Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error after trying to validate by using validation URL #4488

Closed
3EE45A47 opened this issue Jan 27, 2025 · 4 comments
Closed

Error after trying to validate by using validation URL #4488

3EE45A47 opened this issue Jan 27, 2025 · 4 comments
Labels
bug Something isn't working

Comments

@3EE45A47
Copy link

Hi all
I'm using LibreSign 9.9.0 on NextCloud 29.0.11 and can only validate documents while being logged in and using the verification process via the navigation items but not (neither logged in nor not logged in) using the validation URL despite "make_validation_url_private": false is set.

Remark: before updating LibreSign to 9.9.0 it was possible to validate via URL at least while logged in to NextCloud.

Example

[NOT LOGGED IN]

Image

calling:
https://cloud.example.de/apps/libresign/validation/7a450da4-2946-4f03-a286-d785e1edc0b2

→ changes to:
https://cloud.example.de/apps/libresign/p/sign/7a450da4-2946-4f03-a286-d785e1edc0b2/error

Image

[LOGGED IN, NOW]

Image

Image

Configuration:

occ config:list libresign { "apps": { "libresign": { "add_footer": true, "approval_group": [], "authkey": "XXXXXXXX", "certificate_engine": "cfssl", "cfsslUri": "http:\/\/127.0.0.1:8888\/api\/v1\/cfssl\/", "cfssl_bin": "\/var\/www\/html\/data\/\/appdata_XXXXXXXX\/libresign\/x86_64\/cfssl\/cfssl", "collect_metadata": true, "configPath": "\/var\/www\/html\/data\/\/appdata_XXXXXXXX\/libresign\/cfssl_config\/", "enabled": "yes", "expiry_in_days": "100", "groups_request_sign": [ "LibreSign_Users" ], "identification_documents": false, "identify_methods": [ { "name": "account", "friendly_name": "Account", "enabled": true, "mandatory": true, "signatureMethods": { "clickToSign": { "name": "clickToSign", "enabled": false }, "emailToken": { "name": "emailToken", "enabled": true }, "password": { "name": "password", "enabled": false } }, "signatureMethodEnabled": "emailToken" } ], "installed_version": "9.9.0", "java_path": "\/var\/www\/html\/data\/\/appdata_XXXXXXXX\/libresign\/x86_64\/linux\/java\/jdk-21.0.5+11-jre\/bin\/java", "jsignpdf_jar_path": "\/var\/www\/html\/data\/\/appdata_XXXXXXXX\/libresign\/x86_64\/jsignpdf\/jsignpdf-2.3.0\/JSignPdf.jar", "legal_information": "Wenn dieses Dokument hier als g\u00fcltig erkannt wurde, dann wurde es mit einem uns bekannten Account signiert und die dazugeh\u00f6rige eMail-Adresse zum Zeitpunkt der Unterzeichnung verifiziert.\n\nhttps:\/\/de.wikipedia.org\/wiki\/Elektronische_Signatur#Anforderungen_an_fortgeschrittene_elektronische_Signaturen", "make_validation_url_private": false, "maximum_validity": 259200, "notify_unsigned_user": true, "pdftk_path": "\/var\/www\/html\/data\/\/\/appdata_XXXXXXXX\/libresign\/x86_64\/pdftk\/pdftk.jar", "renewal_interval": "0", "rootCert": { "commonName": "Document Attestation CA 2023", "names": { "C": { "value": "DE" }, "O": { "value": "YYYYYYYYYY Group" }, "OU": { "value": "PDF Signing Unit" } } }, "signature_hash_algorithm": "SHA256", "types": "", "webhook_authorized": "[]", "write_qrcode_on_footer": true } } }

Empty fields

..by the way: some configured values disappear visually after re-visiting the admin page:

Image

unexpected content:

..differing values / ambiguous explaining text

Image

Image

@vitormattos
Copy link
Member

Thanks by your excellent report.

can only validate documents while being logged in and using the verification process via the navigation items but not (neither logged in nor not logged in) using the validation URL despite "make_validation_url_private": false is set.

Maybe fixed here:

calling:
https://cloud.example.de/apps/libresign/validation/7a450da4-2946-4f03-a286-d785e1edc0b2

→ changes to:
https://cloud.example.de/apps/libresign/p/sign/7a450da4-2946-4f03-a286-d785e1edc0b2/error

Fixed here:

..by the way: some configured values disappear visually after re-visiting the admin page:

Fixed here:

..differing values / ambiguous explaining text

Could you provide more details about this comment?

@vitormattos vitormattos added the bug Something isn't working label Jan 28, 2025
@vitormattos
Copy link
Member

Could you check again at the newest release of LibreSign?

I made a lot of improvements.

Closing this issue as solved.

If this issue persists, don't hesitate to open a new issue making reference to this.

Note

If you like this app, don't hesitate to help us

Ways to help this project:

@3EE45A47
Copy link
Author

..differing values / ambiguous explaining text

Could you provide more details about this comment?

sure ..

  • "Enable indentification documents flow" is visually set to active while "identification_documents": false, is set in database
  • "Collegt signers' meta data" is visually set to inactive while "collect_metadata": true, is set in database

Both of the following descriptions show the same text for different options:

  • "ALLOW REQUEST TO SIGN": "Select authorized groups that can request to sign.."
  • "IDENTIFICATION DOCUMENTS": "Select authorized groups that can request to sign.."

@3EE45A47
Copy link
Author

3EE45A47 commented Jan 28, 2025

Updated to 9.9.1 (NextCloud still on 29.0.11)

I can confirm that calling the validation url (not logged in) still shows the error from above 2nd screenshot ("invalid Data") but does not change the browser URL anymore (persits on https://cloud.example.de/apps/libresign/validation/7a450da4-2946-4f03-a286-d785e1edc0b2 now)

In my thinking "make_validation_url_private": false means that the validation page IS effectively public available, right?

Also the admin page show the values from database, now.

But updating to 9.9.1 led to this

Image

what I could reload by occ libresign:install --all

--> #4539

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants