Nextcloud version (eg, 20.0.5): 26.0.0
Operating system and version (eg, Ubuntu 20.04): Docker on Debian 11
Apache or nginx version (eg, Apache 2.4.25): 1.23.3 (latest nginx)
PHP version (eg, 7.4): 8.1.17
The issue you are facing: I am trying to get the OIDC login working with Authelia.
Once I get redirected back to nextcloud I receive a 500 error.
Is this the first time you’ve seen this error? (Y/N): Y
Steps to replicate it:
- Setup Authelia
- Setup Nextcloud with OIDC
- Try to login and get the error
The output of your Nextcloud log in Admin > Logging:
(for some reason the Logging Module does not seem to load but I can post the logs from docker)
172.28.0.2 - - [28/Mar/2023:20:01:03 +0200] "GET /login?clear=1 HTTP/1.1" 303 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:03 +0200] "GET /login?clear=1 HTTP/1.1" 200 6750 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:04 +0200] "GET /cron.php HTTP/1.1" 200 51 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
172.28.0.2 - - [28/Mar/2023:20:01:04 +0200] "GET /apps/theming/favicon?v=e8ff8c41 HTTP/1.1" 200 6259 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
172.28.0.2 - - [28/Mar/2023:20:01:04 +0200] "GET /apps/theming/manifest?v=e8ff8c41 HTTP/1.1" 200 246 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.185"
172.28.0.2 - - [28/Mar/2023:20:01:05 +0200] "GET /apps/oidc_login/oidc HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:27 +0200] "GET /apps/oidc_login/oidc?code=authelia_ac_lGUV591LeoiUttWAa68vqAKO_UN3gotKwqdFpUmZnRE.k0pDNT0y6fONmhaGSgAKa-srW1f-PMxqMtrHL8edp0Q&scope=openid+profile+email+groups&state=0965e478b9001538d8b9503574847e17 HTTP/1.1" 500 3637 "https://auth.<MY_DOMAIN.com>/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
The output of your config.php file in /path/to/nextcloud
(make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'memcache.local' => '\\OC\\Memcache\\APCu',
'logfile' => '/dev/stdout',
'apps_paths' => array (
0 => array (
'path' => '/var/www/html/apps',
'url' => '/apps',
'writable' => false,
),
1 => array (
'path' => '/var/www/html/custom_apps',
'url' => '/custom_apps',
'writable' => true,
),
),
'instanceid' => 'ocnxx58ab391',
'passwordsalt' => '<SALT>',
'secret' => '<SECRET>',
'trusted_domains' => array (
0 => 'nextcloud.<mydomain.com>',
1 => 'auth.<mydomain.com>'
),
'trusted_proxies' => array (
0 => '172.22.0.0/16',
1 => '172.28.0.0/16',
2 => '192.168.0.0/16',
3 => '172.70.0.0/16'
),
'forwarded_for_headers' => array('HTTP_X_FORWARDED_FOR'),
'datadirectory' => '/var/www/html/data',
'dbtype' => 'mysql',
'version' => '26.0.0.11',
'overwrite.cli.url' => 'https://nextcloud.<mydomain.com>',
'overwriteprotocol' => 'https',
'dbname' => 'nextcloud',
'dbhost' => 'db',
'dbport' => '',
'dbtableprefix' => 'oc_',
'mysql.utf8mb4' => true,
'dbuser' => 'nextcloud',
'dbpassword' => '<MYDBPASSWORD>',
'installed' => true,
// Some Nextcloud options that might make sense here
'allow_user_to_change_display_name' => false,
'lost_password_link' => 'disabled',
// URL of provider. All other URLs are auto-discovered from .well-known
'oidc_login_provider_url' => 'https://auth.<mydomain.com>',
// Client ID and secret registered with the provider
'oidc_login_client_id' => 'nextcloud.<mydomain.com>',
'oidc_login_client_secret' => '<MY_OIDC_SECRET>',
// Automatically redirect the login page to the provider
'oidc_login_auto_redirect' => false,
// Redirect to this page after logging out the user
//'oidc_login_logout_url' => 'https://auth.<mydomain.com>/logout',
// If set to true the user will be redirected to the
// logout endpoint of the OIDC provider after logout
// in Nextcloud. After successfull logout the OIDC
// provider will redirect back to 'oidc_login_logout_url' (MUST be set).
