search

owncloud-archive / news

:newspaper: News app for ownCloud
GNU Affero General Public License v3.0
290 stars 106 forks source link

Android App not able to login after upgrade to OC 9 #936

Closed apg1980 closed 8 years ago

apg1980 commented 8 years ago

Android App not able to login after upgrade to OC 9

After the Update to OC 9 the android app is unable to login : Attempt to invoke virtuel method 'java.lang.Stringorg.json.JSONObject.optString(jaba.lang.String)' on a null object reference.

Latest Android App. Apache to 2.4.17 PHP to 5.5.29 MySQL to 5.6.25

any sollution for that issue? on oc 8.2.2 everything was working well.

BernhardPosselt commented 8 years ago

I can log in just fine, did you create an issue in the android app bug tracker?

BernhardPosselt commented 8 years ago

Also the owncloud/data/owncloud.log is missing, so no idea where to start.

apg1980 commented 8 years ago

Here are the log entrys: {"reqId":"CtpDPDV5tJxoy2mLclEF","remoteAddr":"10.10.20.10","app":"user_ldap","message":"Error when searching: code ","level":3,"time":"2016-03-11T08:32:43+00:00","method":"GET","url":"\/index.php\/apps\/news\/api\/v1-2\/version"} {"reqId":"CtpDPDV5tJxoy2mLclEF","remoteAddr":"10.10.20.10","app":"user_ldap","message":"Attempt for Paging? ","level":3,"time":"2016-03-11T08:32:43+00:00","method":"GET","url":"\/index.php\/apps\/news\/api\/v1-2\/version"} {"reqId":"CtpDPDV5tJxoy2mLclEF","remoteAddr":"10.10.20.10","app":"user_ldap","message":"Exception: {\"Exception\":\"Exception\",\"Message\":\"No user available for the given login name.\",\"Code\":0,\"Trace\":\"#0 \/OWNCLOUD-DATA\/opt\/bitnami\/apps\/owncloud\/htdocs\/apps\/user_ldap\/user_ldap.php(120): OCA\user_ldap\USER_LDAP->getLDAPUserByLoginName('p.grunenberg')\n#1 \/OWNCLOUD-DATA\/opt\/bitnami\/apps\/owncloud\/htdocs\/lib\/private\/user\/manager.php(183): OCA\user_ldap\USERLDAP->checkPassword(* username and password replaced )\n#2 \/OWNCLOUD-DATA\/opt\/bitnami\/apps\/owncloud\/htdocs\/lib\/private\/user\/session.php(219): OC\User\Manager->checkPassword(_ username and password replaced )\n#3 \/OWNCLOUD-DATA\/opt\/bitnami\/apps\/owncloud\/htdocs\/lib\/private\/appframework\/middleware\/security\/corsmiddleware.php(91): OC\User\Session->login(** username and password replaced ***)\n#4 \/OWNCLOUD-DATA\/opt\/bitnami\/apps\/owncloud\/htdocs\/lib\/private\/appframework\/middleware\/middlewaredispatcher.php(92): OC\AppFramework\Middleware\Security\CORSMiddleware->beforeController(Object(OCA\News\Controller\UtilityApiController), 'version')\n#5 \/OWNCLOUD-DATA\/opt\/bitnami\/apps\/owncloud\/htdocs\/lib\/private\/appframework\/http\/dispatcher.php(88): OC\AppFramework\Middleware\MiddlewareDispatcher->beforeController(Object(OCA\News\Controller\UtilityApiController), 'version')\n#6 \/OWNCLOUD-DATA\/opt\/bitnami\/apps\/owncloud\/htdocs\/lib\/private\/appframework\/app.php(110): OC\AppFramework\Http\Dispatcher->dispatch(Object(OCA\News\Controller\UtilityApiController), 'version')\n#7 \/OWNCLOUD-DATA\/opt\/bitnami\/apps\/owncloud\/htdocs\/lib\/private\/appframework\/routing\/routeactionhandler.php(45): OC\AppFramework\App::main('UtilityApiContr...', 'version', Object(OC\AppFramework\DependencyInjection\DIContainer), Array)\n#8 [internal function]: OC\AppFramework\routing\RouteActionHandler->__invoke(Array)\n#9 \/OWNCLOUD-DATA\/opt\/bitnami\/apps\/owncloud\/htdocs\/lib\/private\/route\/router.php(273): call_user_func(Object(OC\AppFramework\routing\RouteActionHandler), Array)\n#10 \/OWNCLOUD-DATA\/opt\/bitnami\/apps\/owncloud\/htdocs\/lib\/base.php(873): OC\Route\Router->match('\/apps\/news\/api\/...')\n#11 \/OWNCLOUD-DATA\/opt\/bitnami\/apps\/owncloud\/htdocs\/index.php(39): OC::handleRequest()\n#12 {main}\",\"File\":\"\/OWNCLOUD-DATA\/opt\/bitnami\/apps\/owncloud\/htdocs\/apps\/user_ldap\/user_ldap.php\",\"Line\":105}","level":3,"time":"2016-03-11T08:32:43+00:00","method":"GET","url":"\/index.php\/apps\/news\/api\/v1-2\/version"} {"reqId":"CtpDPDV5tJxoy2mLclEF","remoteAddr":"10.10.20.10","app":"core","message":"Login failed: '' (Remote IP: '10.10.20.10')","level":2,"time":"2016-03-11T08:32:43+00:00","method":"GET","url":"\/index.php\/apps\/news\/api\/v1-2\/version"}

