Stuck in login loop

[kvannotten]

After the latest update of yesterday, I can no longer login. The app keeps redirecting me to authorize my account.

[nextcloud-android-bot]

GitMate.io thinks possibly related issues are https://github.com/nextcloud/android/issues/2284 (Login loop), https://github.com/nextcloud/android/issues/2032 (Login attempt just stops), https://github.com/nextcloud/android/issues/2561 (No login possible), https://github.com/nextcloud/android/issues/2143 (Login issue), and https://github.com/nextcloud/android/issues/433 (Login Error).

[alerque]

I've got the same problem. The app was fine before the update (4 hours ago), just a few minutes ago I saw the play store notification that it had updated it and tried it again. My Nextcloud server is up to date with the latest stable release and I can login on the web and from the desktop client (on Linux) just fine. The Android app just looks me back to the login — after what appears to be a successful login. The user/password phase seems to work, it then prompts to grant access to the app, only then does it jump back to asking for a login.

@nextcloud-android-bot None of those issues seem to be related, they are all old 2018 login related things and this appears to be a new regression in the latest release.

[tobiasKaminsky]

Is this also happening with a new account?

[kvannotten]

just tested it with a new account, still happens.

[thrawn-sh]

Same problem here. New account doesn't work either. Everything was fine before the app update. DavDroid / DavX5 still works.

[tobiasKaminsky]

Can you create us a test account, test if the problem occurs also there and if so send the credentials to tobias at nextcloud dot com with a reference to this issue?

[thrawn-sh]

@tobiasKaminsky: I've sent you an Mail with a complete fresh account, please let me know if I can do anything else.

[scho0ck]

I have the same issue with the app version 3.5.0 and Nextcloud 15.0.4 it all started to act up after the update if the android app

[alerque]

I just had a look at the Apache log files for my Nextcloud instance and don't see anything particularly useful, but maybe it will mean something to a developer. I've redacted specific values using <key> syntax, all the values with the same key are the same.

First, these lines showed up when I first opened the app and was show a login screen:

- - [15/Feb/2019:06:25:23 +0000] "GET /index.php/login/flow/grant?clientIdentifier=&stateToken= HTTP/1.1" 303 - - - [15/Feb/2019:06:25:24 +0000] "GET /index.php/login/flow/grant?clientIdentifier=&stateToken= HTTP/1.1" 303 - - - [15/Feb/2019:06:25:24 +0000] "GET /index.php/login?redirect_url=/index.php/login/flow/grant%3FclientIdentifier%3D%26stateToken% HTTP/1.1" 200 8525 - - [15/Feb/2019:06:25:34 +0000] "GET /index.php/core/js/oc.js?v=7c4c8bc0 HTTP/1.1" 200 4797

After entering my credentials and hitting login, these lines showed up:

- - [15/Feb/2019:06:25:50 +0000] "POST /index.php/login?redirect_url=/index.php/login/flow/grant%3FclientIdentifier%3D%26stateToken% HTTP/1.1" 303 - - - [15/Feb/2019:06:25:51 +0000] "GET /index.php/login/flow/grant?clientIdentifier=&stateToken= HTTP/1.1" 200 6749 - - [15/Feb/2019:06:25:51 +0000] "GET /index.php/core/js/oc.js?v=7c4c8bc0 HTTP/1.1" 200 4891

Here I was show the "grant" button, after which these showed up (while the app looked like it was loading a file manager for about 20 seconds, then it dumped be back at the login screen.

- - [15/Feb/2019:06:26:14 +0000] "POST /index.php/login/flow HTTP/1.1" 303 - - - [15/Feb/2019:06:26:15 +0000] "GET /status.php HTTP/1.1" 200 137 - - [15/Feb/2019:06:26:15 +0000] "HEAD /remote.php/webdav/ HTTP/1.1" 401 - - [15/Feb/2019:06:26:16 +0000] "HEAD /remote.php/webdav/ HTTP/1.1" 200 - - [15/Feb/2019:06:26:16 +0000] "GET /ocs/v1.php/cloud/user?format=json HTTP/1.1" 200 684 - [15/Feb/2019:06:26:17 +0000] "GET /ocs/v1.php/cloud/users/?format=json HTTP/1.1" 401 140 - [15/Feb/2019:06:26:18 +0000] "GET /ocs/v1.php/cloud/users/?format=json HTTP/1.1" 401 140 - [15/Feb/2019:06:26:18 +0000] "GET /index.php/avatar//235 HTTP/1.1" 304 - - [15/Feb/2019:06:26:18 +0000] "GET /status.php HTTP/1.1" 200 137 - [15/Feb/2019:06:26:18 +0000] "POST /ocs/v2.php/apps/notifications/api/v2/push?format=json&pushTokenHash=&devicePublicKey=&proxyServer=https%3A%2F%2Fpush-notifications.nextcloud.com HTTP/1.1" 401 106 - [15/Feb/2019:06:26:20 +0000] "GET /ocs/v1.php/cloud/capabilities?format=json HTTP/1.1" 200 537 - [15/Feb/2019:06:26:22 +0000] "GET /ocs/v1.php/cloud/user?format=json HTTP/1.1" 401 140 - [15/Feb/2019:06:26:26 +0000] "PROPFIND /remote.php/webdav/ HTTP/1.1" 401 343 > - - [15/Feb/2019:06:26:33 +0000] "GET /status.php HTTP/1.1" 200 137 - - [15/Feb/2019:06:26:33 +0000] "HEAD /remote.php/webdav/ HTTP/1.1" 401 - - - [15/Feb/2019:06:26:33 +0000] "GET /status.php HTTP/1.1" 200 137 - - [15/Feb/2019:06:26:34 +0000] "HEAD /remote.php/webdav/ HTTP/1.1" 401 - - - [15/Feb/2019:06:26:34 +0000] "GET /index.php/login/flow HTTP/1.1" 200 7293 - - [15/Feb/2019:06:26:35 +0000] "GET /index.php/core/js/oc.js?v=7c4c8bc0 HTTP/1.1" 200 4799

[matrafox]

I have same issue . I have updated today the app , and no longer working. After login I am redirected to login again. The server is on a VPS locally

[thrawn-sh]

I went to the Android account settings on my phone (LinageOS) and deleted the Nextcloud account (despite of the warning that all the messages, contacts and other data will be lost). After deleting the account I went back to nextcloud app and created a new account.

It works for me, and as far as I can tell I did not loose any files on the phone or on the server.

[shani149]

I have same issue, stuck in login auth loop.

[RDominique]

Me to. Removing the account and recreating the account takes care of it (thx @ trawn-sh). Though I hope a new client can be released that automagicaly fixes the issue. I have several low-IT-capable users who can't do the account-trick themselves....

[devlux]

+1

[shani149]

I can login on the web but app is not working. If I remove the user it will remove all my files? Anyway to avoid loss of user files?

[RDominique]

@Shani149, remove and recreate the account on the smartphone/tablet, not on the server...

[shani149]

@RDominique that worked, thanks for explaining.

[moorsey]

Worked for me also, many thanks

Don't forget to re-enable any auto uploads, these were wiped for me after clearing the account

[matrafox]

Hello I confirm also that if you reinstall application it won't work. However if you go to apps/settings and delete data information and reinsert the account will work. Indeed you need to re-enable the auto uploads. However the information that was made between this reinstall install, I don't see it on my server yet. Is there a way to force re-scan of the phone , or to compare again files ? Or I need to copy manually and run occ files:scan

[moorsey]

You have to manually copy anything missed from auto upload, only works on new files from when you reset the rules unfortunately

[matrafox]

Indeed unfortunately . This will be a nice feature to have I think . Also this will be nice for first install of apps to upload existing files on phone.

[mikoladz]

I am also affected by this issue. I have tried to remove application tokens, but this hasn't helped. Any solution other than removing an account (which requires setting up auto uploads again, and I have lots of them)?

[alerque]

Hey guys this is a serious problem — there are a lot of people affected and we're dead in the water. There are quite a few people that have made it to the issue tracker here, but also comments in the Play Store reviews section are starting to proliferate mentioning this issue.

One common theme (but not, apparently, exclusive) is that many of them are using ActiveDirectry for their authentication backend. In my case I'm using LDAP, and a few people seem to have this issue on internally authenticated users.

Is there anything we can do to expedite finding and fixing this? I believe this is the kind of bug that warrants and urgent hotfix point-release. I'm trying not to be too alarmist here, but even just considering my own troubles –as a long time user and advocate who has turned many people on to Nextcloud and hosts it for several teams– I am having to transfer files through other channels and am wondering about alternative platforms.

[oxivanisher]

Is there anything that we can do to help find a solution? It still bugs lots of users. And no, re-auth every user is not really an option for lots of admins out there...

[JoCowood]

I have the same problem and I have a lot of "low-IT-capable users", too, which encouter this problem.

[devlux]

shouldn't this be labeled as "high"?

[aristaeus]

I have this problem too. I tried reinstalling the app before coming to this thread and now I can't remove my Nextcloud account from "Accounts" because it isn't there... but I still can't login to my account. A new account works just fine. Does anyone know where any remaining data might be on my phone that I can delete manually?

[oxivanisher]

Updating the Nextcloud to the new release, 15.0.5 fixed it at least on my phone. I have to check it with my users...