'oidc_login_end_session_redirect' => false,
// Quota to assign if no quota is specified in the OIDC response (bytes)
//
// NOTE: If you want to allow NextCloud to manage quotas, omit this option. Do not set it to
// zero or -1 or ''.
//'oidc_login_default_quota' => '1000000000',
// Login button text
'oidc_login_button_text' => 'Log in with Authelia',
// Hide the NextCloud password change form.
'oidc_login_hide_password_form' => false,
// Use ID Token instead of UserInfo
'oidc_login_use_id_token' => true,
// Attribute map for OIDC response. Available keys are:
// * id: Unique identifier for username
// * name: Full name
// If set to null, existing display name won't be overwritten
// * mail: Email address
// If set to null, existing email address won't be overwritten
// * quota: Nextcloud storage quota
// * home: Home directory location. A symlink or external storage to this location is used
// * ldap_uid: LDAP uid to search for when running in proxy mode
// * groups: Array or space separated string of NC groups for the user
// * login_filter: Array or space separated string. If 'oidc_login_filter_allowed_values' is
// set, it is checked against these values.
// * photoURL: The URL of the user avatar. The nextcloud server will download the picture
// at user login. This may lead to security issues. Use with care.
// This will only be effective if oidc_login_update_avatar is enabled.
// * is_admin: If this value is truthy, the user is added to the admin group (optional)
//
// The attributes in the OIDC response are flattened by adding the nested
// array key as the prefix and an underscore. Thus,
//
// $profile = [
// 'id' => 1234,
// 'attributes' => [
// 'uid' => 'myuid',
// 'abc' => 'xyz'
// ],
// 'list' => ['one', 'two']
// ];
//
// would become,
//
// $profile = [
// 'id' => 1234,
// 'attributes' => [
// 'uid' => 'myuid',
// 'abc' => 'xyz'
// ],
// 'attributes_uid' => 'myuid',
// 'attributes_abc' => 'xyz',
// 'list' => ['one', 'two'],
// 'list_0' => 'one',
// 'list_1' => 'two',
// 'list_one' => 'one',
// 'list_two' => 'two',
// ]
//
// https://openid.net/specs/openid-connect-core-1_0.html#StandardClaims
//
// note: on Keycloak, OIDC name claim = "${given_name} ${family_name}" or one of them if any is missing
//
'oidc_login_attributes' => array (
'id' => 'preferred_username',
'name' => 'name',
'mail' => 'email',
//'quota' => 'ownCloudQuota',
//'home' => 'homeDirectory',
//'ldap_uid' => 'uid',
'groups' => 'groups',
//'login_filter' => 'realm_access_roles',
//'photoURL' => 'picture',
//'is_admin' => 'ownCloudAdmin',
),
// Default group to add users to (optional, defaults to nothing)
'oidc_login_default_group' => 'oidc',
// DEPRECATED: This option will be removed in a future release. Use
// 'login_filter' and 'oidc_login_filter_allowed_values' instead.
//
// Allow only users in configured group(s) to access Nextcloud. In case the user
// is not assigned to this group (read from oidc_login_attributes) the login
// will not be allowed for this user.
//
// Must be specified as an array of groups that are allowed to access Nextcloud.
// e.g. 'oidc_login_allowed_groups' => array('group1', 'group2')
//'oidc_login_allowed_groups' => 'oidc',
// Allow only users in configured value(s) to access Nextcloud. In case the user
// is not assigned to this value (read from oidc_login_attributes) the login
// will not be allowed for this user.
