Problem Desktop Client login flow v2

nikgre · April 17, 2020, 11:36pm

[/details]
Im using Nextcloud in Docker with the latest image so: nextcloud:latest
Im using an nginx reverse proxy
The host is a fedora 31 host

The issue you are facing:

I cant login to the Nextcloud Desktop client, specifically the authentication,
every time i try to connect, it opens my browser (as expected), then it asks me to log in,
when i click it i get a button to grant access (didnt ask for me login details), if i click this nothing happens, no matter how long i keep it running.

After a bit i noticed that the link i need to open (http://nextcloud.domain.com/login/v2/flow/BTqyWDLBrb54GrYotU9i6D2o1z2axrm8r9xOWmKUXxR51zEDgtKAaEXvhkj2vK0KLdRcytT4TbbmTHflVZJUNdWL8wcFOsO8IjbSlQJ8K9659ZXbEWu1GcJGPY2a6YlI) redirects to just https://nextcloud.domain.com/login/v2/flow
no clue if this is how its supposed to work but yeah

Is this the first time you’ve seen this error? (Y/N): N

The output of your Nextcloud log in Admin > Logging:

No logs

The output of your config.php file in /path/to/nextcloud (make sure you remove any identifiable information!):

<?php
$CONFIG = array (
  'htaccess.RewriteBase' => '/',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' =>
  array (
    0 =>
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 =>
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'instanceid' => 'ocqfu63zbiua',
  'passwordsalt' => 'redacted',
  'secret' => 'redacted',
  'trusted_domains' =>
  array (
    0 => 'nextcloud.domain.com',
  ),
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'sqlite3',
  'version' => '18.0.3.0',
  'overwrite.cli.url' => 'http://nextcloud.domain.com',
  'installed' => true,
  'twofactor_enforced' => 'false',
  'twofactor_enforced_groups' =>
  array (
  ),
  'twofactor_enforced_excluded_groups' =>
  array (
  ),
  'mail_domain' => 'redacted',
  'mail_from_address' => 'nextcloud',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_smtphost' => 'protonmail-bridge',
  'mail_smtpauth' => 1,
  'mail_smtpname' => 'redacted',
  'mail_smtppassword' => 'redacted',
  'mail_smtpauthtype' => 'LOGIN',
  'ldapIgnoreNamingRules' => false,
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
  'mail_smtpport' => '25',
  'maintenance' => false,
);

The above is the default config.php created by docker

The output of your Apache/nginx/system log in /var/log/____:


192.168.2.175 - - [17/Apr/2020:23:01:38 +0000] "GET /login/v2/flow/Vgv1FjVSMFVANbvZGtjPwYRBRGgvlvjTq3Wf6pWgxRbXdBf3o9pjd6MvB4rSMfJS7RRsu0SfAHkdW18SxEHMB8KC7Zizl5KUVq9PudUJUZJyFaYIn09iOMmhhAAHtwHf HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:75.0) Gecko/20100101 Firefox/75.0" "-",
192.168.2.175 - - [17/Apr/2020:23:01:38 +0000] "GET /login/v2/flow HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:75.0) Gecko/20100101 Firefox/75.0" "-",
192.168.2.175 - - [17/Apr/2020:23:01:38 +0000] "POST /login/v2/poll HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux) mirall/2.6.4git (Nextcloud)" "-",
192.168.2.175 - - [17/Apr/2020:23:01:39 +0000] "POST /login/v2/poll HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux) mirall/2.6.4git (Nextcloud)" "-",
192.168.2.175 - - [17/Apr/2020:23:01:40 +0000] "GET /login/v2/grant?stateToken=DV8Cj1uncfqBfLK8qmEKjg7cfkxNpyzOeh4MySfieaTvx5HbKSq9l0sCBOfDC649 HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:75.0) Gecko/20100101 Firefox/75.0" "-",
192.168.2.175 - - [17/Apr/2020:23:02:09 +0000] "POST /login/v2/poll HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Linux) mirall/2.6.4git (Nextcloud)" "-"

If i missed something pls tell me

ericlin5266 · November 26, 2020, 6:19am

My situation is similar to you. Since I’ve found the solution and pass the login flow, you might need the solution, too. Here it is.

Reference article:

Key point is : add related values to config.php.

  'overwrite.cli.url' => 'https://<your.domain.here>',
  'overwritehost' => '<your.domain.here>',
  'overwriteprotocol' => 'https',

You may find overwirte.cli.url firstly in config.php. Just modify the lines listed above and add them to config.php. Then restart your docker again (docker restart xxx is enough). Everything will go well like a charm. You can now use your client to get correct login token and finish connect process.

Hope it helps. Good Luck!

Rushabh_Patel · December 12, 2020, 5:06am

I had this same error. Thanks.

For me too, this works!

der-heinz · January 6, 2021, 8:01am

This helps also with client 3.1.1
Thanks

KSed · February 23, 2021, 10:09pm

For anyone that may run into this with a similar setup to mine.

I have an nginx proxy server doing SSL termination and servicing all my sites, include nextcloud. Nextcloud is then setup with nginx and php-fpm, so there is two layers of proxying. everything running on docker.

Everything was working fine, except this login flow and for this to work, I had to change the nginx config for nextcloud (not my proxy) in addition to all the above. The change was to uncomment the following line:

fastcgi_param HTTPS on;