Android-SingleSignOn
Android-SingleSignOn copied to clipboard
nextcloud
Option to create new token on `TokenMismatchException`
Using Nextcloud, as well as Deck and Notes for Android, I have an issue where neither of the apps are able to authenticate anymore.
This is my fault, as I have revoked their tokens in the Web UI after a backup restore.
The app helpfully offer to restart them, or to wipe them and obtain a new token. I would generally do the latter, but in this instance I have changes in the app that haven't been synced to the server, so I don't want to wipe their data.
It would be useful to offer the opportunity to reauthenticate and generate a new token when this happens, rather than having to restart/wipe.
Looking at a backup SQL dump, I cannot see the tokens that I thought I had cleared on the server side.
I have recently uninstalled and reinstalled the Nextcloud app on my phone, without touching the Deck and Notes apps. Perhaps the token is missing in the Nextcloud app to let the two others SSO in?
In any case, I think an option to refresh the token without wiping data would still fix the issue.
For clarification - if you use the Single-Sign-On Feature in either the Deck or Notes app, you only have one token that you can see in your nextcloud server - and that is for the Nextcloud files app. The Notes and Deck app only generate a token on locally on your phone for communicating with the nextcloud files app.
That said - after wiping out all tokens on your server you should've been able to reauthenticate the Nextcloud files app. The Deck and Notes app would've kept their tokens for communicating with the Nextcloud files app on your phone (not tested - maybe they'll be reseted as well once your Nextcloud files app login is no longer valid)
The following image from the readme explains the communication a little:
Yep, that's what I realised after not finding the tokens in the DB dumps, and looking at the Readme.
So at this point I have both Deck and Notes holding a token that the wiped and reinstalled Files app doesn't know about.
I just tried to re-add the account (without removing it first) in the apps. Both apps warn that the account was “already added” (Deck) / “already imported” (Notes).
However, it seems both have managed to refresh there token with the Files app, and are able to sync again!
So that solves my issue, perhaps leaving a UX problem where it could either be made that re-adding an existing account might fix the token issue, or even trying to renew it automatically without user intervention.
Olivier Mehani @.***> Sent from my mobile, please excuse my brevity.