Cant login from android client

Nextcloud version _ 19.0.1_:
Operating system and version docker image nextcloud:fpm on ubuntu:
nginx version (1.19.1):
PHP version (PHP 7.4.8 (cli) (built: Jul 22 2020 09:39:30) ( NTS )):

The issue you are facing:

Logging in from browser, no problem. But can’t log in from the android app. It just gets stuck without any errors

Is this the first time you’ve seen this error? Y:

Steps to replicate it:

1. Install the android app (or reinstall)
2. enter the address (https://nextcloud.my-domain-example.com)
3. enter valid credentials (which are working in mobile chrome)
4. Got dialogue “allow this device…”
5. press “allow access”
6. got stuck: loader infinitely rotates

The output of your Nextcloud log in Admin > Logging:

Debug	cron	Finished OC\Command\CommandJob job with ID 2197 in 0 seconds		несколько секунд назад
Debug	cron	Run OC\Command\CommandJob job with ID 2197		несколько секунд назад
Debug	cron	Finished OC\Command\CommandJob job with ID 2196 in 0 seconds		несколько секунд назад
Debug	cron	Run OC\Command\CommandJob job with ID 2196		несколько секунд назад
Debug	core	OC\AppFramework\Middleware\Security\Exceptions\NotLoggedInException: Current user is not logged in		несколько секунд назад
Debug	cron	Finished OC\Command\CommandJob job with ID 2195 in 0 seconds		несколько секунд назад
Debug	cron	Run OC\Command\CommandJob job with ID 2195		несколько секунд назад
Debug	webdav	Sabre\DAV\Exception\NotAuthenticated: No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured

And after the 5 step logs are completely empty.

Also there is db error before 5th step:

db_1   | 2020-07-29 23:02:06.856 UTC [121] ERROR:  duplicate key value violates unique constraint "oc_credentials_pkey"
db_1   | 2020-07-29 23:02:06.856 UTC [121] DETAIL:  Key ("user", identifier)=(--my-login-stripped--, password::logincredentials/credentials) already exists.
db_1   | 2020-07-29 23:02:06.856 UTC [121] STATEMENT:  INSERT INTO "oc_credentials" ("user", "identifier", "credentials") VALUES($1, $2, $3)

The output of your nginx:

app_1  | - -  30/Jul/2020:00:04:33 +0000 "POST /index.php" 303
web_1  | 192.168.88.89 - - [30/Jul/2020:00:04:34 +0000] "POST /login HTTP/1.0" 303 0 "-" "Samsung SM-G970F (Android)" "192.168.88.89"
app_1  | - -  30/Jul/2020:00:04:35 +0000 "GET /index.php" 200
web_1  | 192.168.88.89 - - [30/Jul/2020:00:04:35 +0000] "GET /login/flow/grant?clientIdentifier=&stateToken=D4jjnfFYG9EP4xshtlORrkA9w4oJoyTsutQs8qpaass8fQnshbrXKcjdhstFw8kY HTTP/1.0" 200 6404 "-" "Samsung SM-G970F (Android)" "192.168.88.89"
app_1  | - -  30/Jul/2020:00:04:35 +0000 "GET /index.php" 200
web_1  | 192.168.88.89 - - [30/Jul/2020:00:04:35 +0000] "GET /core/js/oc.js?v=55389038 HTTP/1.0" 200 10349 "-" "Samsung SM-G970F (Android)" "192.168.88.89"
app_1  | - -  30/Jul/2020:00:04:35 +0000 "GET /cron.php" 200
web_1  | 192.168.88.89 - - [30/Jul/2020:00:04:35 +0000] "GET /cron.php HTTP/1.0" 200 20 "-" "Samsung SM-G970F (Android)" "192.168.88.89"
app_1  | - -  30/Jul/2020:00:04:17 +0000 "GET /index.php" 200