//
// Must be specified as an array of values (e.g. roles) that are allowed to
// access Nextcloud. e.g. 'oidc_login_filter_allowed_values' => array('role1', 'role2')
//'oidc_login_filter_allowed_values' => null,
// Use external storage instead of a symlink to the home directory
// Requires the files_external app to be enabled
'oidc_login_use_external_storage' => false,
// Set OpenID Connect scope
'oidc_login_scope' => 'openid profile email groups',
// Run in LDAP proxy mode
// In this mode, instead of creating users of its own, OIDC login
// will get the existing user from an LDAP database and only
// perform authentication with OIDC. All user data will be derived
// from the LDAP database instead of the OIDC user response
//
// The `id` attribute in `oidc_login_attributes` must return the
// "Internal Username" (see expert settings in LDAP integration)
'oidc_login_proxy_ldap' => false,
// Disable creation of users new to Nextcloud from OIDC login.
// A user may be known to the IdP but not (yet) known to Nextcloud.
// This setting controls what to do in this case.
// - 'true' (default): if the user authenticates to the IdP but is not known to Nextcloud,
// then they will be returned to the login screen and not allowed entry;
// - 'false': if the user authenticates but is not yet known to Nextcloud,
// then the user will be automatically created; note that with this setting,
// you will be allowing (or relying on) a third-party (the IdP) to create new users
'oidc_login_disable_registration' => true,
// Fallback to direct login if login from OIDC fails
// Note that no error message will be displayed if enabled
'oidc_login_redir_fallback' => true,
// Use an alternative login page
// This page will be php-included instead of a redirect if specified
// In the example below, the PHP file `login.php` in `assets`
// in nextcloud base directory will be included
// Note: the PHP variable $OIDC_LOGIN_URL is available for redirect URI
// Note: you may want to try setting `oidc_login_logout_url` to your
// base URL if you face issues regarding re-login after logout
'oidc_login_alt_login_page' => 'assets/login.php',
// For development, you may disable TLS verification. Default value is `true`
// which should be kept in production
'oidc_login_tls_verify' => true,
// If you get your groups from the oidc_login_attributes, you might want
// to create them if they are not already existing, Default is `false`.
'oidc_create_groups' => false,
// Enable use of WebDAV via OIDC bearer token.
'oidc_login_webdav_enabled' => false,
// Enable authentication with user/password for DAV clients that do not
// support token authentication (e.g. DAVx⁵)
'oidc_login_password_authentication' => false,
// The time in seconds used to cache public keys from provider.
// The default value is 1 day.
'oidc_login_public_key_caching_time' => 86400,
// The minimum time in seconds to wait between requests to the jwks_uri endpoint.
// Avoids that the provider will be DoSed when someone requests with unknown kids.
// The default is 10 seconds.
'oidc_login_min_time_between_jwks_requests' => 10,
// The time in seconds used to cache the OIDC well-known configuration from the provider.
// The default value is 1 day.
'oidc_login_well_known_caching_time' => 86400,
// If true, nextcloud will download user avatars on login.
// This may lead to security issues as the server does not control
// which URLs will be requested. Use with care.
'oidc_login_update_avatar' => false,
// If true, the default Nextcloud proxy won't be used to make internals OIDC call.
// The default is false.
//'oidc_login_skip_proxy' => false,
// Code challenge method for PKCE flow.
// Possible values are:
// - 'S256'
// - 'plain'
// The default value is empty, which won't apply the PKCE flow.
