Login stalls at "grant access" with new login method on Docker installation
bentolor opened this issue ยท 12 comments
Actual behaviour
What does not work:
I cannot pass the step of "grant access" on any device using the Android app.
What does work:
- "Revert to old login method" does work, but blocks the Davx5 integration as well as 2FA usage.
- Login into a differnt server installation works
Expected behaviour
I should be able to login or receive a hint about what's wrong.
Steps to reproduce
I deployed a PostgresSQL / NGinx / Letsencrypt based Nextcloud installation via Docker.
- With the Nextcloud App (F-Droid. Both version: Stable and Dev) I enter my URL
- I click Log in
- I enter my user and password and click Log in
- I see a Grant access button. I click on this.
- The activity indicator stays for indefinite.
Environment data
Android version: 9
Device model: OnePlus 3T, LineageOS
Stock or customized system: Vanilla Upstream Docker-based deplyoment
Nextcloud app version: 3.8.1
Nextcloud server version: 17.0.0
Logs
Docker container console log
The log starts right before clicking "Grant" and does not change after
172.19.0.2 - - [02/Nov/2019:11:30:47 +0000] "POST /login HTTP/1.1" 303 1232 "-" "Oneplus ONEPLUS A3003 (Android)"
172.19.0.2 - - [02/Nov/2019:11:30:48 +0000] "GET /login/flow/grant?clientIdentifier=&stateToken=[redacted] HTTP/1.1" 200 2720 "-" "Oneplus ONEPLUS A3003 (Android)"
172.19.0.2 - - [02/Nov/2019:11:30:48 +0000] "GET /core/js/login/grant.js?v=f86a168a-16 HTTP/1.1" 200 500 "-" "Oneplus ONEPLUS A3003 (Android)"
172.19.0.2 - - [02/Nov/2019:11:30:48 +0000] "GET /core/l10n/de.js?v=f86a168a-16 HTTP/1.1" 200 17319 "-" "Oneplus ONEPLUS A3003 (Android)"
172.19.0.2 - - [02/Nov/2019:11:30:48 +0000] "GET /apps/gallery/l10n/de.js?v=f86a168a-16 HTTP/1.1" 200 4399 "-" "Oneplus ONEPLUS A3003 (Android)"
172.19.0.2 - - [02/Nov/2019:11:30:48 +0000] "GET /core/js/oc.js?v=f86a168a HTTP/1.1" 200 7223 "-" "Oneplus ONEPLUS A3003 (Android)"
172.19.0.2 - - [02/Nov/2019:11:30:48 +0000] "GET /cron.php HTTP/1.1" 200 895 "-" "Oneplus ONEPLUS A3003 (Android)"
Nextcloud log (data/nextcloud.log)
// no output during the process
@nextcloud/server-triage this seems to be a server-side issue where the forward doesn't seem to work. What do you think?
This request did not receive an update in the last 4 weeks. Please take a look again and update the issue with new details, otherwise the issue will be automatically closed in 2 weeks. Thank you!
Upgraded Server to 17.0.1 and Client to 3.9.0 โ behavior is still the same.
Anything I can do to support / spot the error? @nextcloud/server-triage
Same happens here. Also problems with Desktop clients. For the desktop clients the workaround followed from here: nextcloud/desktop#1470, which is that you edit the HTML-page (for example with Firefox). The button does a post with 'http', this needs to be 'https' in my case at least and then it works. However, cannot perform this 'trick' on Android, so stuck there unfortunately.
@bjschuit Thanks for the pointer!
