID and chat ID are the same, at least for personal chats? It's the very same bot that tells you the ID after all. |
In the test script below the user id is the id of the user which is displayed by using the get id bot. I hope this will help to define what the user id is. |
The @my_id_bot has multiple functionalities. It can tell you your Personal/User ID but also the Chat ID of your groupschat. Example: |
Exactly, if you are in a private conversation with your bot, then the chat id is the same that the user id. @ChristophWurst , how can we help to debug further this issue? |
Perfect! This means we can simplify the setup process a lot. I will try to change this soon. |
ChristophWurst
changed the title
|
Unfortunately my Telegram ID I entered in the text box, gives the message "Could not verify your code. Please try again." I also tried my phone number, but I get the same error message. |
|
Hi, check out this: #226 (comment) |
I'm pleasantly surprised that the Telegram 2fa is integrated in the easily installable apps for Nextcloud 14. Unfortunately I was not able to enable the Telegram 2fa after following the instructions from the app and the 2fa gateway website.
In the security settings of my user I tried to enter my Telegram ID, but the app responds with the following error message:
(In the input field I filled in my Telegram ID, but I don't want to show this ID on a public website)
What is going wrong?
Thanks in advance for your reply.
André
The text was updated successfully, but these errors were encountered: