search

nextcloud / android

📱 Nextcloud Android app
https://play.google.com/store/apps/details?id=com.nextcloud.client
GNU General Public License v2.0
4.32k stars 1.78k forks source link

Cant login from mobile #6576

Closed tomfun closed 4 years ago

tomfun commented 4 years ago

Steps to reproduce

  1. Install the app (or reinstall)
  2. enter address (httpsnextcloud.my-domain-example.com)
  3. enter valid credentials (which are working in mobile chrome)
  4. Got dialogue "allow this device..."
  5. press "allow access"
  6. got stuck: loader infinitely rotates

Also tried to get access token from web and it leads me to the same result.

Expected behaviour

It must login and show the files. If my server is not giving a token or any other problem at least show error and do not get stuck.

Actual behaviour

It gets stuck

Can you reproduce this problem on https://try.nextcloud.com?

Environment data

Android version: 10

Device model: Samsung Galaxy S10e

Stock or customized system:

Nextcloud app version: 3.12.1

Nextcloud server version: 19.0.1

Reverse proxy: nginx

Logs

Web server error log


app_1  | - -  30/Jul/2020:00:30:38 +0000 "GET /status.php" 200
web_1  | 178.133.100.9 - - [30/Jul/2020:00:30:38 +0000] "GET /status.php HTTP/1.0" 200 170 "-" "Mozilla/5.0 (Android) Nextcloud-android/3.12.1" "178.133.100.9"
app_1  | - -  30/Jul/2020:00:30:38 +0000 "HEAD /remote.php" 401
web_1  | 178.133.100.9 - - [30/Jul/2020:00:30:38 +0000] "HEAD /remote.php/webdav/ HTTP/1.0" 401 0 "-" "Mozilla/5.0 (Android) Nextcloud-android/3.12.1" "178.133.100.9"
app_1  | - -  30/Jul/2020:00:30:24 +0000 "GET /index.php" 200
web_1  | 172.18.0.1 - - [30/Jul/2020:00:30:38 +0000] "GET /apps/logreader/poll?lastReqId=fM8poyOfCvPg18UWkwX0 HTTP/1.0" 200 1901 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "172.18.0.1"
app_1  | - -  30/Jul/2020:00:30:38 +0000 "GET /index.php" 200
web_1  | 178.133.100.9 - - [30/Jul/2020:00:30:38 +0000] "GET /index.php/login/flow HTTP/1.0" 200 7209 "-" "Samsung SM-G970F (Android)" "178.133.100.9"
app_1  | - -  30/Jul/2020:00:30:38 +0000 "GET /index.php" 200
web_1  | 178.133.100.9 - - [30/Jul/2020:00:30:38 +0000] "GET /core/js/oc.js?v=55389038 HTTP/1.0" 200 10259 "-" "Samsung SM-G970F (Android)" "178.133.100.9"
app_1  | - -  30/Jul/2020:00:30:38 +0000 "GET /cron.php" 200
web_1  | 178.133.100.9 - - [30/Jul/2020:00:30:39 +0000] "GET /cron.php HTTP/1.0" 200 20 "-" "Samsung SM-G970F (Android)" "178.133.100.9"
app_1  | - -  30/Jul/2020:00:30:38 +0000 "GET /index.php" 200
web_1  | 172.18.0.1 - - [30/Jul/2020:00:30:39 +0000] "GET /apps/logreader/poll?lastReqId=bCuT0fUMNGuppyDNcAEy HTTP/1.0" 200 631 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "172.18.0.1"
app_1  | - -  30/Jul/2020:00:30:44 +0000 "GET /ocs/v2.php" 200
web_1  | 172.18.0.1 - - [30/Jul/2020:00:30:44 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.0" 200 3252 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "172.18.0.1"

app_1  | - -  30/Jul/2020:00:30:46 +0000 "GET /index.php" 303
web_1  | 178.133.100.9 - - [30/Jul/2020:00:30:46 +0000] "GET /login/flow/grant?clientIdentifier=&stateToken=6zh9P3X7IsVLxf328nZ3M1yhnmOIQYWG5DODtHWTNxL3la0qhecvqPXeLSZa8h7C HTTP/1.0" 303 0 "-" "Samsung SM-G970F (Android)" "178.133.100.9"
app_1  | - -  30/Jul/2020:00:30:46 +0000 "GET /index.php" 200
web_1  | 178.133.100.9 - - [30/Jul/2020:00:30:46 +0000] "GET /login?redirect_url=/login/flow/grant?clientIdentifier%3D%26stateToken%3D6zh9P3X7IsVLxf328nZ3M1yhnmOIQYWG5DODtHWTNxL3la0qhecvqPXeLSZa8h7C HTTP/1.0" 200 6521 "-" "Samsung SM-G970F (Android)" "178.133.100.9"
app_1  | - -  30/Jul/2020:00:30:46 +0000 "GET /index.php" 200
web_1  | 178.133.100.9 - - [30/Jul/2020:00:30:47 +0000] "GET /core/js/oc.js?v=55389038 HTTP/1.0" 200 10259 "-" "Samsung SM-G970F (Android)" "178.133.100.9"
app_1  | - -  30/Jul/2020:00:30:47 +0000 "GET /ocs/v2.php" 200
web_1  | 172.18.0.1 - - [30/Jul/2020:00:30:47 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.0" 200 3252 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "172.18.0.1"
app_1  | - -  30/Jul/2020:00:30:39 +0000 "GET /index.php" 200
web_1  | 172.18.0.1 - - [30/Jul/2020:00:30:47 +0000] "GET /apps/logreader/poll?lastReqId=KvhDsdEoDsaGGjSBQG7E HTTP/1.0" 200 3079 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "172.18.0.1"
app_1  | - -  30/Jul/2020:00:30:47 +0000 "GET /cron.php" 200
web_1  | 178.133.100.9 - - [30/Jul/2020:00:30:47 +0000] "GET /cron.php HTTP/1.0" 200 20 "-" "Samsung SM-G970F (Android)" "178.133.100.9"

db_1   | 2020-07-30 00:31:06.617 UTC [567] ERROR:  duplicate key value violates unique constraint "oc_credentials_pkey"
db_1   | 2020-07-30 00:31:06.617 UTC [567] DETAIL:  Key ("user", identifier)=(--my-login-stripped--, password::logincredentials/credentials) already exists.
db_1   | 2020-07-30 00:31:06.617 UTC [567] STATEMENT:  INSERT INTO "oc_credentials" ("user", "identifier", "credentials") VALUES($1, $2, $3)
app_1  | - -  30/Jul/2020:00:31:06 +0000 "POST /index.php" 303
web_1  | 178.133.100.9 - - [30/Jul/2020:00:31:07 +0000] "POST /login HTTP/1.0" 303 0 "-" "Samsung SM-G970F (Android)" "178.133.100.9"
app_1  | - -  30/Jul/2020:00:31:07 +0000 "GET /index.php" 200
web_1  | 178.133.100.9 - - [30/Jul/2020:00:31:07 +0000] "GET /login/flow/grant?clientIdentifier=&stateToken=6zh9P3X7IsVLxf328nZ3M1yhnmOIQYWG5DODtHWTNxL3la0qhecvqPXeLSZa8h7C HTTP/1.0" 200 6404 "-" "Samsung SM-G970F (Android)" "178.133.100.9"
app_1  | - -  30/Jul/2020:00:31:07 +0000 "GET /index.php" 200
web_1  | 178.133.100.9 - - [30/Jul/2020:00:31:07 +0000] "GET /core/js/oc.js?v=55389038 HTTP/1.0" 200 10346 "-" "Samsung SM-G970F (Android)" "178.133.100.9"
app_1  | - -  30/Jul/2020:00:30:47 +0000 "GET /index.php" 200
web_1  | 172.18.0.1 - - [30/Jul/2020:00:31:07 +0000] "GET /apps/logreader/poll?lastReqId=a3KEiEUsPj6w0RvE6DSv HTTP/1.0" 200 2 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "172.18.0.1"
app_1  | - -  30/Jul/2020:00:31:07 +0000 "GET /cron.php" 200
web_1  | 178.133.100.9 - - [30/Jul/2020:00:31:08 +0000] "GET /cron.php HTTP/1.0" 200 20 "-" "Samsung SM-G970F (Android)" "178.133.100.9"
app_1  | - -  30/Jul/2020:00:31:07 +0000 "GET /index.php" 200
web_1  | 172.18.0.1 - - [30/Jul/2020:00:31:09 +0000] "GET /apps/logreader/poll?lastReqId=a3KEiEUsPj6w0RvE6DSv HTTP/1.0" 200 631 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "172.18.0.1"
tomfun commented 4 years ago

I really checked and changed server configuration. My problem solved. But still, android client must show friendly errors, it costed me hours :(

AndyScherzinger commented 4 years ago

If my server is not giving a token or any other problem at least show error and do not get stuck. But still, android client must show friendly errors, it costed me hours :(

There are ongoing discussions between @tobiasKaminsky and @rullzer on how we can improve this. The login process with the token as mentioned by you is a web flow that is run through Android's webview and as a clietn we don't get any information at the moment. So right now we can't provide any meaningful error message not even talking about an error message that points to the real issue at hand...

tobiasKaminsky commented 4 years ago

What was the change, @tomfun? So we can try to reproduce and give a better error message.

tomfun commented 4 years ago 
# nginx.conf
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy)\.php(?:$|\/) {
  #...
  fastcgi_param HTTPS on;
  #...
}

As I remember

tobiasKaminsky commented 4 years ago

@nextcloud/server-triage can we somehow check this in our server / admin config checks?

MorrisJobke commented 4 years ago

@nextcloud/server-triage can we somehow check this in our server / admin config checks?

We can't check the config, but only the outcome. What specifically went wrong? Do we have an example request that has an before and after behavior? That could be checked under some circumstances

vnidens commented 4 years ago

Hi guys. I've just tested and it's definitely the part of the config @tomfun mentioned.

My current config is Nextcloud with Nginx backend (which serves Nextcloud through HTTP only) and Nginx as Reverse proxy (serves everything through HTTPS) in Docker. I want to keep HTTP for my local network and HTTPS only for external one so I couldn't just set fastcgi_param HTTPS on;

The fix with such config would be like that:

  1. Add proxy_set_header X-Forwarded-Proto $scheme; in the Nginx Reverse Proxy config
  2. Add following block in the Nginx Nextcloud config: 
    http {
//...
map $http_x_forwarded_proto $fastcgi_param_https_variable {
    default '';
    https 'on';
}
//...

Hope it would help someone else.

stale[bot] commented 4 years ago

This bug report did not receive an update in the last 4 weeks. Please take a look again and update the issue with new details, otherwise the issue will be automatically closed in 2 weeks. Thank you!

tobiasKaminsky commented 4 years ago

Seems to be fixed.