Nextcloud version: 22.1.1
Operating system and version: Debian 10 buster
Apache or nginx version : nginx 1.14.2
PHP version : 7.3
The issue you are facing:
I get a « unable to upgrade token » error when connecting NC Oauth2 API with moodle.
Is this the first time you’ve seen this error? : Yes.
Steps to replicate it:
- Use moodle 3.11.2 and Nextcloud 21.X (everything is fine)
- Migrate to NC 22.
- Attempt an Oauth2 login on Moodle.
The Oauth2 service from NC works well with other clients (e.g. Hedgedoc).
The Moodle Oauth2 mechanism works well with other clients (e.g. google).
The output of your Nextcloud log in Admin > Logging:
[core] Warning: Login failed: '[redacted]' (Remote IP: '[redacted]')
POST /index.php/apps/oauth2/api/v1/token
from [redacted] at 2021-09-25T23:20:53+00:00
The output of your config.php file in /path/to/nextcloud
(make sure you remove any identifiable information!):
$CONFIG = array (
'instanceid' => '[redacted]',
'passwordsalt' => '[redacted]',
'secret' => '[redacted]',
'trusted_domains' =>
array (
0 => 'example.com',
),
'datadirectory' => '/var/www/nextcloud/data',
'dbtype' => 'mysql',
'version' => '22.1.1.2',
'overwrite.cli.url' => 'https://example.com',
'dbname' => '[redacted]',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => '[redacted]',
'dbpassword' => '[redacted]',
'installed' => true,
'mail_from_address' => 'simple',
'mail_smtpmode' => 'smtp',
'mail_sendmailmode' => 'smtp',
'mail_domain' => 'example.com',
'mail_smtpauthtype' => 'LOGIN',
'mail_smtpauth' => 1,
'mail_smtphost' => '[redacted]',
'mail_smtpport' => '[redacted]',
'mail_smtpname' => '[redacted]',
'mail_smtppassword' => '[redacted]',
'app.mail.transport' => 'php-mail',
'maintenance' => false,
'theme' => '',
'loglevel' => 2,
'app_install_overwrite' =>
array (
0 => 'calendar',
1 => 'groupfolders',
2 => 'breezedark',
),
'mail_smtpsecure' => 'ssl',
'default_phone_region' => 'CA',
'memcache.local' => '\\OC\\Memcache\\APCu',
);
The output of your Apache/nginx/system log in /var/log/____
:
[redacted ip] - - [25/Sep/2021:20:11:35 -0400] "POST /login/flow HTTP/2.0" 303 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:92.0) Gecko/20100101 Firefox/92.0"
[redacted ip] - [redacted secret] [25/Sep/2021:20:11:35 -0400] "POST /index.php/apps/oauth2/api/v1/token HTTP/2.0" 401 14 "-" "MoodleBot/3.11 (+https://moodle.example.com)"
One thing that I had to redact, that seems odd, is that the client id is said to be wrong, although it is accurately written.
Endpoints are also accurately written (as of the latest documentation availlable).
Any clues on what to do?
Best,
Pier-André