CAS not working after migration to ynh 12

[Thatoo]

Describe the bug

After migrating to ynh 12, I can't connect to matrix account. When I click on "Continue with CAS", it goes to the ynh user app list only.

Context

• Hardware: Old laptop or computer
• YunoHost version: 12.0.7
• I have access to my server: Through SSH | through the webadmin | direct access via keyboard / screen
• Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: no

Steps to reproduce

Connect to ynh SSO. Go to app.element.io Choose synapse server address Click on "Continue with CAS" Reach to the user ynh app list screen

Also, if I go on https://domain.tld/_matrix/cas_server.php, then I get a "Bad URL" page.

Expected behavior

Be able to click on continue/accept and be connected to matrix account within Element.

Logs

[Thatoo]

Well, I discover that if I'm not already logged in when I click on "Continue with CAS" but I login after then it works.

[Josue-T]

Hello,

Can you try from testing to see if it solve the issue.

[Thatoo]

Still the same. If I'm not logged in (private browser window), CAS is working and I can connect but if I'm already logged in as a user to ynh portal then CAS isn't working, I reach to the ynh user app list and I can't connect to Matrix in Element web app.

[Josue-T]

So if I understand correctly the issue is with the session on which you are already logged in. If it's the case can you try to logout then login and try again. I would like to be sure that you have the correct cookie when you send the request.

[Thatoo]

No, it's the same. If I'm logged in (even if I first logout and then login again) when I click on the button "continue with CAS" then it goes to the ynh user app list instead of asking me to "accept". If I'm logged out when I click on the button "continue with CAS", then I reach to the ynh login screen and after login, I have the page to "accept" and then it works.

I tried app.element.io on both Firefox private page and Firefox dev (not private, without any addons).

[Josue-T]

Ok, maybe it coule be a crash of the php part. Can you share me the content of you php and nginx log ?

[Thatoo]

I could not find anything relevant in /var/log/php8.3-fpm.log nor in /var/log/nginx/:

• error.log
• ssowat.log
• matrix.domain.tld-error.log

The only error I could find in logs when I repeat the action was in /var/log/domain.tld-error.log :

2024/11/23 20:02:25 [error] 264350#264350: *292189 open() "/usr/share/yunohost/portal/customassets/domain.tld.custom.css" failed (2: No such file or directory), client: 89.234.177.94, server: domain.tld, request: "GET /yunohost/sso/customassets/custom.css HTTP/2.0", host: "hamdel.in", referrer: "https://domain.tld/yunohost/sso/?r=aHR0cHM6Ly9tYXRyaXguaGFtZGVsLmluL19tYXRyaXgvY2FzX3NlcnZlci5waHAvbG9naW4/c2VydmljZT1odHRwczovL21hdHJpeC5oYW1kZWwuaW4vX21hdHJpeC9jbGllbnQvcjAvbG9naW4vY2FzL3RpY2tldD9yZWRpcmVjdFVybD1odHRwcyUzQSUyRiUyRmFwcC5lbGVtZW50LmlvJTJG"

[Josue-T]

Can you share me the log that you have while do try a login in /var/log/nginx/<synapse domain>-access.log ?

[Thatoo]

xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:32 +0100] "GET /.well-known/matrix/client HTTP/2.0" 302 138 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:32 +0100] "GET /_matrix/client/versions HTTP/2.0" 200 1063 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:32 +0100] "GET /_matrix/client/unstable/org.matrix.msc2965/auth_issuer HTTP/2.0" 404 59 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
::1 - - [25/Nov/2024:11:36:32 +0100] "GET /_matrix/client/v3/sync?timeout=30000&since=s51095_3444130_247_54547_10614_34_5635_29148_0_7&filter=0&set_presence=online HTTP/1.1" 200 225 "-" "mautrix-telegram/0.15.1+dev.unknown mautrix-python/0.20.6 aiohttp/3.11.0 Python/3.11.2"
yyy.yyy.yyy.yyy - - [25/Nov/2024:11:36:46 +0100] "GET /_matrix/client/v3/sync?filter=2&timeout=30000&set_presence=unavailable&since=s51095_3444134_247_54547_10614_34_5635_29148_0_7 HTTP/2.0" 200 252 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Element/1.11.86 Chrome/130.0.6723.59 Electron/33.0.2 Safari/537.36"
yyy.yyy.yyy.yyy - - [25/Nov/2024:11:36:46 +0100] "OPTIONS /_matrix/client/v3/sync?filter=2&timeout=30000&set_presence=unavailable&since=s51095_3444134_247_54547_10614_34_5635_29148_0_7 HTTP/2.0" 204 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Element/1.11.86 Chrome/130.0.6723.59 Electron/33.0.2 Safari/537.36"
yyy.yyy.yyy.yyy - - [25/Nov/2024:11:36:46 +0100] "GET /_matrix/client/v3/sync?filter=2&timeout=30000&set_presence=unavailable&since=s51095_3444134_247_54547_10614_34_5635_29148_0_7 HTTP/2.0" 200 402 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Element/1.11.86 Chrome/130.0.6723.59 Electron/33.0.2 Safari/537.36"
yyy.yyy.yyy.yyy - - [25/Nov/2024:11:36:47 +0100] "OPTIONS /_matrix/client/v3/sync?filter=2&timeout=30000&set_presence=unavailable&since=s51095_3444138_247_54547_10614_34_5635_29148_0_7 HTTP/2.0" 204 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Element/1.11.86 Chrome/130.0.6723.59 Electron/33.0.2 Safari/537.36"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:50 +0100] "GET /.well-known/matrix/client HTTP/2.0" 302 138 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:50 +0100] "GET /_matrix/client/versions HTTP/2.0" 200 1063 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:50 +0100] "GET /_matrix/client/unstable/org.matrix.msc2965/auth_issuer HTTP/2.0" 404 59 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:50 +0100] "GET /.well-known/matrix/client HTTP/2.0" 302 138 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:50 +0100] "GET /_matrix/client/versions HTTP/2.0" 200 1063 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:50 +0100] "GET /_matrix/client/unstable/org.matrix.msc2965/auth_issuer HTTP/2.0" 404 59 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:50 +0100] "GET /_matrix/client/versions HTTP/2.0" 200 1063 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:50 +0100] "GET /_matrix/client/unstable/org.matrix.msc2965/auth_issuer HTTP/2.0" 404 59 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:50 +0100] "GET /_matrix/client/v3/login HTTP/2.0" 200 170 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:52 +0100] "GET /_matrix/client/v3/login/sso/redirect/cas?redirectUrl=https%3A%2F%2Fapp.element.io%2F&org.matrix.msc3824.action=login HTTP/2.0" 302 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
xxx.xxx.xxx.xxx - - [25/Nov/2024:11:36:52 +0100] "GET /_matrix/cas_server.php/login?service=https%3A%2F%2Fmatrix.domain.tld%2F_matrix%2Fclient%2Fr0%2Flogin%2Fcas%2Fticket%3FredirectUrl%3Dhttps%253A%252F%252Fapp.element.io%252F HTTP/2.0" 302 138 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:132.0) Gecko/20100101 Firefox/132.0"
^C