Ios: Wish list: create a camera qr code to grant access
The main idea is using a qrcode on server (on sync clients), so you dont need to type the app specific password, just point and everything is configured (server, user and otp).
Could even (in qr code) some hash of the server's certificate to guarantee no MITM attack.
Spacial
All 18 comments
tflidd
on 28 Oct 2017
Server ticket: https://github.com/nextcloud/server/issues/429
Server PR: https://github.com/nextcloud/server/issues/429
Android implementation: https://github.com/nextcloud/android/pull/3383
@marinofaggiana any status on this? Is it feasible to integrate a qr code reader into the login screen?
ChristophWurst
on 4 Mar 2019
@ChristophWurst it is in TODO ... :fearful:
marinofaggiana
on 4 Mar 2019
Available on TestFlight 2.23.2 (Build 3)
marinofaggiana
on 5 Mar 2019
Awesome!
ChristophWurst
on 5 Mar 2019
It works, with the example provided in the "server Issue # 429" ... so now how do I enable it for my own server 馃槃
AndrewwHummer
on 5 Mar 2019
Thanks for testing @AndrewwHummer! That's great to hear. You'll have to be patient a bit as we're stabilizing Nextcloud 16 at the moment. It will take a few more weeks before the final release, but you can also check out a beta release once ready: https://github.com/nextcloud/server/wiki/Maintenance-and-Release-Schedule
ChristophWurst
on 5 Mar 2019
Thanks for the information. Will try the beta as soon its ready! :)
AndrewwHummer
on 5 Mar 2019
works for me also, but you QR needs to include http/https protocol, otherwise it will fail.
tobiasKaminsky
on 5 Mar 2019
Should be obligatory the protocol in qrcode !? Otherwise I don't know if it's http or https @ChristophWurst
marinofaggiana
on 5 Mar 2019
I just created a qrcode on my own and on android we always first try https if no protocol is specified. It https is not working, we test http and show a warning that it is unsecure.
tobiasKaminsky
on 6 Mar 2019
Background: It can happen that people generate the qr code on their own, for e.g. easy roll out of clients, etc. and therefore it should be as error prone as possible.
tobiasKaminsky
on 6 Mar 2019
is there anything we have to change on the server?
ChristophWurst
on 6 Mar 2019
Ok, I add this strange control, but for me the qrcode should have the protocol.
marinofaggiana
on 6 Mar 2019
If so, please open a ticket in the server repo and let me know about the exact format of the URL. I'm also unsure if we should or have to URL encode any parameter and how that is handled on the mobile apps.
ChristophWurst
on 6 Mar 2019
is there anything we have to change on the server?
nc://login/user:tobi&password:XJdpw-R9kF3-Liy5C-MjNEZ-aTjSN&server:http://localhost/nc
looks fine.
However I have not tested it with withespaces/@ in userId, but I'll do now.
EDIT: works fine on Android & iOS.
tobiasKaminsky
on 6 Mar 2019
Okay, thanks for testing. Just let me know if we have to fix anything on the server-side :)
ChristophWurst
on 6 Mar 2019
I have add the check whether server: contain protocol. If not add https:// by default.
marinofaggiana
on 6 Mar 2019
Related issues
koarlmichael
路
3Comments
jancborchardt
路
5Comments
MarcusE1W
路
5Comments
MorrisJobke
路
4Comments
MorrisJobke
路
5Comments
Most helpful comment
Available on TestFlight 2.23.2 (Build 3)