BernhardPosselt commented 8 years ago

Ok, so you can't log in via LDAP, correct?

apg1980 commented 8 years ago

everything works fine on the webpage.

BernhardPosselt commented 8 years ago

But you are using LDAP?

apg1980 commented 8 years ago

yepp all the time

BernhardPosselt commented 8 years ago

Ok, so maybe basic auth for APIs and LDAP is broken in core. @blizzz @LukasReschke any ideas? Issue should probably be moved to core

apg1980 commented 8 years ago

the news app on the oc webpage is working properly, everything i have done is upgrading first to oc 8.2.3 (since here the news app is unable to login with the error described) and then to oc 9 with the same issue.

i tryed to clear the android app compleately. no effort

Update: i get also an error with the ownnote android app (another issue report) with an error like this: 401 {"mesage":"CORS requires basic auth"}

maybe this could help to find the issue.

blizzz commented 8 years ago

So the issue started in fact with 8.2.3, not 9.0

apg1980 commented 8 years ago

thats true

blizzz commented 8 years ago

I installed FeedReader to test this locally here. I debugged fetches of feeds so far, and all is good. Also looking the responses in wireshark, all looks OK. The FeedReader did not show me anything, but it might be buggy as well. For instance, I cannot change the account, always telling me "Please enter a valid password" without querying ownCloud.

I tried this with current stable8.2.

BernhardPosselt commented 8 years ago

@David-Development

apg1980 commented 8 years ago

the guys from the ownnote app fixed the issue already. can i help u in a kind of way?

BernhardPosselt commented 8 years ago

I can't help because i don't work on the android app and I don't know why it happens

fbartels commented 8 years ago

That seems to have been a misunderstanding. They applied a fix to their owncloud app and not their Android app. Looking at the commit history this seems to be the crucial change https://github.com/Fmstrat/ownnote/commit/b0254fcf24b262ef90e822a48d24e3bbf8491e89

BernhardPosselt commented 8 years ago

Their fix made their app vulnerable to CSRF attacks. Could you report this?

BernhardPosselt commented 8 years ago

Also it's a core issue, nothing I can fix @LukasReschke

BernhardPosselt commented 8 years ago

Anyways this looks like a very clear core issue now please reopen and link this issue

BernhardPosselt commented 8 years ago

PS the fix reads like: "hm, login does not work for a few users, let's remove the login requirement for everyone"

Issue is probably session related and either broken in core or the android app