//'oidc_login_code_challenge_method' => '',
);
The output of your Apache/nginx/system log in /var/log/____
:
172.28.0.2 - - [28/Mar/2023:19:58:04 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 277 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.18"
172.28.0.2 - - [28/Mar/2023:19:58:04 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 280 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:04 +0200] "GET /ocs/v2.php/apps/serverinfo/api/v1//basicdata?format=json HTTP/1.1" 200 169 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:05 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 279 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:05 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 280 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.18"
172.28.0.2 - - [28/Mar/2023:19:58:05 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 280 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:05 +0200] "GET /ocs/v2.php/apps/serverinfo/api/v1//basicdata?format=json HTTP/1.1" 200 169 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:06 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 280 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:06 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 279 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.18"
172.28.0.2 - - [28/Mar/2023:19:58:07 +0200] "GET /ocs/v2.php/apps/serverinfo/api/v1//basicdata?format=json HTTP/1.1" 200 169 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:07 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 280 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:07 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 280 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:07 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 280 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.18"
172.28.0.2 - - [28/Mar/2023:19:58:08 +0200] "GET /ocs/v2.php/apps/serverinfo/api/v1//basicdata?format=json HTTP/1.1" 200 169 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:08 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 279 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:08 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 276 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:09 +0200] "GET /ocs/v2.php/apps/serverinfo/api/v1//basicdata?format=json HTTP/1.1" 200 169 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:09 +0200] "GET /apps/serverinfo/update HTTP/1.1" 200 277 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.18"
172.28.0.2 - - [28/Mar/2023:19:58:09 +0200] "GET /settings/admin/logging HTTP/1.1" 200 11494 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:10 +0200] "GET /ocs/v2.php/search/providers?from=%2Fsettings%2Fadmin%2Flogging HTTP/1.1" 200 226 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:10 +0200] "GET /apps/logreader/settings HTTP/1.1" 200 107 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:10 +0200] "GET /ocs/v2.php/apps/user_status/api/v1/statuses/Pascal3366 HTTP/1.1" 200 127 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.18"
172.28.0.2 - - [28/Mar/2023:19:58:10 +0200] "PUT /ocs/v2.php/apps/user_status/api/v1/heartbeat?format=json HTTP/1.1" 200 154 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:10 +0200] "GET /cron.php HTTP/1.1" 200 51 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:10 +0200] "GET /apps/logreader/get?offset=0&count=50&levels=11111 HTTP/1.1" 500 3638 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.19"
172.28.0.2 - - [28/Mar/2023:19:58:10 +0200] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 200 611 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.18"
172.28.0.2 - - [28/Mar/2023:19:58:40 +0200] "GET /settings/user/sync-clients HTTP/1.1" 200 12281 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:58:40 +0200] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 200 611 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:58:41 +0200] "GET /core/img/googleplay.png HTTP/1.1" 200 17919 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.250.121"
172.28.0.2 - - [28/Mar/2023:19:58:41 +0200] "GET /ocs/v2.php/search/providers?from=%2Fsettings%2Fuser%2Fsync-clients HTTP/1.1" 200 226 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:58:42 +0200] "PUT /ocs/v2.php/apps/user_status/api/v1/heartbeat?format=json HTTP/1.1" 200 154 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:58:42 +0200] "GET /ocs/v2.php/apps/user_status/api/v1/statuses/Pascal3366 HTTP/1.1" 200 127 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:58:42 +0200] "GET /cron.php HTTP/1.1" 200 51 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.21"