I'm puzzled: If this is really the culprit then it should affect really many and the fix should be really easyโฆ
I confirm! This is an issue... I am not very sure what is going on... here the access.log of my apache server if that helps anything. I correlated it to the login process from my Android phone. I do not think it is too informative other than given an indication where in the login process things are going wrong:
[Entered the login URL]
192.168.0.194 - - [03/Jan/2020:03:09:43 +0100] "GET /nextcloud/status.php HTTP/1.1" 200 4762 "-" "Mozilla/5.0 (Android) Nextcloud-android/3.9.2"
192.168.0.194 - - [03/Jan/2020:03:09:43 +0100] "HEAD /nextcloud/remote.php/webdav/ HTTP/1.1" 401 1148 "-" "Mozilla/5.0 (Android) Nextcloud-android/3.9.2"
192.168.0.194 - - [03/Jan/2020:03:09:44 +0100] "GET /nextcloud/index.php/login/flow HTTP/1.1" 200 7124 "-" "Fairphone FP2 (Android)"
192.168.0.194 - - [03/Jan/2020:03:09:44 +0100] "GET /nextcloud/index.php/core/js/oc.js?v=b82eb21c HTTP/1.1" 200 7055 "-" "Fairphone FP2 (Android)"
192.168.0.194 - - [03/Jan/2020:03:09:45 +0100] "GET /nextcloud/cron.php HTTP/1.1" 200 927 "-" "Fairphone FP2 (Android)"
[Pressed "log in"]
192.168.0.194 - - [03/Jan/2020:03:10:17 +0100] "GET /nextcloud/index.php/login/flow/grant?stateToken=LdRFpJPS81w3ml8QsHdLxPa8K70FtU6ru3FiieFAgmZdXKYK0I08ZtPPDWIjz3ia&clientIdentifier= HTTP/1.1" 303 1520 "-" "Fairphone FP2 (Android)"
192.168.0.194 - - [03/Jan/2020:03:10:17 +0100] "GET /nextcloud/index.php/login?redirect_url=/nextcloud/index.php/login/flow/grant%3FstateToken%3DLdRFpJPS81w3ml8QsHdLxPa8K70FtU6ru3FiieFAgmZdXKYK0I08ZtPPDWIjz3ia%26clientIdentifier%3D HTTP/1.1" 200 2652 "-" "Fairphone FP2 (Android)"
192.168.0.194 - - [03/Jan/2020:03:10:17 +0100] "GET /nextcloud/index.php/core/js/oc.js?v=b82eb21c HTTP/1.1" 200 7055 "-" "Fairphone FP2 (Android)"
192.168.0.194 - - [03/Jan/2020:03:10:18 +0100] "GET /nextcloud/cron.php HTTP/1.1" 200 927 "-" "Fairphone FP2 (Android)"
[Typed in usernane+password]
192.168.0.194 - - [03/Jan/2020:03:10:41 +0100] "POST /nextcloud/index.php/login HTTP/1.1" 303 1926 "-" "Fairphone FP2 (Android)"
192.168.0.194 - - [03/Jan/2020:03:10:43 +0100] "GET /nextcloud/index.php/login/flow/grant?stateToken=LdRFpJPS81w3ml8QsHdLxPa8K70FtU6ru3FiieFAgmZdXKYK0I08ZtPPDWIjz3ia&clientIdentifier= HTTP/1.1" 200 2699 "-" "Fairphone FP2 (Android)"
192.168.0.194 - - [03/Jan/2020:03:10:44 +0100] "GET /nextcloud/index.php/core/js/oc.js?v=b82eb21c HTTP/1.1" 200 7125 "-" "Fairphone FP2 (Android)"
192.168.0.194 - - [03/Jan/2020:03:10:44 +0100] "GET /nextcloud/cron.php HTTP/1.1" 200 927 "-" "Fairphone FP2 (Android)"
[Press "Grant Access"]
192.168.0.194 - Paul [03/Jan/2020:03:13:20 +0100] "HEAD /nextcloud/remote.php/webdav/ HTTP/1.1" 200 1160 "-" "Mozilla/5.0 (Android) Nextcloud-android/3.9.2"
192.168.0.194 - Paul [03/Jan/2020:03:13:20 +0100] "GET /nextcloud/ocs/v1.php/cloud/user?format=json HTTP/1.1" 200 1901 "-" "Mozilla/5.0 (Android) Nextcloud-android/3.9.2"
[Loop: Back to Start-screen]
I am running Nextcloud version 17.0.2.1 on my server, and the client is at version 3.9.2.
One week ago, everything was trill fine. I am uncertain whether I updated my Nextcloud Client in the mean time.
BTW: Happy new year to all! ๐
Extra info:
- "Revert to old login" does not work for me.
- The Linux client works great!
Okay... more background. I tried out the dev-client available on F-Droid. That one works just fine. I am not sure if that uses the same configurations and/or data directories compared to the old/stable version, but if it does this issue might be fixed with the new release(?) If it does not, a reset of the the configurations folder (or database? - I do not know much about the app at all) might be a potential fix for the issue.
This request did not receive an update in the last 4 weeks. Please take a look again and update the issue with new details, otherwise the issue will be automatically closed in 2 weeks. Thank you!
I just validated the issue with the "Nextcloud Dev Client v20200125" and Nextcloud 18.0. Unfortunately the issue is still present and I can only login using the legacy login method.
I guess you need: https://github.com/nextcloud/server/blob/master/config/config.sample.php#L451
Beacuse your nextcloud server is behind a reverse proxy. Hence it doesn't know it is on https.
Set that and all should work.
Awesome! Thanks @rullzer
For the records for others:
- If you are ramping up an initial installation, setting the environment variable
NEXTCLOUD_OVERWRITEPROTOCOLtohttpsshould solve the issue for the docker base image, as soon as nextcloud/docker#819 got merged - Until then you need to execute
sudo docker-compose exec --user www-data app php occ config:system:set overwriteprotocol --value="https"once to set this value.
Again โ thank you very much for your support. Closing this issue. Fixed in my template in bentolor/docker-nextcloud-collabora-postgresql-letsencrypt@b042684
Final fix pending / blocked by nextcloud/docker#819
Great! Thanks @rullzer
In php.config I just added 'overwriteprotocol' => 'https' and now it works ๐