500 error trying to authenticate non-existing user

[michielbdejong]

To reproduce:

curl -i \
-d'{"clientID":"JJU3gaYTE1MpJtGaNNBUD5HZFoXzYEG8","clientSecret":""}' \
-H 'x-reva-secret: shared-secret-1' -H 'Content-Type: application/json' \
https://cloud.pondersource.org/index.php/apps/sciencemesh/~JJU3gaYTE1MpJtGaNNBUD5HZFoXzYEG8/api/auth/Authenticate

results in: HTTP/1.1 500 Internal Server Error

[michielbdejong]

To run this against oc1.docker inside a dev-stock environment:

curl -i -d'{"clientID":"JJU3gaYTE1MpJtGaNNBUD5HZFoXzYEG8","clientSecret":""}' -H 'x-reva-secret: shared-secret-1' -H 'Content-Type: application/json' https://oc1.docker/index.php/apps/sciencemesh/~JJU3gaYTE1MpJtGaNNBUD5HZFoXzYEG8/api/auth/Authenticate

To run this against oc2.docker inside a dev-stock environment:

curl -i -d'{"clientID":"JJU3gaYTE1MpJtGaNNBUD5HZFoXzYEG8","clientSecret":""}' -H 'x-reva-secret: shared-secret-2' -H 'Content-Type: application/json' https://oc2.docker/index.php/apps/sciencemesh/~JJU3gaYTE1MpJtGaNNBUD5HZFoXzYEG8/api/auth/Authenticate

Notice that for oc1.docker you need to set x-reva-secret: shared-secret-1 And for oc2.docker you need to set x-reva-secret: shared-secret-2

[parhamin2010]

new error return Backends provided no user object for <specifice user>

[MahdiBaghbani]

Even if you try to authenticate a known user you also get this! It only happens on ownCloud.

ownCloud app branch owncloud-edge, tested with 3 reva setup on dev-stock branch edge

ownCloud logs:

{"reqId":"f79WYg0QmRu8Xsfow9nN","level":3,"time":"2023-06-19T07:07:07+00:00","remoteAddr":"172.21.0.10","user":"--","app":"index","method":"POST","url":"\/index.php\/apps\/sciencemesh\/~marie\/api\/auth\/Authenticate","message":"Exception: {\"Exception\":\"OCP\\\\Files\\\\NotPermittedException\",\"Message\":\"Please set an http request header \\\"X-Reva-Secret: <your_shared_secret>\\\"!\",\"Code\":0,\"Trace\":\"#0 \\\/var\\\/www\\\/html\\\/apps\\\/sciencemesh\\\/lib\\\/Controller\\\/RevaController.php(120): OCA\\\\ScienceMesh\\\\Controller\\\\RevaController->checkRevadAuth()\\n#1 \\\/var\\\/www\\\/html\\\/apps\\\/sciencemesh\\\/lib\\\/Controller\\\/RevaController.php(371): OCA\\\\ScienceMesh\\\\Controller\\\\RevaController->init()\\n#2 \\\/var\\\/www\\\/html\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(169): OCA\\\\ScienceMesh\\\\Controller\\\\RevaController->Authenticate()\\n#3 \\\/var\\\/www\\\/html\\\/lib\\\/private\\\/AppFramework\\\/Http\\\/Dispatcher.php(89): OC\\\\AppFramework\\\\Http\\\\Dispatcher->executeController()\\n#4 \\\/var\\\/www\\\/html\\\/lib\\\/private\\\/AppFramework\\\/App.php(99): OC\\\\AppFramework\\\\Http\\\\Dispatcher->dispatch()\\n#5 \\\/var\\\/www\\\/html\\\/lib\\\/private\\\/AppFramework\\\/Routing\\\/RouteActionHandler.php(47): OC\\\\AppFramework\\\\App::main()\\n#6 \\\/var\\\/www\\\/html\\\/lib\\\/private\\\/Route\\\/Router.php(344): OC\\\\AppFramework\\\\Routing\\\\RouteActionHandler->__invoke()\\n#7 \\\/var\\\/www\\\/html\\\/lib\\\/base.php(913): OC\\\\Route\\\\Router->match()\\n#8 \\\/var\\\/www\\\/html\\\/index.php(54): OC::handleRequest()\\n#9 {main}\",\"File\":\"\\\/var\\\/www\\\/html\\\/apps\\\/sciencemesh\\\/lib\\\/Controller\\\/RevaController.php\",\"Line\":178}"}

reva logs:

2023-06-19 07:07:07.886 INF ../../workspace/dev-stock/reva/pkg/auth/manager/nextcloud/nextcloud.go:175 > Authenticate marie {"clientID":"marie","clientSecret":"oMRKJSVqtwCGmFzsu30d6IuK5AoznE1n"} pid=130 pkg=rgrpc traceid=6c1fcae58e9afee7129a49c132be80fa
2023-06-19 07:07:07.886 INF ../../workspace/dev-stock/reva/pkg/auth/manager/nextcloud/nextcloud.go:126 > am.do https://oc2.docker/index.php/apps/sciencemesh/~marie/api/auth/Authenticate {"clientID":"marie","clientSecret":"oMRKJSVqtwCGmFzsu30d6IuK5AoznE1n"} shared-secret-1 pid=130 pkg=rgrpc traceid=6c1fcae58e9afee7129a49c132be80fa
2023-06-19 07:07:07.933 INF ../../workspace/dev-stock/reva/pkg/auth/manager/nextcloud/nextcloud.go:145 > am.do response 500

[parhamin2010]

@MahdiBaghbani I test this: gitpod /workspace/dev-stock (edge) $ gitpod /workspace/dev-stock/oc-sciencemesh (owncloud-edge) $ gitpod /workspace/dev-stock/nc-sciencemesh (nextcloud-edge) $ ./tests/orro.sh

Have similar result here

Noted: I did a commit there and it should be added to see the proper result.

[michielbdejong]

Fixed in https://github.com/pondersource/nc-sciencemesh/commit/9adb0ca04aaad8e6c906fdea6403d3642e0a75e0 for owncloud-edge and in https://github.com/pondersource/nc-sciencemesh/commit/aab2cc7a0d90b9e22f212935c39e5a9d3f71c890 + https://github.com/pondersource/nc-sciencemesh/commit/f2cdfd8cebe0d92d8e581d6306af8b35efb0054f for nextcloud-edge.

Great idea @parhamin2010 to check whether the folder exists! I made it so that if the folder does not exist it does not call $this->init() but instead returns a 403 Forbidden with response body "User not found"

[michielbdejong]

Hm, but now it's saying einstein doesn't exist! Maybe we should use https://nextcloud-server.netlify.app/classes/ocp-iusermanager#method_userExists instead

[michielbdejong]

Fixed in https://github.com/pondersource/nc-sciencemesh/commit/694817b9f6555513e6b89a113441d4f2524c11fa + https://github.com/pondersource/nc-sciencemesh/commit/807c5eb7d232422f16d47ce3c4f087583f4fe6d3