172.28.0.2 - - [28/Mar/2023:19:58:42 +0200] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 200 611 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:58:53 +0200] "GET /settings/admin/logging HTTP/1.1" 200 11487 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:58:54 +0200] "GET /ocs/v2.php/search/providers?from=%2Fsettings%2Fadmin%2Flogging HTTP/1.1" 200 226 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.21"
172.28.0.2 - - [28/Mar/2023:19:58:54 +0200] "GET /apps/logreader/settings HTTP/1.1" 200 107 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:58:54 +0200] "PUT /ocs/v2.php/apps/user_status/api/v1/heartbeat?format=json HTTP/1.1" 200 154 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.21"
172.28.0.2 - - [28/Mar/2023:19:58:54 +0200] "GET /ocs/v2.php/apps/user_status/api/v1/statuses/Pascal3366 HTTP/1.1" 200 127 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:58:54 +0200] "GET /cron.php HTTP/1.1" 200 51 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:58:54 +0200] "GET /apps/logreader/get?offset=0&count=50&levels=11111 HTTP/1.1" 500 3637 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.21"
172.28.0.2 - - [28/Mar/2023:19:58:54 +0200] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 200 611 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /settings/admin/logging HTTP/1.1" 200 11462 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /apps/theming/theme/default.css?plain=1&v=e8ff8c41 HTTP/1.1" 200 1023 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.164"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /apps/theming/theme/light.css?plain=0&v=e8ff8c41 HTTP/1.1" 200 1043 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.146"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /apps/theming/theme/light-highcontrast.css?plain=0&v=e8ff8c41 HTTP/1.1" 200 1108 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.250.246"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /apps/theming/theme/dark-highcontrast.css?plain=0&v=e8ff8c41 HTTP/1.1" 200 1134 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.250.241"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /apps/theming/theme/dark.css?plain=1&v=e8ff8c41 HTTP/1.1" 200 1019 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.25"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /apps/theming/theme/dark.css?plain=0&v=e8ff8c41 HTTP/1.1" 200 1039 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.113"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /apps/theming/theme/opendyslexic.css?plain=0&v=e8ff8c41 HTTP/1.1" 200 343 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.250.86"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /apps/theming/theme/dark-highcontrast.css?plain=1&v=e8ff8c41 HTTP/1.1" 200 1111 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.250.86"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /apps/theming/img/background/kamil-porembinski-clouds.jpg HTTP/1.1" 200 190294 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.75"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /apps/theming/theme/light.css?plain=1&v=e8ff8c41 HTTP/1.1" 200 1023 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.182"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /js/core/merged-template-prepend.js?v=5428278e-0 HTTP/1.1" 200 3098 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.250.131"
172.28.0.2 - - [28/Mar/2023:19:59:06 +0200] "GET /apps/theming/theme/light-highcontrast.css?plain=1&v=e8ff8c41 HTTP/1.1" 200 1086 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.109"
172.28.0.2 - - [28/Mar/2023:19:59:07 +0200] "GET /apps/logreader/settings HTTP/1.1" 200 107 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:59:07 +0200] "GET /ocs/v2.php/search/providers?from=%2Fsettings%2Fadmin%2Flogging HTTP/1.1" 200 226 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:59:07 +0200] "GET /ocs/v2.php/apps/user_status/api/v1/statuses/Pascal3366 HTTP/1.1" 200 127 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.21"
172.28.0.2 - - [28/Mar/2023:19:59:07 +0200] "PUT /ocs/v2.php/apps/user_status/api/v1/heartbeat?format=json HTTP/1.1" 200 154 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:59:07 +0200] "GET /avatar/Pascal3366/64/dark?v=0 HTTP/1.1" 200 695 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:59:07 +0200] "GET /apps/logreader/get?offset=0&count=50&levels=11111 HTTP/1.1" 500 3637 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.21"