[mikoladz]

In my case upgrading NC to 15.0.5 has not helped. I am still stuck in the login loop. I am using LDAP accounts.

[oxivanisher]

Yes, it (upgrading Nextcloud) probably did not "work correctly" for me either, since I lost the instant upload settings. My android app lost those settings somewhere along the way which is probably the same as clearing the app-cache. Upgrading is no solution, the problem seems to be with the android app.

[alerque]

I can also confirm the 15.0.5 server update does not change this situation at all. Given there was an LDAP related change I thought there was an outside chance it was related, but nope.

Additionally I just updated some Android devices from 8.1 (Lineage 15.1 / Oreo) to 9.0 (Lineage 16 / Pie), and that also has no effect on the app behavior. The login still fails the same way it had been on those devices.

[drkmccy]

I think this is the same as #2811 and #2553

[alerque]

Wow @derekblankmccoy I thought I'd done well finding the newer duplicates, thanks for dredging those up. They do seem to be related and there appears to be some long standing gremlin that keeps wearing a new face. That being said it isn't clear what the common thread is since lots of previous cases seem to have been resolved and the still open issues hint at things like older server versions etc.

Just in case I reviewed the suggested "solutions" for hints and tried clearing all previously authenticated tokens / logins from the server in case it was trying to use some old cached one. That seems to have done nothing, using a newly generated one does work (the server shows the new authentication) but the app still kicks back to the login.

[phu9Suop]

Hi I have same Problem nextcloud both 15.0.5 and previous versions Linux debian stable desktop works fine with browser firefox esr.

on Fairphone 2 with android 7.1.2 rev 19.02.1 Fairphone OpenOS davx5 works fine Contacts and Calender Nextcloud app 3.4.2 and 3.5.0 is caught in Login loop after Release of resources to app is required. after "Zugriff gewaehren" nextcloud server reports successful login both from Fairphone FP2 and for nxc app The problem arose when updating from nxc 13. since weeks now dumbphone nxc app function is dead. from adb debug no obvious information

[phu9Suop]

Hi I deinstalled the app 3.4.2 and/or 3.5.0 and installed nextcloud_dev ver 20190301. Shifted to internal storage , deleted cache and storage. The nextcloud_dev ver 20190301 works on my Fairphone 2 with android 7.1.2 rev 19.02.1. Fairphone OpenOS. So the difference is between the app 3.4.2 and/or 3.5.0 and the devel version BR Erich

[alerque]

@phu9Suop That does not sound conclusive to me. Deleting the cache & storage is something that's worked for some people even staying on the 3.5.0 release. That's just not a very palatable solution for people with lots of users to support. Also the dev version (whether you installed it manually or from F-Droid probably use a different app sandbox than the official builds anyway, so it's basically a separate beast. What we need is for the official app store release builds to work. At this point I don't think there have been any changes in the code tree that would actually fix this, you're just avoiding the bug in the first place. Wherever it's hiding....

[phu9Suop]

@alerque I have done this before, deleting the app, the cache and storage and reinstalling the 3.4.2 and 3.5.0 versions both with no success. I employed a reputed company to install the nextcloud server for me at a substantial cost. It works with the notebooks, and the company is clueless also about what happens in the smartphone. The installation happened in March 2018 and for two month out of 12 the android app was working at the time of Nextcloud 13. I am a user and have no idea and no intentions to dive into the internas of android / nextcloud, and unfortunately the acquisition of the smartphone has not lead to the expected comfort and savings in time , but become a nightmare in troubleshooting. Clues:

1. dev version and regular release function different. As you mentioned the sandboxes are not the same. Why is the sandbox of the dev version not representative for the sandbox of a production version? Then the dev is not representative for the production version. That could be a cause for the error which is repeorted since
2. The problem is not in the nextcloud server side. The server records a regular login session and no problems.
3. It seems to me, that only the surface of the app disappears, because when checking the storage consumption before deletion, the android "Eigenschaften" Properties or settings reported 83 MByte of memory usage. So at least a data structure has been generated

Next steps: I installed adb and can run a debug session, if I am told what to do. My company above looked at the log and has not found any hint. Probably the debug level of android and logging must be modified to show useful information. BR Erich

[oxivanisher]

It is unbelievable that this problem still exists. My users did start to migrate back to Dropbox, since this very basic feature is broken since over a month now.

[pasichnichenko]

Hey, developers! Are you here? Do you read issue reports? This breaking authorisation problem still here for more that 5 month already!!! I will strongly advise all people stop using nextclowd. It's inappropriate behavior when basic auth facility is broken and developers are just playing with "this may be bug #a or may be #b or #c" instead of fixing such most important and basic thing. Application is UNUSABLE on Android. Reinstall every day is not an options, as resyncing files collection to phone takes a lot of time. I will strongly advise people to keep off from nextclowd till problem will be resolved. Anyone from developers can answer anything?

