Could not resolve defaultTokenProvider!

abevers · September 28, 2018, 3:22pm

Getting “defaultTokenProvider” errors when using occ, and cannot log into the web interface at all. What am I missing?

Nextcloud version: 14.0.0.19
Operating system and version: OpenBSD-current
Web server: httpd-current
PHP version: 7.0.32

Logging into the web interface with admin account yields:

Internal Server Error
The server was unable to complete your request.

If this happens again, please send the technical details below to the server administrator.

More details can be found in the server log.

Technical details
Remote Address: 1.2.3.4
Request ID: j9JHa4FCDt2EKRon98qF

…and nextcloud.log shows:

{"reqId":"j9JHa4FCDt2EKRon98qF","level":3,"time":"2018-09-28T14:39:40+00:00","remoteAddr":"1.2.3.4","user":"admin","app":"PHP","method":"POST","url":"\/index.php\/login?redirect_url=\/index.php\/apps\/files\/","message":"openssl_pkey_export(): cannot get key from parameter 1 at \/nextcloud\/lib\/private\/Authentication\/Token\/PublicKeyTokenProvider.php#297","userAgent":"Mozilla\/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/69.0.3497.100 Safari\/537.36","version":"14.0.0.19"}
{"reqId":"j9JHa4FCDt2EKRon98qF","level":3,"time":"2018-09-28T14:39:40+00:00","remoteAddr":"1.2.3.4","user":"admin","app":"index","method":"POST","url":"\/index.php\/login?redirect_url=\/index.php\/apps\/files\/","message":{"Exception":"TypeError","Message":"openssl_pkey_get_details() expects parameter 1 to be resource, boolean given","Code":0,"Trace":[{"file":"\/nextcloud\/lib\/private\/Authentication\/Token\/PublicKeyTokenProvider.php","line":300,"function":"openssl_pkey_get_details","args":[false]},{"file":"\/nextcloud\/lib\/private\/Authentication\/Token\/PublicKeyTokenProvider.php","line":69,"function":"newToken","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameter replaced ***","*** sensitive parameter replaced ***","*** sensitive parameter replaced ***","*** sensitive parameter replaced ***","*** sensitive parameter replaced ***","*** sensitive parameter replaced ***","*** sensitive parameter replaced ***"]},{"file":"\/nextcloud\/lib\/private\/Authentication\/Token\/Manager.php","line":68,"function":"generateToken","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"\/nextcloud\/lib\/private\/User\/Session.php","line":631,"function":"generateToken","class":"OC\\Authentication\\Token\\Manager","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"\/nextcloud\/core\/Controller\/LoginController.php","line":322,"function":"createSessionToken","class":"OC\\User\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":166,"function":"tryLogin","class":"OC\\Core\\Controller\\LoginController","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"\/nextcloud\/lib\/private\/AppFramework\/Http\/Dispatcher.php","line":99,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OC\\Core\\Controller\\LoginController"},"tryLogin"]},{"file":"\/nextcloud\/lib\/private\/AppFramework\/App.php","line":118,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[{"__class__":"OC\\Core\\Controller\\LoginController"},"tryLogin"]},{"file":"\/nextcloud\/lib\/private\/AppFramework\/Routing\/RouteActionHandler.php","line":47,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OC\\Core\\Controller\\LoginController","tryLogin",{"__class__":"OC\\AppFramework\\DependencyInjection\\DIContainer"},{"_route":"core.login.tryLogin"}]},{"function":"__invoke","class":"OC\\AppFramework\\Routing\\RouteActionHandler","type":"->","args":[{"_route":"core.login.tryLogin"}]},{"file":"\/nextcloud\/lib\/private\/Route\/Router.php","line":297,"function":"call_user_func","args":[{"__class__":"OC\\AppFramework\\Routing\\RouteActionHandler"},{"_route":"core.login.tryLogin"}]},{"file":"\/nextcloud\/lib\/base.php","line":989,"function":"match","class":"OC\\Route\\Router","type":"->","args":["\/login"]},{"file":"\/nextcloud\/index.php","line":42,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"\/nextcloud\/lib\/private\/Authentication\/Token\/PublicKeyTokenProvider.php","Line":300,"CustomMessage":"--"},"userAgent":"Mozilla\/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/69.0.3497.100 Safari\/537.36","version":"14.0.0.19"}