172.28.0.2 - - [28/Mar/2023:19:59:07 +0200] "GET /cron.php HTTP/1.1" 200 51 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:59:07 +0200] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 200 611 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:59:07 +0200] "GET /apps/theming/favicon/settings?v=e8ff8c41 HTTP/1.1" 200 6259 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.251.22"
172.28.0.2 - - [28/Mar/2023:19:59:38 +0200] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 200 611 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.242.140"
172.28.0.2 - Pascal3366 [28/Mar/2023:20:00:03 +0200] "PROPFIND /remote.php/dav/principals/users/Pascal3366/ HTTP/1.1" 401 427 "-" "vdirsyncer/0.18.0" "172.70.242.4"
172.28.0.2 - Pascal3366 [28/Mar/2023:20:00:04 +0200] "PROPFIND /remote.php/dav/principals/users/Pascal3366/ HTTP/1.1" 401 427 "-" "vdirsyncer/0.18.0" "172.70.242.4"
172.28.0.2 - Pascal3366 [28/Mar/2023:20:00:04 +0200] "PROPFIND /.well-known/caldav HTTP/1.1" 301 162 "-" "vdirsyncer/0.18.0" "172.70.242.4"
172.28.0.2 - - [28/Mar/2023:20:00:04 +0200] "PROPFIND /remote.php/dav/ HTTP/1.1" 401 569 "-" "vdirsyncer/0.18.0" "172.70.242.4"
172.28.0.2 - Pascal3366 [28/Mar/2023:20:00:05 +0200] "PROPFIND /remote.php/dav/principals/users/Pascal3366/ HTTP/1.1" 401 427 "-" "vdirsyncer/0.18.0" "172.70.250.121"
172.28.0.2 - Pascal3366 [28/Mar/2023:20:00:07 +0200] "PROPFIND /remote.php/dav/principals/users/Pascal3366/ HTTP/1.1" 401 427 "-" "vdirsyncer/0.18.0" "172.70.250.121"
172.28.0.2 - Pascal3366 [28/Mar/2023:20:00:07 +0200] "PROPFIND /.well-known/caldav HTTP/1.1" 301 162 "-" "vdirsyncer/0.18.0" "172.70.250.121"
172.28.0.2 - - [28/Mar/2023:20:00:07 +0200] "PROPFIND /remote.php/dav/ HTTP/1.1" 401 569 "-" "vdirsyncer/0.18.0" "172.70.250.121"
172.28.0.2 - - [28/Mar/2023:20:00:08 +0200] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 200 611 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.125"
172.28.0.2 - - [28/Mar/2023:20:00:38 +0200] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 200 611 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:00:57 +0200] "GET / HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:00:57 +0200] "GET /apps/dashboard/ HTTP/1.1" 200 11502 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:00:58 +0200] "GET /ocs/v2.php/search/providers?from=%2Fapps%2Fdashboard%2F HTTP/1.1" 200 231 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:00 +0200] "GET /apps/recommendations/api/recommendations/always HTTP/1.1" 200 342 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:00 +0200] "GET /ocs/v2.php/apps/user_status/api/v1/statuses/Pascal3366 HTTP/1.1" 200 127 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:00 +0200] "PUT /ocs/v2.php/apps/user_status/api/v1/heartbeat?format=json HTTP/1.1" 200 154 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
172.28.0.2 - - [28/Mar/2023:20:01:00 +0200] "GET /ocs/v2.php/apps/weather_status/api/v1/location HTTP/1.1" 200 102 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:00 +0200] "PUT /ocs/v2.php/apps/user_status/api/v1/heartbeat?format=json HTTP/1.1" 200 154 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
172.28.0.2 - - [28/Mar/2023:20:01:00 +0200] "GET /cron.php HTTP/1.1" 200 51 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
172.28.0.2 - - [28/Mar/2023:20:01:00 +0200] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 200 611 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:01 +0200] "GET /ocs/v2.php/apps/weather_status/api/v1/favorites HTTP/1.1" 200 81 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
172.28.0.2 - - [28/Mar/2023:20:01:01 +0200] "PROPFIND /remote.php/dav/ HTTP/1.1" 207 247 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:01 +0200] "PROPFIND /remote.php/dav/principals/users/Pascal3366/ HTTP/1.1" 207 728 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:01 +0200] "PROPFIND /remote.php/dav/calendars/Pascal3366/ HTTP/1.1" 207 1233 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
172.28.0.2 - - [28/Mar/2023:20:01:01 +0200] "REPORT /remote.php/dav/calendars/Pascal3366/personal/ HTTP/1.1" 207 250 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
