Sorry, can’t give you all the information you ask for, because I am not sysadmin, and he is not around right now. If it’s not something stupid I’m doing, that you spot right away, I will fire up a test Nextcloud I am admin for, and report the rest of the information.
Nextcloud version (eg, 12.0.2): 16.0.2
The issue you are facing:
I am trying to use OAuth2 to authorize me, then list all the users. The call to /ocs/v1.php/cloud/users fails with a 303 pointing me at login.
Here is a log of the entire interaction. If you can spot what I’m doing wrong, please tell me. Note that the POST parameters are sent www-url-emcoded, but I print them out in json to make them easier to read.
Sent -> Method: POST, RequestUri: 'https://cloud.myserver.uk/index.php/apps/oauth2/api/v1/token', Version: 2.0, Content: System.Net.Http.FormUrlEncodedContent, Headers:
{
Authorization: Bearer xfpGElgFfSvpUNvRNYBJrKLXxI1aHohNr08pc4YFShCyk4jkwl3Nm7wD58WMvAAPsjLGPcxb
OCS-APIRequest: true
Accept: application/json
Accept: text/html
Accept: */*
User-Agent: NextcloudApi
Content-Type: application/x-www-form-urlencoded
}:{
"grant_type": "refresh_token",
"client_id": "<my client id>",
"redirect_uri": "http://localhost:8080/",
"client_secret": "<my client secret>",
"refresh_token": "nQlJCPeh7yf3j5mBCriqnMMvtSLgunknRrrJGPdpHzzePrlP7G7bNxHuSFq73qTpUePUfuHvTUuh4S9ltAoLvRUwOR35tJYEKWazo0FLpKT1KXy4w1wlyf9fVdyaVkN4"
}
Received -> StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
{
Date: Mon, 05 Aug 2019 18:37:12 GMT
Server: Apache/2.4.25
Server: (Debian)
Strict-Transport-Security: max-age=15552000;includeSubDomains
Set-Cookie: oco7zw7q011j=6c7600ouf2bcnrlgrntg74s5hk; path=/; secure; HttpOnly
Set-Cookie: oc_sessionPassphrase=hVT6fgXRK5ZIh6D8FxgPoJzkSrXNlJ82mZGXn0c8dKt%2FBmLibd4fWV60D5CC5HWCDJnMYpZytUa%2BHhUu77bQHsrafSJEaPVuDij8HJq6HbPYWbVJFFmzkiOES7jmF54X; path=/; secure; HttpOnly
Set-Cookie: __Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
Set-Cookie: __Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
Cache-Control: no-store, must-revalidate, no-cache
Pragma: no-cache
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src https://leaf.myserver.uk;frame-ancestors 'self';worker-src 'self' blob:
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 298
Content-Type: application/json; charset=utf-8
}
Received Data -> {
"access_token": "OkenniQhTxA3pzn6zAkI646Za1yOSh42GZwJ2m3QcryHib36sKRZppCDXjXGTBd0fvWADgt3",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "SqyfrHg81Sp5LMy9cj7cDi0H1YClUKIYd3mLGRh77WesIA7aPSjxITQEFXYcBN0NCNHHJpR3dfnUfMSOBGNx5NVXnDwb2X8tMd9nRstlWhyfkf0dm32x4qKo5Eyq2DBT",
"user_id": "myuser",
}
Sent -> Method: GET, RequestUri: 'https://cloud.myserver.uk/ocs/v1.php/cloud/users', Version: 2.0, Content: <null>, Headers:
{
Authorization: Bearer OkenniQhTxA3pzn6zAkI646Za1yOSh42GZwJ2m3QcryHib36sKRZppCDXjXGTBd0fvWADgt3
OCS-APIRequest: true
Accept: application/json
Accept: text/html
Accept: */*
User-Agent: NextcloudApi
}:
Received -> StatusCode: 303, ReasonPhrase: 'See Other', Version: 1.1, Content: System.Net.Http.HttpConnectionResponseContent, Headers:
{
Date: Mon, 05 Aug 2019 18:37:12 GMT
Server: Apache/2.4.25
Server: (Debian)
Strict-Transport-Security: max-age=15552000;includeSubDomains
Cache-Control: no-store, must-revalidate, no-cache
Pragma: no-cache
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src https://leaf.myserver.uk;frame-ancestors 'self';worker-src 'self' blob:
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Robots-Tag: none
X-Download-Options: noopen
X-Permitted-Cross-Domain-Policies: none
Referrer-Policy: no-referrer
Location: /index.php/login?redirect_url=/ocs/v1.php/cloud/users
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 0
Content-Type: text/html; charset=UTF-8
}
Thanks in advance for any help you can give.