I recently enabled TOTP and everything worked fine, until I tried to access my files using webdav.
I properly reconfigured my webdav client, using an app password, but it won’t access my files. The client displays : “HTTP Error: Unauthorised”. The server shows a few errors in the logs. You can find both screenshots linked to this message.
I tried to disable TOTP authentication to see if it was really the cause of the problem, and I could now access my files.
I open the menu, then Personal -> App passwords, I create a new app password (which I called “Fedora Online Accounts”), and I use the generated password when authenticating in Online Accounts in the settings panel of gnome.
I’m having the same problem. Can’t get webdav to connect from Thunar / Gigolo when TOTP is enabled even though I’ve generated an app pw. Simply says “Login failed…” in the logs
Is your username correct? I use IMAP for authentication with the domain set in the configuration. Depending on how I log in the username that the app passwords are created as changes
TL;DR: It does work for an existing user on a different client system, however the different client I used was also a different platform (iOS NextCloud app), so it’s always possible that it works on iOS and not on Ubuntu, or that the app password works in a NextCloud app, but not with WebDAV.
Here’s how I tested:
Set up a NextCloud account (running NextCloud snap version 20 on Ubuntu Core on a Raspberry Pi).
Created my user account, not using TOTP.
In GNOME Settings, added my NextCloud account.
In “Files” app, mounted my NextCloud instance. Mounted as expected.
Logged into NextCloud in my browser, installed and turned on TOTP. Confirmed I can log out and back in using one-time password in Firefox (tested on Ubuntu laptop and a few other devices).
In GNOME Settings, removed my NextCloud account (clicked the big red “Remove” button).
In NextCloud > Settings > Security, created an app password.
In GNOME Settings, clicked NextCloud, entered my URL, username, and the app password and clicked “Connect”. Ubuntu accepted the credentials. (Note: I don’t know what happens if I deliberately enter bad credentials).
Navigated to File app, right-click my URL in the sidebar, select “mount”.
Expected result:
My NextCloud files appear in the Files app
Actual result:
Dialog appears stating “Unable to access user@mydomain.com HHTP Error: Unauthorized”
Then, I tested another client:
Downloaded the NextCloud app from the App Store onto my iPad Pro
In NextCloud (in a browser), created an app password for the iPad
Ran the NextCloud app on the iPad, selecting the option to use an app token
Entered my username and app password
Login succeeded as expected.
Notes:
In NextCloud > Settings > Security > Devices & sessions, I revoked the previous sessions from my Ubuntu device - I suspected that maybe either Ubuntu had a session token or NextCloud was expecting a session token from the device; that is, one side or the other wasn’t expecting the app password. This didn’t resolve the issue.
I’m unable to mount a WebDAV drive in GNOME. I haven’t tried accessing contacts or calendars.
I’m able to mount the WebDAV URL if I use davfs from the command line. This would seem to support the theory that GNOME is caching the old password:
# This works
sudo apt install davfs2 # Select Yes when prompted to let users mount drives
mkdir $HOME/nc
echo "https://NEXTCLOUD_DOMAIN/remote.php/dav/files/NEXTCLOUD_USERNAME/ $HOME/nc davfs user 0 0" | sudo tee -a /etc/fstab
usermod -a -G davfs2 $LOGNAME
mount $HOME/nc # Will prompt for nextcloud username and password
#Store secrets so you're not prompted
mkdir ~/.davfs2
echo "$HOME/nc NEXTCLOUD_USERNAME NEXTCLOUD_APP_PASSWORD" >> ~/.davfs2/secrets
chmod 600 ~/.davfs2/secrets