172.28.0.2 - - [28/Mar/2023:20:01:01 +0200] "REPORT /remote.php/dav/calendars/Pascal3366/personal/ HTTP/1.1" 207 250 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:03 +0200] "GET /logout?requesttoken=00L6Ck7ihgU3S4M2EZoNdjTGr6A3JkWVhggPQLMgMdQ%3D%3AkSC7MybV1TZ9BLEFZcxpQ3aQ9ZNtfy3G4nFhF8BSdpc%3D HTTP/1.1" 303 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
172.28.0.2 - - [28/Mar/2023:20:01:03 +0200] "GET /login?clear=1 HTTP/1.1" 303 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:03 +0200] "GET /login?clear=1 HTTP/1.1" 200 6750 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:04 +0200] "GET /cron.php HTTP/1.1" 200 51 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
172.28.0.2 - - [28/Mar/2023:20:01:04 +0200] "GET /apps/theming/favicon?v=e8ff8c41 HTTP/1.1" 200 6259 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
172.28.0.2 - - [28/Mar/2023:20:01:04 +0200] "GET /apps/theming/manifest?v=e8ff8c41 HTTP/1.1" 200 246 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.110.185"
172.28.0.2 - - [28/Mar/2023:20:01:05 +0200] "GET /apps/oidc_login/oidc HTTP/1.1" 302 5 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.84"
172.28.0.2 - - [28/Mar/2023:20:01:27 +0200] "GET /apps/oidc_login/oidc?code=authelia_ac_lGUV591LeoiUttWAa68vqAKO_UN3gotKwqdFpUmZnRE.k0pDNT0y6fONmhaGSgAKa-srW1f-PMxqMtrHL8edp0Q&scope=openid+profile+email+groups&state=0965e478b9001538d8b9503574847e17 HTTP/1.1" 500 3637 "https://auth.<mydomain.com>/" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "172.70.243.83"
172.28.0.2 - - [28/Mar/2023:20:03:20 +0200] "GET /apps/oidc_login/index.php/csrftoken HTTP/1.1" 404 1696 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36" "162.158.94.138"
Output errors in nextcloud.log in /var/www/ or as admin user in top right menu, filtering for errors. Use a pastebin service if necessary.
{"reqId":"4WqM5dEmrKG8jtTV7Ac3","level":3,"time":"2023-03-28T07:28:02+00:00","remoteAddr":"172.28.0.2","user":"--","app":"index","method":"GET","url":"/apps/oidc_login/oidc?code=authelia_ac_vt2BOdachnJlLx4dU9mlhT-zbQlAsQgv2SqrWkA07F0.mpXZHpDJRMwyGhTcGm5iHysKErvPeCbnBRTOL18zGBI&scope=openid+profile+email+groups&state=fb54614e2fb03335a6429c95709a39d2","message":"array_intersect(): Argument #1 ($array) must be of type array, string given in file '/var/www/html/custom_apps/oidc_login/lib/Service/LoginService.php' line 126","userAgent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36","version":"26.0.0.11","exception":{"Exception":"Exception","Message":"array_intersect(): Argument #1 ($array) must be of type array, string given in file '/var/www/html/custom_apps/oidc_login/lib/Service/LoginService.php' line 126","Code":0,"Trace":[{"file":"/var/www/html/lib/private/AppFramework/App.php","line":183,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[["OCA\\OIDCLogin\\Controller\\LoginController"],"oidc"]},{"file":"/var/www/html/lib/private/Route/Router.php","line":315,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\OIDCLogin\\Controller\\LoginController","oidc",["OC\\AppFramework\\DependencyInjection\\DIContainer"],["oidc_login.login.oidc"]]},{"file":"/var/www/html/lib/base.php","line":1055,"function":"match","class":"OC\\Route\\Router","type":"->","args":["/apps/oidc_login/oidc"]},{"file":"/var/www/html/index.php","line":36,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","Line":169,"Previous":{"Exception":"TypeError","Message":"array_intersect(): Argument #1 ($array) must be of type array, string given","Code":0,"Trace":[{"file":"/var/www/html/custom_apps/oidc_login/lib/Service/LoginService.php","line":126,"function":"array_intersect","args":["oidc",["oidc"]]},{"file":"/var/www/html/custom_apps/oidc_login/lib/Controller/LoginController.php","line":147,"function":"login","class":"OCA\\OIDCLogin\\Service\\LoginService","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/custom_apps/oidc_login/lib/Controller/LoginController.php","line":123,"function":"login","class":"OCA\\OIDCLogin\\Controller\\LoginController","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/custom_apps/oidc_login/lib/Controller/LoginController.php","line":102,"function":"authSuccess","class":"OCA\\OIDCLogin\\Controller\\LoginController","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","line":230,"function":"oidc","class":"OCA\\OIDCLogin\\Controller\\LoginController","type":"->","args":[]},{"file":"/var/www/html/lib/private/AppFramework/Http/Dispatcher.php","line":137,"function":"executeController","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[["OCA\\OIDCLogin\\Controller