Attempting to log in only shows the CAS option, resulting in a loop

[csolisr]

Describe the bug

After the latest update of Element / Synapse, the web client only shows the option to log in using CAS, which results in an infinite loop.

Context

• Hardware: Dedicated home server (x86)
• YunoHost version: 11.2.4
• I have access to my server: Through SSH, webadmin, direct access
• Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: yes
  • If yes, please explain: Using a VPS to bridge my home server with the open internet via Wireguard.
• Using, or trying to install package version/branch: 1.11.44

Steps to reproduce

1. Open a web browser and go to the frontend page, e.g. https://chat.example.net
2. If the website requests your YunoHost user name and password, enter them here.
3. Attempt to log in. If the home server is not selected by default, do so.
4. Notice that there is no option to log in using the user name and password, only through the "Continue with CAS" button. Click it.
5. Notice that you have been redirected to the YunoHost dashboard instead, and that a banner appears that reads "Please log in to access to this content". Your account will remain logged in, however.
6. Click on the "Element" panel. Notice that this will return you to the step 4, turning into an infinite loop.

Expected behavior

The browser should be able to correctly redirect the user to the CAS login mechanism.

Logs

From the console log (URL redacted to example.net):

Initialised rageshake. bundle.js:2:3220791
To fix line numbers in Chrome: Meatball menu → Settings → Ignore list → Add /rageshake\.ts & /logger\.ts$ bundle.js:2:3220791
Using Web platform bundle.js:2:3220791
XHRGET
https://chat.example.net/config.chat.example.net.json?cachebuster=1695311184195
[HTTP/1.1 404 Not Found 1539ms]

wasm streaming compile failed: TypeError: WebAssembly: Response has unsupported MIME type 'application/octet-stream' expected 'application/wasm' bundle.js:2:3220791
falling back to ArrayBuffer instantiation bundle.js:2:3220791
Using WebAssembly Olm bundle.js:2:3220791
No bug report endpoint set - logs will not be persisted bundle.js:2:3220791
set language to en-us bundle.js:2:3220791
Application is running in production mode bundle.js:2:3220791
Vector starting at https://chat.example.net/ bundle.js:2:3220791
startUpdater, current version is 1.11.42 bundle.js:2:3220791
Verifying homeserver configuration bundle.js:2:3220791
Config uses a default_server_config - validating object bundle.js:2:3220791
No update available, already on 1.11.42 bundle.js:2:3220791
Using homeserver config: 
Object { hsUrl: "https://example.net", hsName: "example.net", hsNameIsDifferent: false, isUrl: "https://vector.im", isDefault: true, warning: null, isNameResolvable: true, delegatedAuthentication: undefined }
bundle.js:2:3220791
Updating SdkConfig with validated discovery information bundle.js:2:3220791
getSessionLock[8ac0c96e-051b-4202-8ddf-94955c06c7ff] No other session has the lock: proceeding with startup bundle.js:2:3220791
No previous session found. bundle.js:2:3220791
Doing guest login on https://example.net bundle.js:2:3220791
FetchHttpApi: --> POST https://example.net/_matrix/client/v3/register?kind=xxx bundle.js:2:3220791
Resource map error: Error: NetworkError when attempting to fetch resource.
URL of resource: https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js 
URL of resource map: bundle.js.map

XHRPOST
https://example.net/_matrix/client/v3/register?kind=guest
[HTTP/1.1 403 Forbidden 1156ms]

FetchHttpApi: <-- POST https://example.net/_matrix/client/v3/register?kind=xxx [2843ms 403] bundle.js:2:3220791
Failed to register as guest M_UNKNOWN: MatrixError: [403] Guest access is disabled (https://example.net/_matrix/client/v3/register?kind=guest)
    o https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    a https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    c https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    requestOtherUrl https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    request https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    registerRequest https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    registerGuest https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    ie https://chat.example.net/bundles/d8be154297a8d0221afb/vendors~element-web-app.js:2
    ie https://chat.example.net/bundles/d8be154297a8d0221afb/vendors~element-web-app.js:2
    loadSession https://chat.example.net/bundles/d8be154297a8d0221afb/vendors~element-web-app.js:2
    promise callback*loadSession https://chat.example.net/bundles/d8be154297a8d0221afb/vendors~element-web-app.js:2
    initSession https://chat.example.net/bundles/d8be154297a8d0221afb/vendors~element-web-app.js:2
    Xe https://chat.example.net/bundles/d8be154297a8d0221afb/vendors~element-web-app.js:2
    Xe https://chat.example.net/bundles/d8be154297a8d0221afb/vendors~element-web-app.js:2
    vo https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    qa https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    Ws https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    Dl https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    Rl https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    Fl https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    vl https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    ml https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    Jl https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    oc https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    El https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    oc https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    render https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    se https://chat.example.net/bundles/d8be154297a8d0221afb/init.js:1
    async* https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    async* https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    l https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    n https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    <anonymous> https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
    <anonymous> https://chat.example.net/bundles/d8be154297a8d0221afb/bundle.js:2
bundle.js:2:3220791
newscreen login 2 bundle.js:2:3220791
Resource map error: Error: NetworkError when attempting to fetch resource.
URL of resource: https://chat.example.net/bundles/d8be154297a8d0221afb/vendors~element-web-app.js 
URL of resource map: vendors~element-web-app.js.map

FetchHttpApi: --> GET https://example.net/_matrix/client/v3/login bundle.js:2:3220791
Resource map error: Error: NetworkError when attempting to fetch resource.
URL of resource: https://chat.example.net/bundles/d8be154297a8d0221afb/init.js 
URL of resource map: init.js.map

FetchHttpApi: <-- GET https://example.net/_matrix/client/v3/login [1152ms 200] bundle.js:2:3220791
Skipping flow 
Object { type: "m.login.token" }
 due to unsupported login type m.login.token bundle.js:2:3220791
Skipping flow 
Object { type: "m.login.application_service" }
 due to unsupported login type m.login.application_service

[orhtej2]

Did you edit the log out does it actually try to connect to example.net? (believe it or not but that's a real website!)

[csolisr]

Yes, as indicated above I redacted my actual domain with example.net for security concerns. The site does not, in fact, connect to the actual example.net.

[csolisr]

Follow up to this issue - I thought it would be solved by disabling some plugins I had installed on Firefox, but the issue persists in another machine. Is there something I can send you from the logs?

[csolisr]

Checking my nginx configuration, I can see that the current configuration for CAS is:

location /_matrix/ {

[...]

        # Use the specific path for the php file. It's more secure than global php path
        location /_matrix/cas_server.php {

Which means that the URL that Synapse is expecting would be in the form of https://example.net/_matrix/cas_server.php, but the newest version of Element expects the CAS to be in the form of https://example.net/_matrix/client/v3/login/sso/redirect/cas - maybe I should raise the issue on the synapse_ynh repository as well?

[pagiraud]

Hello,

FYI, same problem here.

[Quiwy]

Same problem here.

[Josue-T]

Closing as it's liked to a synapse issue. cf https://github.com/YunoHost-Apps/synapse_ynh/issues/412