{"reqId":"j9JHa4FCDt2EKRon98qF","level":0,"time":"2018-09-28T14:39:40+00:00","remoteAddr":"1.2.3.4","user":"admin","app":"core","method":"POST","url":"\/index.php\/login?redirect_url=\/index.php\/apps\/files\/","message":"Scss is disabled for \/nextcloud\/core\/css\/jquery-ui-fixes.scss, ignoring","userAgent":"Mozilla\/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/69.0.3497.100 Safari\/537.36","version":"14.0.0.19"}
{"reqId":"j9JHa4FCDt2EKRon98qF","level":0,"time":"2018-09-28T14:39:40+00:00","remoteAddr":"1.2.3.4","user":"admin","app":"core","method":"POST","url":"\/index.php\/login?redirect_url=\/index.php\/apps\/files\/","message":"Scss is disabled for \/nextcloud\/core\/css\/server.scss, ignoring","userAgent":"Mozilla\/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/69.0.3497.100 Safari\/537.36","version":"14.0.0.19"}
{"reqId":"j9JHa4FCDt2EKRon98qF","level":0,"time":"2018-09-28T14:39:40+00:00","remoteAddr":"1.2.3.4","user":"admin","app":"core","method":"POST","url":"\/index.php\/login?redirect_url=\/index.php\/apps\/files\/","message":"Scss is disabled for \/nextcloud\/core\/css\/css-variables.scss, ignoring","userAgent":"Mozilla\/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/69.0.3497.100 Safari\/537.36","version":"14.0.0.19"}
{"reqId":"j9JHa4FCDt2EKRon98qF","level":0,"time":"2018-09-28T14:39:40+00:00","remoteAddr":"1.2.3.4","user":"admin","app":"core","method":"POST","url":"\/index.php\/login?redirect_url=\/index.php\/apps\/files\/","message":"Scss is disabled for \/nextcloud\/apps\/firstrunwizard\/css\/firstrunwizard.scss, ignoring","userAgent":"Mozilla\/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/69.0.3497.100 Safari\/537.36","version":"14.0.0.19"}
{"reqId":"j9JHa4FCDt2EKRon98qF","level":0,"time":"2018-09-28T14:39:40+00:00","remoteAddr":"1.2.3.4","user":"admin","app":"core","method":"POST","url":"\/index.php\/login?redirect_url=\/index.php\/apps\/files\/","message":"Scss is disabled for \/nextcloud\/core\/css\/jquery.ocdialog.scss, ignoring","userAgent":"Mozilla\/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/69.0.3497.100 Safari\/537.36","version":"14.0.0.19"}
{"reqId":"j9JHa4FCDt2EKRon98qF","level":0,"time":"2018-09-28T14:39:40+00:00","remoteAddr":"1.2.3.4","user":"admin","app":"core","method":"POST","url":"\/index.php\/login?redirect_url=\/index.php\/apps\/files\/","message":"Scss is disabled for \/nextcloud\/core\/search\/css\/results.scss, ignoring","userAgent":"Mozilla\/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/69.0.3497.100 Safari\/537.36","version":"14.0.0.19"}
{"reqId":"j9JHa4FCDt2EKRon98qF","level":0,"time":"2018-09-28T14:39:40+00:00","remoteAddr":"1.2.3.4","user":"admin","app":"core","method":"POST","url":"\/index.php\/login?redirect_url=\/index.php\/apps\/files\/","message":"Scss is disabled for \/nextcloud\/core\/css\/styles.scss, ignoring","userAgent":"Mozilla\/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/69.0.3497.100 Safari\/537.36","version":"14.0.0.19"}
{"reqId":"j9JHa4FCDt2EKRon98qF","level":0,"time":"2018-09-28T14:39:40+00:00","remoteAddr":"1.2.3.4","user":"admin","app":"core","method":"POST","url":"\/index.php\/login?redirect_url=\/index.php\/apps\/files\/","message":"Scss is disabled for \/nextcloud\/core\/css\/header.scss, ignoring","userAgent":"Mozilla\/5.0 (X11; OpenBSD amd64; Linux x86_64) AppleWebKit\/537.36 (KHTML, like Gecko) Chrome\/69.0.3497.100 Safari\/537.36","version":"14.0.0.19"}

config.php:

<?php
$CONFIG = array (
  'instanceid' => 'abcdefghijkl',
  'passwordsalt' => 'nacl',
  'secret' => 'my+spirit+animal+is+a+unicorn',
  'trusted_domains' =>
  array (
    0 => 'nc.example.com',
  ),
  'datadirectory' => '/nextcloud/data',
  'overwrite.cli.url' => 'https://nc.example.com',
  'dbtype' => 'pgsql',
  'version' => '14.0.0.19',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => 'nextcloud',
  'dbpassword' => 'password',
  'installed' => true,
  'filelocking.enabled' => true,
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'memcache.local' => '\\OC\\Memcache\\Redis',
  'redis' =>
  array (
    'host' => 'localhost',
    'port' => 6379,
    'password' => 'abcdefghijklmnopqrstuvwxyz0123456789',
    'timeout' => 0.0,
  ),
  'maintenance' => false,
  'loglevel' => 0,
  'theme' => '',
  'updater.secret' => 'abcdefghijklmnopqrstuvwxyz0123456789',
);

/var/www/logs/access.log:

nc.example.com 1.2.3.4 - - [28/Sep/2018:10:39:40 -0400] "POST /index.php/login?redirect_url=/index.php/apps/files/ HTTP/1.1" 500 0

Running doas -u www /usr/local/bin/php /var/www/nextcloud/occ upgrade yields:

An unhandled exception has been thrown:
OCP\AppFramework\QueryException: Could not resolve defaultTokenProvider! Class defaultTokenProvider does not exist in /storage/www/nextcloud/lib/private/AppFramework/Utility/Sim
Stack trace:
#0 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(125): OC\AppFramework\Utility\SimpleContainer->resolve('defaultTokenPro...')
#1 /storage/www/nextcloud/lib/private/ServerContainer.php(132): OC\AppFramework\Utility\SimpleContainer->query('defaultTokenPro...')
#2 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(81): OC\ServerContainer->query('defaultTokenPro...')
#3 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(104): OC\AppFramework\Utility\SimpleContainer->buildClass(Object(ReflectionClass))
#4 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(125): OC\AppFramework\Utility\SimpleContainer->resolve('OC\\Authenticati...')
#5 /storage/www/nextcloud/lib/private/ServerContainer.php(132): OC\AppFramework\Utility\SimpleContainer->query('OC\\Authenticati...')
#6 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(171): OC\ServerContainer->query('OC\\Authenticati...')
#7 /storage/www/nextcloud/3rdparty/pimple/pimple/src/Pimple/Container.php(114): OC\AppFramework\Utility\SimpleContainer->OC\AppFramework\Utility\{closure}(Object(OC\Server))
#8 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(123): Pimple\Container->offsetGet('OC\\Authenticati...')
#9 /storage/www/nextcloud/lib/private/ServerContainer.php(132): OC\AppFramework\Utility\SimpleContainer->query('OC\\Authenticati...')
#10 /storage/www/nextcloud/lib/private/Server.php(364): OC\ServerContainer->query('OC\\Authenticati...')
#11 /storage/www/nextcloud/3rdparty/pimple/pimple/src/Pimple/Container.php(118): OC\Server->OC\{closure}(Object(OC\Server))
#12 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(123): Pimple\Container->offsetGet('OCP\\IUserSessio...')
#13 /storage/www/nextcloud/lib/private/ServerContainer.php(132): OC\AppFramework\Utility\SimpleContainer->query('OCP\\IUserSessio...')
#14 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(171): OC\ServerContainer->query('OCP\\IUserSessio...')
#15 /storage/www/nextcloud/3rdparty/pimple/pimple/src/Pimple/Container.php(114): OC\AppFramework\Utility\SimpleContainer->OC\AppFramework\Utility\{closure}(Object(OC\Server))
#16 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(123): Pimple\Container->offsetGet('UserSession')
#12 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(123): Pimple\Container->offsetGet('OCP\\IUserSessio...')
#13 /storage/www/nextcloud/lib/private/ServerContainer.php(132): OC\AppFramework\Utility\SimpleContainer->query('OCP\\IUserSessio...')
#14 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(171): OC\ServerContainer->query('OCP\\IUserSessio...')
#15 /storage/www/nextcloud/3rdparty/pimple/pimple/src/Pimple/Container.php(114): OC\AppFramework\Utility\SimpleContainer->OC\AppFramework\Utility\{closure}(Object(OC\Server))
#16 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(123): Pimple\Container->offsetGet('UserSession')
#17 /storage/www/nextcloud/lib/private/ServerContainer.php(132): OC\AppFramework\Utility\SimpleContainer->query('UserSession')
#18 /storage/www/nextcloud/lib/private/Server.php(1408): OC\ServerContainer->query('UserSession')
#19 /storage/www/nextcloud/lib/private/Server.php(683): OC\Server->getUserSession()
#20 /storage/www/nextcloud/3rdparty/pimple/pimple/src/Pimple/Container.php(118): OC\Server->OC\{closure}(Object(OC\Server))
#21 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(123): Pimple\Container->offsetGet('OC\\App\\AppManag...')
#22 /storage/www/nextcloud/lib/private/ServerContainer.php(132): OC\AppFramework\Utility\SimpleContainer->query('OC\\App\\AppManag...')
#23 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(171): OC\ServerContainer->query('OC\\App\\AppManag...')
#24 /storage/www/nextcloud/3rdparty/pimple/pimple/src/Pimple/Container.php(114): OC\AppFramework\Utility\SimpleContainer->OC\AppFramework\Utility\{closure}(Object(OC\Server))
#25 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(123): Pimple\Container->offsetGet('AppManager')
#26 /storage/www/nextcloud/lib/private/ServerContainer.php(132): OC\AppFramework\Utility\SimpleContainer->query('AppManager')
#27 /storage/www/nextcloud/lib/private/Server.php(1703): OC\ServerContainer->query('AppManager')
#28 /storage/www/nextcloud/lib/private/legacy/app.php(342): OC\Server->getAppManager()
#29 /storage/www/nextcloud/lib/private/legacy/app.php(113): OC_App::getEnabledApps()
#30 /storage/www/nextcloud/lib/base.php(654): OC_App::loadApps(Array)
#31 /storage/www/nextcloud/lib/base.php(1070): OC::init()
#32 /storage/www/nextcloud/console.php(46): require_once('/storage/www/ne...')
#33 /storage/www/nextcloud/occ(11): require_once('/storage/www/ne...')
#34 {main}PHP Fatal error:  Uncaught OCP\AppFramework\QueryException: Could not resolve defaultTokenProvider! Class defaultTokenProvider does not exist in /storage/www/nextcloud
Stack trace:
#0 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(125): OC\AppFramework\Utility\SimpleContainer->resolve('defaultTokenPro...')
#1 /storage/www/nextcloud/lib/private/ServerContainer.php(132): OC\AppFramework\Utility\SimpleContainer->query('defaultTokenPro...')
#2 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(81): OC\ServerContainer->query('defaultTokenPro...')
#3 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(104): OC\AppFramework\Utility\SimpleContainer->buildClass(Object(ReflectionClass))
#4 /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php(125): OC\AppFramework\Utility\SimpleContainer->resolve('OC\\Authenticati...')
#5 /storage/www/nextcloud/lib/private/ServerContainer.php(132):  in /storage/www/nextcloud/lib/private/AppFramework/Utility/SimpleContainer.php on line 110