\\LoginController"],"oidc"]},{"file":"/var/www/html/lib/private/AppFramework/App.php","line":183,"function":"dispatch","class":"OC\\AppFramework\\Http\\Dispatcher","type":"->","args":[["OCA\\OIDCLogin\\Controller\\LoginController"],"oidc"]},{"file":"/var/www/html/lib/private/Route/Router.php","line":315,"function":"main","class":"OC\\AppFramework\\App","type":"::","args":["OCA\\OIDCLogin\\Controller\\LoginController","oidc",["OC\\AppFramework\\DependencyInjection\\DIContainer"],["oidc_login.login.oidc"]]},{"file":"/var/www/html/lib/base.php","line":1055,"function":"match","class":"OC\\Route\\Router","type":"->","args":["/apps/oidc_login/oidc"]},{"file":"/var/www/html/index.php","line":36,"function":"handleRequest","class":"OC","type":"::","args":[]}],"File":"/var/www/html/custom_apps/oidc_login/lib/Service/LoginService.php","Line":126},"CustomMessage":"--"}}
Here is the nginx.conf:
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
# Prevent nginx HTTP Server Detection
server_tokens off;
keepalive_timeout 65;
#gzip on;
upstream php-handler {
server app:9000;
}
server {
listen 80;
# HSTS settings
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
# set max upload size
client_max_body_size 512M;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
# Pagespeed is not supported by Nextcloud, so if your server is built
# with the `ngx_pagespeed` module, uncomment this line to disable it.
#pagespeed off;
# HTTP response headers borrowed from Nextcloud `.htaccess`
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Path to the root of your installation
root /var/www/html;
# Specify how to handle directories -- specifying `/index.php$request_uri`
# here as the fallback means that Nginx always exhibits the desired behaviour
# when a client requests a path that corresponds to a directory that exists
# on the server. In particular, if that directory contains an index.php file,
# that file is correctly served; if it doesn't, then the request is passed to
# the front-end controller. This consistent behaviour means that we don't need
# to specify custom rules for certain paths (e.g. images and other assets,
# `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
# `try_files $uri $uri/ /index.php$request_uri`
# always provides the desired behaviour.
index index.php index.html /index.php$request_uri;
# Rule borrowed from `.htaccess` to handle Microsoft DAV clients
location = / {
if ( $http_user_agent ~ ^DavClnt ) {
return 302 /remote.php/webdav/$is_args$args;
}
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# Make a regex exception for `/.well-known` so that clients can still
# access it despite the existence of the regex rule
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
# for `/.well-known`.
location ^~ /.well-known {
# The rules in this block are an adaptation of the rules
# in `.htaccess` that concern `/.well-known`.
location = /.well-known/carddav { return 301 /remote.php/dav/; }
location = /.well-known/caldav { return 301 /remote.php/dav/; }
location /.well-known/acme-challenge { try_files $uri $uri/ =404; }
location /.well-known/pki-validation { try_files $uri $uri/ =404; }
# Let Nextcloud's API for `/.well-known` URIs handle all other
# requests by passing them to the front-end controller.
return 301 /index.php$request_uri;
}
# Rules borrowed from `.htaccess` to hide certain paths from clients
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
# Ensure this block, which passes PHP files to the PHP process, is above the blocks
# which handle static assets (as seen below). If this block is not declared first,
# then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
# to the URI, resulting in a HTTP 500 error response.
location ~ \.php(?:$|/) {
# Required for legacy support
rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri;
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
#fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice
fastcgi_param front_controller_active true; # Enable pretty urls
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ \.(?:css|js|svg|gif)$ {
try_files $uri /index.php$request_uri;
expires 6M; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
location ~ \.woff2?$ {
try_files $uri /index.php$request_uri;
expires 7d; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets
}
# Rule borrowed from `.htaccess`
location /remote {
return 301 /remote.php$request_uri;
}
location / {
try_files $uri $uri/ /index.php$request_uri;
}
}
}