Extension fails to find vaults after owncloud upgrade

[WHGhost]

### Steps to reproduce 1. Had OwnCloud server setup at version 10.0.4 2. Manually upgraded to 10.0.8 ### Expected behaviour The extension should still work ### Actual behaviour The extension setup ui works and logs into owncloud, but fails to find any vault. The Android app and web ui work. Creating a new user and trying with it fails. ### Configuration **Operating systems**: - Server: Debian 9 - Client: Arch Linux **Browser**: tested with Firefox 59.0.2 and latest chromium **Extensions that might cause interference**: All disabled **Passman version**: 2.1.4 **Extension version**: 2.1.1 **Nextcloud version**: Owncloud 10.0.8 Community edition

[ngrimm]

I observed the exact same behaviour.

The extension was working fine with Owncloud 10.0.7.2, but stopped working after upgrading to version 10.0.8.5.

The web interface is working as expected, but the extension does not find any vaults. Sorry,no vaults found. Please create a vault via the Nextcloud / ownCloud app and try again. I tried adding a new key vault, but it was also not found.

[ProtecJack]

Same issue here, If i browse to the address "/index.php/apps/passman/api/v2/vaults" in chrome when logged in I can see the vault information returned, but watching the traffic from the chrome extension in Fiddler it accesses the same url & the OwnCloud server returns 200 OK with a bunch of cookie information for the login session but the JSON payload is an empty array.

[WHGhost]

It seems that the vault request doesn't include any cookie or requesttoken header, when the web UI does. The extension only includes a basic HTTP authentication header. The server then replies to it with an empty list of vaults.

[chris-bird-coolearth]

Hi guys, I've been having an issue with this too, I've opened a ticket as I've discovered it is an issue with all apps, the breaking change was in this commit https://github.com/owncloud/core/pull/30421/commits/32a8c4080c41e71f78f9cb0d3d4b6c9711a9d985 Re-adding this self::handleLogin($request); seems to fix the issue which is what I've done while the dev team put out a proper solution

[ngrimm]

Thanks for proposing this workaround! I can confirm that this works for me.

[WHGhost]

It was indeed a problem with Owncloud. Thanks for the workaround, @chris-bird-coolearth chris-bird-coole. It is fixed in Owncloud 10.0.9 and has nothing to do with passman, closing the issue.

[mgc8]

I am having the same exact problem after updating to the latest version of OwnCloud on Debian -- 10.0.10 as per this writing. Seems the bug has been re-introduced? Neither extension in Firefox or Chrome can find the vaults.

[javyer]

Yep this problem is present with Owncloud 10.0.10. So let's asks why to Owncloud commiter. the work around worked for me too.

[DeepDiver1975]

Controllers which take the user id as argument in the ctor will fail in ownCloud - like here https://github.com/nextcloud/passman/blob/5bd328fe5b1dffeee3f2ca209977b65aed9ebdb6/controller/credentialcontroller.php#L42

In order to fix this the user session object needs to be injected and the user id can be taken from the session within the controller method.

In ownCloud this change was necessary due to the order of processing the request and to evaluate the user information stored in the request.

Example on how to do it:

https://github.com/owncloud/core/blob/2de709ee929ff8ffd480019c82e09929134ad41d/apps/files/lib/Controller/ApiController.php#L71

https://github.com/owncloud/core/blob/2de709ee929ff8ffd480019c82e09929134ad41d/apps/files/lib/Controller/ApiController.php#L168

Let me know if this help. Cheers :beers:

[javyer]

DeepDiver1975 is saying that getting the userid from ctor is something wrong "in many respects". Someones can comments on that, do passman app for NextCloud/Owncloud needs different way to get userid ? (Injecting usersession object for exemple). As far as I can see userid is obtained like this in many times ... not just credentialcontroller :-/ . Without any change, Passman App is no more working on Owncloud.