and web client makes

web_1  | 172.18.0.1 - - [30/Jul/2020:00:04:35 +0000] "GET /apps/logreader/poll?lastReqId=AY2QV3ASfQJKOmqVGtmG HTTP/1.0" 200 631 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "172.18.0.1"
app_1  | - -  30/Jul/2020:00:04:47 +0000 "GET /ocs/v2.php" 200
web_1  | 172.18.0.1 - - [30/Jul/2020:00:04:47 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.0" 200 3252 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "172.18.0.1"
app_1  | - -  30/Jul/2020:00:04:52 +0000 "GET /ocs/v2.php" 200
web_1  | 172.18.0.1 - - [30/Jul/2020:00:04:52 +0000] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.0" 200 3252 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "172.18.0.1"
app_1  | - -  30/Jul/2020:00:04:35 +0000 "GET /index.php" 200
web_1  | 172.18.0.1 - - [30/Jul/2020:00:04:56 +0000] "GET /apps/logreader/poll?lastReqId=olUPGaiDVwsAvxuj1NG2 HTTP/1.0" 200 2 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36" "172.18.0.1"
app_1  | - -  30/Jul/2020:00:04:56 +0000 "GET /index.php" 200

My android nextcloud worked well some versions ago (for a year or more), but after logout I can’t log in

I really checked and changed server configuration. My problem solved. But still, android client must show friendly errors, it costed me hours

I think it would be great if you would get a bit more detailed about your exact solution. What exactly was the misconfiguration you solved?

hi @tomfun , I also met this issue with using nginx reverse proxy + docker(apache base).
Could you share your solution? which configuration should be modified?
Thanks!

I somehow finally get login success from my Android device…

but not sure which modification did the trick

here’s my configurations:

config/config.php:

'trusted_domains' =>
array (
0 => '127.0.0.1:8080',
1 => 'my.domain',
),
'overwrite.cli.url' => 'https://my.domain',
'overwriteprotocol' => 'https',

/etc/nginx/sites-enabled/my.domain:

server {
    listen 443 ssl;
    server_name my.domain;

    ssl_certificate /ssl/my.domain.fullchain.cer;
    ssl_certificate_key /ssl/my.domain.key;

    location / {
            proxy_pass http://127.0.0.1:8080;
            proxy_set_header Host     my.domain;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Real-IP $remote_addr;
    }
}

I’m not familar with both of nginx and nextcloud. so if any expert can explain which configuration did the trick whould be nice.

@jrdeng, oh man, thank You, Your post saved my day! In my case it stopped working after I added SSL with “nginx-proxy” and “nginx-proxy-acme” (I use Docker image). I have added 'overwriteprotocol' => 'https' (and changed 'overwrite.cli.url', but from my tests it seemed not to really matter) in the “config.php” and it worked!
Thanks again!

Same issue here. Changing overwriteprotocol and overwrite.cli.url solved it for me, but remember to restart your app!

Hi there, I also have troubles to login with Android. I’m new here and I really can’t follow the solutions mentioned above.

I had to enter an url and after trying to find what this meant for two hours, I tried cloud.nextcloud.com and got one step further. But then…I used my password manager to log in, but it would not work. Asking for a new password did not result in an email.

Maybe my question belongs to set up questions, but I’m truely struggling with posting my question…“I may not see the source”, which is why I try it this way, by reacting on this post.

Just this fixed the issue for me (Nextcloud 22, docker, nginx, fpm). Otherwise, the app would occasionally log in to the Web UI in what seems to be a WebView after entering the TOTP.

FWIW, without it, the Android app would complain that “plain http disabled for this host” (from memory) and the Desktop app, that “The polling URL does not start with HTTPS despite the login URL started with HTTPS.”

EDIT: I realised that I had two layers of reverse-proxing at play. Doing HTTPS to HTTP to HTTP. The first layer wasn’t propagating the scheme to the subsequent ones. I suspect (but haven’t tested), that an alternative to the fix in the config above is to simply make sure the reverse proxies set the X-Forwarded-Proto correctly. With NGINX, this is done with

proxy_set_header X-Forwarded-Proto $scheme;

(in addition to the other documented headers).

Are there step-by-step instructions somewhere on how to find, access and edit this file to accomplish this?