search

cozy / cozy-stack

Simple, Versatile, Yours
https://docs.cozy.io/en/cozy-stack/
GNU Affero General Public License v3.0
1.15k stars 141 forks source link

malformed JWTs on iPhone #4491

Open john-gold opened 1 week ago

john-gold commented 1 week ago

Hello,

I tried different browsers (Safari, Firefox) and the Cloud Personnel Cozy app from the AppStore to connect my iPhone (iPhone 13 with iOS 18.1) with my local cozy-stack (v1.6.31). None of them seem to work, while the access via PC (Linux & Windows with different browsers) has no issues.

It seems that the frontend/js-scripts are generating an invalid/malformed JWT. After providing my instance/user password (when using a browser) or the e-mailed confirmation code (when using the app) I see the following error messages in the log. On the iPhone is just a black screen displayed.

INFO[0029] New connection from XXX.XXX.X.X at 2024-11-18 11:06:12.122833047 +0100 CET m=+29.627055177 (password)  domain=dev.cozy.local nspace=loginaudit
time=2024-11-18T11:06:12+01:00  status=200  method=POST host=dev.cozy.local uri=/auth/login bytes_out=43
time=2024-11-18T11:06:12+01:00  status=200  method=GET  host=dev.cozy.local uri=/assets/icons/check.svg bytes_out=273
INFO[0030] Cannot find asset                             context=dev domain=dev.cozy.local name=/images/default-wallpaper.jpg nspace=assets
time=2024-11-18T11:06:12+01:00  status=200  method=GET  host=home.dev.cozy.local    uri=/   bytes_out=3091
time=2024-11-18T11:06:13+01:00  status=200  method=GET  host=home.dev.cozy.local    uri=/vendors-home.7403737af06f51ba0d38.0.min.css    bytes_out=233016
time=2024-11-18T11:06:13+01:00  status=200  method=GET  host=dev.cozy.local uri=/assets/manifest.5495261505.webmanifest bytes_out=180
time=2024-11-18T11:06:13+01:00  status=200  method=GET  host=dev.cozy.local uri=/assets/styles/theme.b95be94612.css bytes_out=39
time=2024-11-18T11:06:13+01:00  status=200  method=GET  host=dev.cozy.local uri=/assets/fonts/fonts.css bytes_out=347
time=2024-11-18T11:06:13+01:00  status=200  method=GET  host=home.dev.cozy.local    uri=/app/home.c20ff5dd16c0f6414178.js   bytes_out=198488
time=2024-11-18T11:06:13+01:00  status=200  method=GET  host=home.dev.cozy.local    uri=/app-home.feb73f802307f228b84d.min.css  bytes_out=6993
time=2024-11-18T11:06:13+01:00  status=200  method=GET  host=home.dev.cozy.local    uri=/vendors/home.c3a374081cd1e21ea437.js   bytes_out=5443582
time=2024-11-18T11:06:15+01:00  status=204  method=OPTIONS  host=dev.cozy.local uri=/settings/instance  bytes_out=0
time=2024-11-18T11:06:15+01:00  status=204  method=OPTIONS  host=dev.cozy.local uri=/files/downloads?Path=%2FSettings%2FHome%2FWallpaper.jpg    bytes_out=0
ERRO[0033] GET /settings/instance code=400, message=Invalid JWT token  domain=dev.cozy.local nspace=http
ERRO[0033] GET /settings/instance code=400, message=Invalid JWT token  domain=dev.cozy.local nspace=http

The "Invalid JWT token"-errors keep repeating infinitely until I abort further requests via closing the app or browser tab on the iPhone.