UNAUTHORIZED WOPI HOST using “Share Link” on any files/folders connected via the “External Storage Support” App
Nextcloud version (eg, 10.0.2): 12.0.0
Operating system and version (eg, Ubuntu 16.04): Ubuntu 16.04.02
Apache or nginx version (eg, Apache 2.4.25): 2.4.18
PHP version (eg, 5.6): 7.0.18
Is this the first time you’ve seen this error?: No
Can you reliably replicate it? (If so, please outline steps): Yes
The issue you are facing:
Using the “Share Link” option for any files or folders using the “External Storage Support” app does not work. The “Share Link” option will generate a link, but when any user attempts to access that link from any location, they see the collabora interface starting up but then receive the error/whitebox:
“Unauthorized WOPI host. Please try again later and report to your administrator if the issue persists.”
If I use the “share link” option on a file or folder that is NOT using the external storage app (Ex. the user’s main folder), I am able to access that share link from any location with no issue.
The issue isn’t really related to shares or mounts either. I created a folder /home/test and gave www-data ownership of it. I then used the External Storage Support app to add /home/test as local storage. Everything is fine when logged in as I am able to edit the file and other logged in users see the live editing. But if I try to use the “share link” option, the error I get when trying to access that shared link is like above, “Unauthorized WOPI host…”
I have tried installations of Nextcloud 11.04 and 12.0.0.29. I have tried the collabora install via the quick tutorial on the main collabora page as well as the collabora.sh script via https://github.com/nextcloud/vm/blob/master/apps/collabora.sh
The permissions on the share I am pointing to is “Full Control” for a specific user on a Server 2008 R2 share.
I have tried to mount the share in fstab with:
//myshare-hostname.com/Digital /mnt/digital cifs gid=33,dir_mode=0770,uid=www-data,sec=ntlm,credentials=/home/it/.smbcredentials,iocharset=utf8,file_mode=0770,vers=2.0 0 0
I have tried file_mode 0777 so even “Other” can open and edit everything in the folder.
No matter what I do, sharing a local file/folder in the user folder works perfectly. Sharing a file/folder from a mount either via fstab or completely via External Storage Support app failed with the “Unauthorized WOPI Host”
I have also tried removing the docker image, and trying different hostnames with escaped info such as either two backslashes or one.
docker run -t -d -p 127.0.0.1:9980:9980 -e ‘domain=digitalfile\.mydomain\.com’ --restart always --cap-add MKNOD collabora/code
docker run -t -d -p 127.0.0.1:9980:9980 -e ‘domain=digitalfile.mydomain.com’ --restart always --cap-add MKNOD collabora/code
The output of your Nextcloud log in Admin > Logging:
Error files Backends provided no user object for 2017-05-31T09:49:27-0500
Error files Backends provided no user object for 2017-05-31T09:45:08-0500
Error files Backends provided no user object for 2017-05-31T09:30:55-0500
Error files Backends provided no user object for 2017-05-31T08:58:16-0500
Error files Backends provided no user object for 2017-05-31T08:57:05-0500
Error files Backends provided no user object for 2017-05-31T08:48:36-0500
Error files Backends provided no user object for 2017-05-31T08:48:00-0500
The output of your config.php file in /path/to/nextcloud
(make sure you remove any identifiable information!):
<?php
$CONFIG = array (
'instanceid' => 'ocqoowv5yrwv',
'passwordsalt' => 'oycJMmsh3456j3R+Veu8KVjS',
'secret' => 'kADb5A8fqdqewfFlt2j8//Nq4KWYjDEY2NRITGNJ57rupFI0UYO4hyte',
'trusted_domains' =>
array (
0 => 'digitalfile.mydomain.com',
),
'datadirectory' => '/var/www/nextcloud-data/',
'overwrite.cli.url' => 'http://digitalfile.mydomain.com',
'dbtype' => 'mysql',
'version' => '12.0.0.29',
