Error 503 when authenticating too fast?

[etgocode]

Description

When authenticating with a U2F-Token too early, the Server throws an error 503

Service Unavailable
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.

Environment

• PHP-Versions tested:
• • 8.1
• • 8.0
• • 7.4
• Browsers tested:
• • Firefox
• • Edge
• U2F-enabled-Account

Steps to reproduce

1. Login with username / password
2. Touch U2F-Token as soon as it is ready (in my case, yubikey lights up)
3. Server throws 503

Mitigations

• Refresh the 503 error page (you need to click on the resend information prompt of the browser) -> you are now logged in and in the dashboard

Or

• Wait 2 to 3 seconds before touching the U2F-Token -> you get logged in directly

Unfortunately I do not have access to the php logs. Sounds to me like maybe php is executing to slowly, then again there is hardly any traffic on the server and my wordpress instance, which is not in production yet, is the only thing even using php.

[iandunn]

U2F is deprecated and no longer works in Chrome, so the provider is being removed in #439 . Given that, there's probably no reason to keep this open anymore.