Support self hosted open photo instance.

[alcoralcor]

Trovebox android app offer no possibility to login to self hosted open photo. This should be possible according to Trovebox plans.

[jmathai]

We found a bug just before launching so we opted to remove this feature. We'll fix and enable it for the next release.

[httpdispatch]

@alcoralcor was self-hosted auth working properly for you on previous version? We have issue #274 reported for previous version.

[alcoralcor]

[OFF TOPIC] @httpdispatch I didn't had time to get it working before updating to trovebox. The behaviour was a bit different than #274 : android app "successfully" upload the photo. But i had nothing on my server. Nginx error log :

[...] "PHP message: {severity:crit, description:"oauth_problem=signature_invalid&debug_sbs=GET&https:// [...]

So i thought it was frontend #1049 or a bad nginx conf. I'll try to resolve when #306 will be close.

[httpdispatch]

@patricksan @jmathai do you have any self-hosted installation for tests?

[patricksan]

Eugene, any installation is a kind of self-hosted. You can use any site to test credentials.

[httpdispatch]

may i use my testaccount.trovebox.com?

[patricksan]

Yes.

[httpdispatch]

I've tested and it is working fine. Only oauth flow is not very simple. Sign-in button in web page doesn't work. Only the one at the top bar works. But after login via top button i can't create application (having error 500). So i had to close browser and try login again with already logged in user at webpage. After that it was working fine.

[httpdispatch]

@patricksan so what to do with it? Should i unlock this feature or not?

[patricksan]

now, we have to fix the web page before. cc @jmathai

[jmathai]

Fixed and available on *.trovebox.com

[patricksan]

@httpdispatch, could you test if the web page is better to login now, please?

[httpdispatch]

@patricksan @jmathai tested it. There are few problems:

1. Logout doesn't work on standard android browser. I can see logout button i can see popup menu, but when i click nothing happens, only menu disappears. I had to clear cookies to be able to logout from trovebox.com.
2. Now i see correct login form after oauth flow is started. But when i login the oauth application name field is empty, also callback url disappears so when i enter name by hand and press authorise it returns me back to login form and asks to login again.

[patricksan]

ok. Let's wait for @jmathai fix that.

[jmathai]

Let me know if this is resolved.

[patricksan]

@httpdispatch, could you test again? @jmathai changed the page.

[httpdispatch]

@patricksan @jmathai just tested and seems that nothing is changed. I still see missing app name after the login process. And then i enter name by hand it redirects me back to login

[httpdispatch]

also the logout button still doesn't work

[httpdispatch]

Just tried another browser chrome for android - same issue

[patricksan]

@jmathai, did you upload the code? Eugene just tested and nothing changed.

[httpdispatch]

@jmathai I've returned self-hosted login button but web part still need to be fixed

[jmathai]

Have we confirmed this is fixed?

[patricksan]

No. We removed from the app because signature invalid. This was fixed today. What is missing is the web part that it makes really difficult to login via browser on mobile.

[jmathai]

Reopening to confirm that the mobile web interface works okay.

[httpdispatch]

@jmathai it is still not working OK. Logout button doesn't work. If user is not logged in to web version when opening oauth request it asks to login. After login application name and callback details are lost.

[jmathai]

@httpdispatch When you load the browser can you add an additional parameter tokenType=access? I successfully logged in after manually adding that parameter.

/v1/oauth/authorize?oauth_callback=http://jmathai.trovebox.com/manage/apps/callback&name=Self+Generated+App&tokenType=access

[patricksan]

Should also be added to iOS?  — Sent from Mailbox for iPhone

On Thu, Feb 28, 2013 at 8:17 AM, Jaisen Mathai notifications@github.com wrote:

@httpdispatch When you load the browser can you add an additional parameter tokenType=access? I successfully logged in after manually adding that parameter.

/v1/oauth/authorize?oauth_callback=http://jmathai.trovebox.com/manage/apps/callback&name=Self+Generated+App&tokenType=access

---

Reply to this email directly or view it on GitHub: https://github.com/photo/mobile-android/issues/306#issuecomment-14220314

[jmathai]

Odd. I don't know why but it works without on iOS. In my test that fixed for Android.

I have to investigate.