'dbname' => 'nextcloud',
'dbhost' => 'localhost',
'dbport' => '',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextclouduser',
'dbpassword' => 'my-db-password',
'installed' => true,
The output of my docker logs
wsd-00026-00040 14:44:54.863540 [ docbroker_002 ] ERR Socket #19 SSL BIO error: closed (0).| ./net/SslSocket.hpp:255
wsd-00026-00040 14:44:54.863652 [ docbroker_002 ] ERR Socket #19 SSL BIO error: error:140D00CF:SSL routines:SSL_write:protocol is shutdown (errno: Success)| ./net/SslSocket.hpp:273
wsd-00026-00040 14:44:54.863722 [ docbroker_002 ] WRN ToClient-0004: Exception while closing socket for docKey [digitalfile.my-domain.com:443/index.php/apps/richdocuments/wopi/files/148_ocqoowv5yrwv]: error:140D00CF:SSL routines:SSL_write:protocol is shutdown| wsd/ClientSession.cpp:805
wsd-00026-00027 14:44:54.870671 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_002], started: true, finished: true| ./net/Socket.hpp:507
wsd-00026-00027 14:44:54.870722 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_002], started: true, finished: true| ./net/Socket.hpp:507
wsd-00026-00027 14:44:54.870792 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_002], started: false, finished: true| ./net/Socket.hpp:507
wsd-00026-00027 14:44:54.870839 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_002], started: false, finished: true| ./net/Socket.hpp:507
wsd-00026-00034 14:45:07.758268 [ websrv_poll ] WRN WOPI host did not pass optional access_token_ttl| wsd/FileServer.cpp:317
wsd-00026-00050 14:45:08.026504 [ docbroker_003 ] ERR WOPI::CheckFileInfo failed and no JSON payload returned. Access denied.| wsd/Storage.cpp:496
wsd-00026-00050 14:45:08.026611 [ docbroker_003 ] ERR Error while handling loading : Access denied.| wsd/LOOLWSD.cpp:2113
wsd-00026-00050 14:45:08.027202 [ docbroker_003 ] WRN Attempted ping on non-upgraded websocket!| ./net/WebSocketHandler.hpp:285
wsd-00026-00050 14:45:08.041700 [ docbroker_003 ] WRN Child session [000a] not found to forward message: load url=https://digitalfile.my-domain.com/index.php/apps/richdocuments/wopi/files/141_ocqoowv5yrwv?access_token=NQyZu0yiZTYdOVlNkva21khvR1Ut5Xgb&access_token_ttl=0&permission=edit readonly=0 lang=en| wsd/DocumentBroker.cpp:1272
wsd-00026-00050 14:45:08.042720 [ docbroker_003 ] ERR Socket #15 SSL BIO error: closed (0).| ./net/SslSocket.hpp:255
wsd-00026-00050 14:45:08.042818 [ docbroker_003 ] ERR Socket #15 SSL BIO error: error:140D00CF:SSL routines:SSL_write:protocol is shutdown (errno: Success)| ./net/SslSocket.hpp:273
wsd-00026-00050 14:45:08.042939 [ docbroker_003 ] WRN ToClient-000a: Exception while closing socket for docKey [digitalfile.my-domain.com:443/index.php/apps/richdocuments/wopi/files/141_ocqoowv5yrwv]: error:140D00CF:SSL routines:SSL_write:protocol is shutdown| wsd/ClientSession.cpp:805
wsd-00026-00027 14:45:08.043590 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_003], started: true, finished: true| ./net/Socket.hpp:507
wsd-00026-00027 14:45:08.043669 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_003], started: true, finished: true| ./net/Socket.hpp:507
wsd-00026-00027 14:45:08.043744 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_003], started: false, finished: true| ./net/Socket.hpp:507
wsd-00026-00027 14:45:08.043842 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_003], started: false, finished: true| ./net/Socket.hpp:507
wsd-00026-00034 14:49:27.251957 [ websrv_poll ] WRN WOPI host did not pass optional access_token_ttl| wsd/FileServer.cpp:317
wsd-00026-00054 14:49:27.560354 [ docbroker_004 ] ERR WOPI::CheckFileInfo failed and no JSON payload returned. Access denied.| wsd/Storage.cpp:496
wsd-00026-00054 14:49:27.560465 [ docbroker_004 ] ERR Error while handling loading : Access denied.| wsd/LOOLWSD.cpp:2113