PHP is definitely seeing all the modules:

# /usr/local/bin/php -m

[PHP Modules]
bcmath
bz2
calendar
Core
ctype
curl
date
dom
exif
fileinfo
filter
ftp
gd
gettext
hash
iconv
intl
json
libxml
mbstring
mcrypt
mysqlnd
openssl
pcntl
pcre
PDO
pdo_pgsql
pgsql
Phar
posix
readline
redis
Reflection
session
SimpleXML
sockets
SPL
standard
sysvmsg
sysvsem
sysvshm
tokenizer
wddx
xml
xmlreader
xmlrpc
xmlwriter
Zend OPcache
zip
zlib

[Zend Modules]
Zend OPcache

MichaIng · September 30, 2018, 1:02am

Please check status and accessibility of postgres. Based on an open GitHub ticket and other topic, the defaultTokenProvider error shows up when for some reason Nextcloud cannot access the database:

abevers · October 9, 2018, 4:52pm

I’ve confirmed that the postgres service is indeed running. As a test, I dropped the nextcloud db entirely and reran the setup from the Nextcloud web interface. This was successful and it re-created the nextcloud database from scratch, so the postgres account and php modules are working correctly.

abevers · October 16, 2018, 2:56pm

This “defaultTokenProvider does not exist” error turned out to be a web server issue. OpenBSD’s httpd is chroot’d to /var/www by default, so /etc/ssl/openssl.cnf was not accessible by the web server user (www in this case). Simply copying the file to /var/www/etc/ssl fixed the issue.

Had also been having a database issue on another thread, which was caused by a sneaky issue with OpenBSD’s php-pdo_pgsql package. At some point I had set root’s umask to 027. Then, during an update, some of the files in this package that are created on-the-fly took on these restricted permissions, and the www user could no longer access a small set of the php pgsql module files. (I forget which files off hand…) Update these permissions, removed that umask, and all is well with the world again.