[jmathai]

@httpdispatch Let me test some more...

[httpdispatch]

In the android we have url like this

Preferences.getServer(context) + "/v1/oauth/authorize?mobile=1&name="
                + name
                + "&oauth_callback=" + callback;

Is it different on iOS?

[patricksan]

yes, it is. I don't use mobile=1.

    NSString *path = @"/v1/oauth/authorize?oauth_callback=openphoto://&name=";

[httpdispatch]

so mobile=1 should be removed?

[patricksan]

@jmathai ?

[httpdispatch]

On android 2.1 default browser i even can't login via web. It become a nightmare

[patricksan]

@jmathai, is it possible to have a simpler page for login? we can have a specific url for that, isn't it?

[pad92]

Hello, on Android 4.2.2 logon button open Chrome but without url

[httpdispatch]

@pad92 we heard from other users that they experience oauth login problems via chrome browser such as it doesn't support custom callback urls. Can you please try standard android browser?

[pad92]

Chrome is the default android browser on Nexus 4 :) I bypassed this problem with firefox

[httpdispatch]

@pad92 thank you for repot that FF is working ok

[httpdispatch]

Looks like this issue is already reported for chromium https://code.google.com/p/chromium/issues/detail?id=181186

[pad92]

I dont have any error with Chrome, it's only do nothing.

[httpdispatch]

This is chrome bug, see the link above. It doesn't support callback urls yet

[mstfldmr]

When using Google Chrome on Android 4.2.2, it opens the browser, but does not redirect to the self-hosted OpenPhoto URL. When using Firefox, it opens the browser, redirects to the self-hosted OpenPhoto URL, but it's not possible to login. When using Dolphin Browser, it opens the browser, redirects to the self-hosted OpenPhoto URL, and it's possible to login and create an app.

[httpdispatch]

@mstfldmr thank you for useful stat. I will try to check why it is not working in chrome

[httpdispatch]

@jmathai it is still a problem to login via web if you was not authorised before.

[Notmarrco]

Each time I try I can get to the token creation page, but then I'm redirected to the android app and I get an "authentication error". Tried this with dolphin, firefox and native android browser...

Could it be possible to write the access token to some config file on android ? This way one could create the token separately and then use it to access the instance with the app, until the authentication works flawlessly ? And it could be useful to test if the issue comes from the token or from my self-signed ssl (already had this issue with the web version of openphoto)

[jmathai]

@Notmarrco Can you provide versions of Android/Browser? I'll see if I can reproduce it.

[httpdispatch]

@Notmarrco most of all it is not the browser issue such as it was fixed in previous version. Can you try to check server logs? Maybe oauth is not configured properly.

What is your domain, maybe i can find some errors related to your problem in error logs?

[httpdispatch]

@Notmarrco also please be sure time is configured properly on the server and android device

[Notmarrco]

sorry for the late answer

@jmathai I use Android 4.2.2 and the latest version of Firefox in google play

@httpdispatch : here are the logs : all was called ok : 2013-10-18 10:49:19: (response.c.305) URI-query : __route__=/v1/oauth/authorize&mobile=1&name=Trovebox+Android+App&oauth_callback=trovebox%3A%2F%2Fcallback then the server responds :

2013-10-18 10:49:19: (response.c.128) Response-Header:
HTTP/1.1 302 Found
X-Powered-By: PHP/5.3.27-1~dotdeb.0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: trovebox://callback?oauth_consumer_key=330e14b8c391c32323515226xxxxxx&oauth_consumer_secret=7xxxxxxxx&oauth_token=25d749e2e98361b173a6887fxxxxxx&oauth_token_secret=b7af4xxxxx&oauth_verifier=b2c21xxxxx
Content-type: text/html
Content-Length: 0
Date: Fri, 18 Oct 2013 08:49:19 GMT
Server: lighttpd/1.4.28

2013-10-18 10:49:19: (connections.c.1718) SSL (error): 5 -1 32 Broken pipe

That last line seems guilty but I don't know what to understand from it. The only specificity of my server is that I self-sign my ssl certificate. Perhaps I need a "noverify" option.

My domain is https://openphoto.wohecha.fr.

thanks

ps: no problem with the time, they both have the same time.