wsd-00026-00054 14:49:27.561156 [ docbroker_004 ] WRN Attempted ping on non-upgraded websocket!| ./net/WebSocketHandler.hpp:285
wsd-00026-00054 14:49:27.584129 [ docbroker_004 ] WRN Child session [000d] not found to forward message: load url=https://my-domain.robbinskersten.com/index.php/apps/richdocuments/wopi/files/141_ocqoowv5yrwv?access_token=8xvjj9MLlpPD2OityIV1rxOIxpJRnlGO&access_token_ttl=0&permission=edit readonly=0 lang=en| wsd/DocumentBroker.cpp:1272
wsd-00026-00054 14:49:27.598355 [ docbroker_004 ] ERR Socket #19 SSL BIO error: closed (0).| ./net/SslSocket.hpp:255
wsd-00026-00054 14:49:27.599102 [ docbroker_004 ] ERR Socket #19 SSL BIO error: error:140D00CF:SSL routines:SSL_write:protocol is shutdown (errno: Success)| ./net/SslSocket.hpp:273
wsd-00026-00054 14:49:27.599619 [ docbroker_004 ] WRN ToClient-000d: Exception while closing socket for docKey [digitalfile.my-domain.com:443/index.php/apps/richdocuments/wopi/files/141_ocqoowv5yrwv]: error:140D00CF:SSL routines:SSL_write:protocol is shutdown| wsd/ClientSession.cpp:805
wsd-00026-00027 14:49:27.600020 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_004], started: true, finished: true| ./net/Socket.hpp:507
wsd-00026-00027 14:49:27.600214 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_004], started: true, finished: true| ./net/Socket.hpp:507
wsd-00026-00027 14:49:27.600320 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_004], started: false, finished: true| ./net/Socket.hpp:507
wsd-00026-00027 14:49:27.600407 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_004], started: false, finished: true| ./net/Socket.hpp:507
wsd-00026-00034 14:53:24.453986 [ websrv_poll ] WRN WOPI host did not pass optional access_token_ttl| wsd/FileServer.cpp:317
wsd-00026-00058 14:53:24.705373 [ docbroker_005 ] ERR WOPI::CheckFileInfo failed and no JSON payload returned. Access denied.| wsd/Storage.cpp:496
wsd-00026-00058 14:53:24.705506 [ docbroker_005 ] ERR Error while handling loading : Access denied.| wsd/LOOLWSD.cpp:2113
wsd-00026-00058 14:53:24.708928 [ docbroker_005 ] ERR #15: Wrote outgoing data -1 bytes. (errno: Broken pipe)| ./net/Socket.hpp:909
wsd-00026-00058 14:53:24.709122 [ docbroker_005 ] WRN Attempted ping on non-upgraded websocket!| ./net/WebSocketHandler.hpp:285
wsd-00026-00058 14:53:24.709688 [ docbroker_005 ] ERR #15: Wrote outgoing data -1 bytes. (errno: Broken pipe)| ./net/Socket.hpp:909
wsd-00026-00058 14:53:24.709830 [ docbroker_005 ] WRN Child session [000f] not found to forward message: load url=https://digitalfile.my-domain.com/index.php/apps/richdocuments/wopi/files/141_ocqoowv5yrwv?access_token=m5cmCGZzXJ3SnpDjmWoAsUAY5WRoWCFz&access_token_ttl=0&permission=edit readonly=0 lang=en| wsd/DocumentBroker.cpp:1272
wsd-00026-00058 14:53:24.723520 [ docbroker_005 ] ERR Socket #19 SSL BIO error: closed (0).| ./net/SslSocket.hpp:255
wsd-00026-00058 14:53:24.723720 [ docbroker_005 ] ERR Socket #19 SSL BIO error: error:140D00CF:SSL routines:SSL_write:protocol is shutdown (errno: Success)| ./net/SslSocket.hpp:273
wsd-00026-00058 14:53:24.723835 [ docbroker_005 ] WRN ToClient-000f: Exception while closing socket for docKey [digitalfile.my-domain.com:443/index.php/apps/richdocuments/wopi/files/141_ocqoowv5yrwv]: error:140D00CF:SSL routines:SSL_write:protocol is shutdown| wsd/ClientSession.cpp:805
wsd-00026-00027 14:53:24.724025 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_005], started: true, finished: true| ./net/Socket.hpp:507
wsd-00026-00027 14:53:24.724270 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_005], started: true, finished: true| ./net/Socket.hpp:507
wsd-00026-00027 14:53:24.724429 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_005], started: false, finished: true| ./net/Socket.hpp:507
wsd-00026-00027 14:53:24.724467 [ prisoner_poll ] WRN Waking up dead poll thread [docbroker_005], started: false, finished: true| ./net/Socket.hpp:507