[drkmccy]

I have to agree with pasichnichenko, this should be priority number one as the app is unusable unless you have some technical knowledge of how to fix it. This is a massive issue for environments with thousands of users.

[RDominique]

Don't agree pasichnichenko. If you are using Nextcoud free of charge, to my opinion, you don't have any right to talk like this. (Especialy your 'don't use Nextcloud' statement bugs me)

If you don't like the situation, take up a programing course and devellop yourselves.

Done that and bene there. It takes a lot of time and effort. Nothing but respect to developpers! It's there choice on what they put there energy in.

Nextcloud has paying users. I would't be supprised that it's that kind of users that keep the project running.

Me myselve am a non-paying user. I suggest non-paying users stay humble...

For the record, I just removed the account, not the app. After recreating the account, for me everything works great. Thus my experience.

[pasichnichenko]

I do respect a developers. They did great job! But everyone becoming developer must understand responsibility he receiving after releasing his product. I am not forcing developers to fix anything. I have no right to force them. I am just asking an answer, whether they are intended to fix auth issue and if they are willing to do then to clarify expected or any other timeframe for this. If developers are not going to fix this issue, please, just answer "we are not going to fix it, we don't care, learn programming and fix yourself if you need", and I will be fine even with this answer, as I will know what to expect next and will update my plans accordingly. But instead of an answer, real answer, we get some strange thoughts around issues and then just silence. I'm monitoring this particular issue with auth since around summer 2018 and it's just still here but no any clarification about priority and intention and/or timeframe about fixing the issue. And yes, I have tried removing account from phone, readding, reinstalling app and readding account again and upgrading, every time it was working fine after, for some time, but breaking again and again. Sometimes it gets fixed himself somehow, I've tried a lot to reproduce this self-fixing, but it's breaking again and again after. Yesterday the app selffixed again and right now it's working fine, but it's unclear when it will break again, may be tomorrow...

[eldiep]

It's really annoying. Especially if you're using 2FA and you always have to login and generate a new App-password when this happens.

Is it in sight when there will be a fix?

[stale[bot]]

This request did not receive an update in the last 4 weeks. Please take a look again and update the issue with new details, otherwise the issue will be automatically closed in 2 weeks. Thank you!

[alerque]

Hey @stale, your configuration indicates project management failure here... This issue is not stale, it is confirmed many times over and still a bug. The only thing stale about it is that it's not getting fixed.

In all seriousness, please reconfigure that bot to only run on issues that have been tagged as needing more user input.

[drkmccy]

How come there is no movement on this? It's a major issue

[fischerman]

I did some digging and found a problem which is related to LDAP. The first login is successful, after which the Android App generates a login token for successive logins. However, that fails with OCA\User_LDAP\Exceptions\NotOnLDAP in my case. Can other people please confirm if they find the same errors in their log files?

The problem is, that the app uses the unique identifier (which by default is objectGUID in Active Directory) as a user name when logging in. By default this is not a valid logging attribute. I tried to add it in the LDAP settings, but no luck so far. I think the problem comes from case-sensitivity or string-to-binary conversion. Either way, I don't see an option to solve this by customizing the LDAP search query.

From the top of my head I see two options to solve it:

• Change nextclouds internal username in the LDAP settings. This is not really an option for existing users in a production environment.
• Make Android use the username that was originally provided (from the GUI). I assume a change here introduced this bug in the first place. Does someone know if it was a deliberate choice to lookup the internal username on the server?
• Change the LDAP module to support objectGUID from string representation

[drkmccy]

I can confirm that this is happening to my LDAP users. I also suspected this to be a token issue as it only happened to my users when they I upgraded them from v1.4.3 of the app to v3.2.1 As a result, I've been getting endless complaints about the login process being more complicated. We don't have 2FA yet the login process still displays the "grant access" page.

[fischerman]

I thought "grant access" is for token generation and not related to 2FA, I might be wrong though.

Nextcloud does not delete the user data but only the settings when you clear the storage through Android settings. I believe the problem is the (corrupted) user data from an older app version. Once you remove the account and add it again, everything works fine for me (i.e. the login attribute is used as the username and not the GUID). However, in order to delete your account, you have to be able to login (or delete data manually I guess; dunno how).

I found a workaround for people with access to AD. Copy the string representation of the objectGUID (uppercase with commas) into externalAttribute1 and make it a login attribute in NC. Unfortunately, that has to be done for every user.

[drkmccy]

If it's for token generation, surely that should be hidden and automatic with no need for user intervention? Thank you for your research though, it looks like you have found the issue. I guess it's now for the devs to fix it.