Comments (27)
I can confirm that just running rbw purge
fixed it.
from rbw.
I’ve encountered this many times before and I have up until now always been able to recover. As of last week login through rbw
never works. Deleting local config + cache and rotating API keys does nothing, registration works fine but password is always refused.
Anyone else seeing this? Feels like something security related has changed upstream recently.
from rbw.
I tried it on a computer I didn't have rbw/bw/bitwarden on already and it worked.
I got it to work on the other one. I'm not sure which of these steps were necessary...
# logged out of bitwarden desktop.
rbw stop-agent
rbw purge
rm .config/rbw/config.json
# made sure no bw/rbw/bitwarden processes were running.
rbw config set <email>
rbw login
and now it works works I think
from rbw.
I faced this issue today. Added steps I followed to reproduce.
- Added TOTP from bitwarden web vault on my free account and then ran
rbw sync
. - I thought its because of the unsupported field
access_token
- I deleted
TOTP
from web vault and re-ranrbw sync
, but still the same issue - Then I exported vault data as JSON to look for the
access_token
word. But there was no any
To resolve:
rbw purge
rbw sync
from rbw.
bitwarden.com
from rbw.
I wonder if this particular error can be caught in the code, and maybe mv file-to-be-purged file-to-be-purged.backup
as a low-invasive solution.
from rbw.
I get this issue every few months and need to run rbw purge
to resolve.
from rbw.
Looking into it, the issue stems from these lines in src/api.rs
:
Lines 1076 to 1081 in 1e56f73
Enabling debug output with RUST_LOG=debug
yields the following:
[2022-03-30T18:45:48Z DEBUG rbw_agent::sock] listening on socket /run/user/1000/rbw/socket
[2022-03-30T18:45:54Z DEBUG reqwest::connect] starting new connection: https://api.bitwarden.com/
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] No cached session for DnsName(DnsName(DnsName("api.bitwarden.com")))
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] Not resuming any session
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] Using ciphersuite Tls13(Tls13CipherSuite { suite: TLS13_AES_256_GCM_SHA384, bulk: Aes256Gcm })
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] Not resuming
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] TLS1.3 encrypted extensions: [ServerNameAck, Protocols([PayloadU8([104, 50])])]
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] ALPN protocol is Some(b"h2")
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] Ticket saved
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] Ticket saved
[2022-03-30T18:45:54Z DEBUG reqwest::async_impl::client] response '401 Unauthorized' for https://api.bitwarden.com/sync
[2022-03-30T18:45:54Z DEBUG rustls::conn] Sending warning alert CloseNotify
[2022-03-30T18:45:54Z DEBUG reqwest::connect] starting new connection: https://identity.bitwarden.com/
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] No cached session for DnsName(DnsName(DnsName("identity.bitwarden.com")))
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] Not resuming any session
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] Using ciphersuite Tls13(Tls13CipherSuite { suite: TLS13_AES_256_GCM_SHA384, bulk: Aes256Gcm })
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] Not resuming
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] TLS1.3 encrypted extensions: [ServerNameAck, Protocols([PayloadU8([104, 50])])]
[2022-03-30T18:45:54Z DEBUG rustls::client::hs] ALPN protocol is Some(b"h2")
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] Ticket saved
[2022-03-30T18:45:54Z DEBUG rustls::client::tls13] Ticket saved
[2022-03-30T18:45:55Z DEBUG reqwest::async_impl::client] response '400 Bad Request' for https://identity.bitwarden.com/connect/token
[2022-03-30T18:45:55Z DEBUG rustls::conn] Sending warning alert CloseNotify
I'm afraid I can't look further into this myself as I'm not familiar with the Bitwarden API and AFAIK there's no documentation for it.
Looking at the response headers, I see two that might be problematic:
"x-cf-is-bot": "1",
"x-cf-maybe-bot": "1",
These reminded me of the "Usage" section in the README.md:
Lines 87 to 93 in 1e56f73
Running rbw register
again didn't change anything. Is this an issue with the official Bitwarden server and the Cloudflare gateway?
@doy Maybe you're not able to reproduce this issue because you're running your own Bitwarden instance?
I hope this information helps so this issue can be fixed soon as I'm unable to sync my database at all for the time being.
Feel free to keep me updated on any progress with this, I'd love to lend a helping hand wherever I can!
from rbw.
@ruuda If I remember correctly, this is because Bitwarden suspects you're a bot, so it doesn't give you access to the API.
Rotating the encryption keys and registering with the servers again should solve your issue, like explained in a previous comment in this thread.
I can't help any more than that as I've first migrated to the desktop app again, and then password managers completely. The maintainer seems completely unresponsive to any attempt at making contact, too, so I wouldn't bet on getting help for other issues.
Good luck :)
from rbw.
I get the same issue
from rbw.
I got a different error message on 0.5.0 (I think it was the same error but worded differently) and noticed I had an older version and upgraded to 0.5.2 and now I get this error. Not sure how to help other than to say I'm on NixOS (nixos-unstable) which may or may not be relevant. (sometimes it is...)
$ nixos-version
21.03.git.453c116254a (Okapi)
from rbw.
i can't reproduce this either on bitwarden.com or on my personal bitwarden-rs instance. can you give more information about the server you're using?
from rbw.
Same issue, purge worked for me as well.
from rbw.
It just happened to me. The last thing I did was to add a new entry with TOTP code (with spaces in it) via the official web browser add-on. Not sure whether this is at all related but can't recall what was the one before that. I can confirm that running rbw purge
on its own, with rbw sync
afterwards, fixed it for me.
from rbw.
The workaround stopped working for me on macos 11.6.2.
$ uname; rbw --version
Darwin
rbw 1.4.1
$ rbw purge
$ rbw login
rbw login: failed to log in to bitwarden instance: failed to parse JSON: .: expected value at line 1 column 1: expected value at line 1 column 1
$ rbw purge
$ rbw sync
rbw sync: failed to log in to bitwarden instance: failed to parse JSON: .: expected value at line 1 column 1: expected value at line 1 column 1
$ rbw purge
$ rbw register
rbw register: failed to log in to bitwarden instance: failed to parse JSON: .: expected value at line 1 column 1: expected value at line 1 column 1
from rbw.
I resolved this by rotating my encryption key.
from rbw.
I've had this issue before, too, but a simple upgrade of the rbw package fixed it for me (twice, iirc).
Although I can't say which version of rbw this was.
I'm running Arch Linux and I'm using the AUR package rbw-git.
from rbw.
Small update on my end: I'm getting this now, too, both when using the community package rbw
and the aur package rbw-git
.
@doy Since you flagged this as "can't reproduce" I'll gladly supply you with anything I can to resolve this issue should it be needed.
Alternatively, although unlikely, with some guidance I might be able to fix this myself if time allows it.
from rbw.
As there wasn't a response in quite some time, I decided to try rotating the encryption key like @mpgarate said and that worked fine.
from rbw.
I got the same issue today. I use bitwarden.com with TOTP. rbw purge
+ rbw sync
resolved it for me too.
from rbw.
I was logged in, but rwb sync
returned this error. I tried the rbw purge
, but now login no longer works. I tried rbw register
as pointed out here but it did not change the output. When I run rbw login
or rbw sync
now, it prints
$ rbw login
rbw login: TODO
$ rbw sync
rbw sync: TODO
Setting RUST_LOG=debug
does not change the output.
I think this is this TODO:
rbw/src/bin/rbw-agent/actions.rs
Line 175 in 1e56f73
from rbw.
After doing the steps above last week, if I now try to rbw sync
, I again get the error
rbw sync: failed to sync database from server: failed to parse JSON: .: missing field `access_token` at line 1 column 25: missing field `access_token` at line 1 column 25
from rbw.
I got the same error after increasing KDF iterations on vault.bitwarden.com.
rbw login
does nothing and prints nothing. rbw sync
prints:
rbw sync: failed to sync database from server: failed to parse JSON: missing field `access_token` at line 1 column 25
It only started working after I manually deleted ~/.cache/rbw/default:*.json
and running rbw login
.
from rbw.
i'm still unable to reproduce this - i've never seen this error on either the official bitwarden site or on vaultwarden, even if i do things like change my kdf iterations setting. it's a bit hard to track down because i'm pretty hesitant to add more logging here - it would be pretty easy to accidentally end up with sensitive data in log files or things like that (based on the error message i do get, it is expecting the response to have a server access token in it, for example). if anyone who actually does run into this problem is able to dig into what is happening when it happens, that would be very helpful, because i don't really know how i can make progress otherwise.
from rbw.
I can't reproduce this with git master (was on 1.7.1). I did run into an "incorrect password" loop, which I also solved by deleting ~/.cache/rbw/default:*.json
, however that also only happened once and I could not reproduce it later.
from rbw.
I'm having the same issue right now. I have set up my .json config file with email but when I login it just doesn't recognize my password, even though I can login with same password in browser.
from rbw.
I ran into this issue as well now after running rbw purge
+ rbw login
and i am now unable to access my Bitwarden vault.
from rbw.
Related Issues (20)
- git-credential-rbw is broken in 1.10.0 HOT 1
- HTTPS_PROXY being ignored
- `rbw code UUID` doesn't work with v1.10.0 HOT 2
- TOTP with different algorithm not supported
- `rbw unlock` not working. HOT 14
- Feature request: keep vault open indefinitely HOT 3
- How to debug failed logins? HOT 6
- Pinentry script not working with passwords containing spaces
- Pinentry script not working with 2fa codes
- Add Pinentry script auto setup
- Username or Password are incorrect. Try Again HOT 31
- Unable to `get` entries containing colons in the name HOT 1
- Decryption failed on long Ciphertexts HOT 2
- UUIDs for `edit`, `remove`, and `history` doesn't work
- API endpoint `/accounts/prelogin` to be removed from the official Bitwarden server HOT 3
- new version of 'rbw' struggles with lower case ([a-z]) TOTP secrets and ones with padding - trailing equal signs ('=') HOT 1
- Failed decrypt if only organizations used HOT 1
- request: add --sort-by option to "list" command
- SSH-agent protocol HOT 1
- `rbw gen-completions ${shell}` fails for debug build HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rbw.