nextcloud
State token missing (Login Flow V2)
Steps to reproduce
- Use latest AIO
- Login with latest iOS app
- Error "State token missing"
Expected behavior
Expected behaviour is that this error doesn't happen and can use the iOS app without issue.
On Android app and web there is no issue and login works as expected...
Actual behavior
Login to iOS app. Error "State token missing". Logging into web browser on iOS directly works fine but error " State token missing" occurs when clicking "Open" button (for opening App)
Other information
Host OS
Debian 12
Output of `sudo docker info`
Client:
Context: default
Debug Mode: false
Server:
Containers: 10
Running: 10
Paused: 0
Stopped: 0
Images: 11
Server Version: 20.10.24+dfsg1
Storage Driver: overlay2
Backing Filesystem: extfs
Supports d_type: true
Native Overlay Diff: true
userxattr: false
Logging Driver: json-file
Cgroup Driver: systemd
Cgroup Version: 2
Plugins:
Volume: local
Network: bridge host ipvlan macvlan null overlay
Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
Swarm: inactive
Runtimes: io.containerd.runtime.v1.linux runc io.containerd.runc.v2
Default Runtime: runc
Init Binary: docker-init
containerd version: 1.6.20~ds1-1+deb12u1
runc version: 1.1.5+ds1-1+deb12u1
init version:
Security Options:
apparmor
seccomp
Profile: default
cgroupns
Kernel Version: 6.1.0-31-amd64
Operating System: Debian GNU/Linux 12 (bookworm)
OSType: linux
Architecture: x86_64
CPUs: 2
Total Memory: 3.73GiB
Name: nextcloud
ID: 7KN2:O276:KTCI:3KRU:NHDT:PA2I:VLJO:JF5L:YMKD:WNBN:2P7Q:H7ZF
Docker Root Dir: /var/lib/docker
Debug Mode: false
Registry: https://index.docker.io/v1/
Labels:
Experimental: false
Insecure Registries:
127.0.0.0/8
Live Restore Enabled: false
Docker run command or docker-compose file that you used
services:
nextcloud-aio-mastercontainer:
image: ghcr.io/nextcloud-releases/all-in-one:latest
init: true
restart: always
container_name: nextcloud-aio-mastercontainer # This line is not allowed to be changed as otherwise AIO will not work correctly
volumes:
- nextcloud_aio_mastercontainer:/mnt/docker-aio-config # This line is not allowed to be changed as otherwise the built-in backup solution will not work
- /var/run/docker.sock:/var/run/docker.sock:ro # May be changed on macOS, Windows or docker rootless. See the applicable documentation. If adjusting, don't forget to also set 'WATCHTOWER_DOCKER_SOCKET_PATH'!
network_mode: bridge # add to the same network as docker run would do
ports:
- 80:80 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
- 8080:8080
- 8443:8443 # Can be removed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
# environment: # Is needed when using any of the options below
# AIO_DISABLE_BACKUP_SECTION: false # Setting this to true allows to hide the backup section in the AIO interface. See https://github.com/nextcloud/all-in-one#how-to-disable-the-backup-section
# AIO_COMMUNITY_CONTAINERS: # With this variable, you can add community containers very easily. See https://github.com/nextcloud/all-in-one/tree/main/community-containers#community-containers
# APACHE_PORT: 11000 # Is needed when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else). See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
# APACHE_IP_BINDING: 127.0.0.1 # Should be set when running behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) that is running on the same host. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
# APACHE_ADDITIONAL_NETWORK: frontend_net # (Optional) Connect the apache container to an additional docker network. Needed when behind a web server or reverse proxy (like Apache, Nginx, Caddy, Cloudflare Tunnel and else) running in a different docker network on same server. See https://github.com/nextcloud/all-in-one/blob/main/reverse-proxy.md
# BORG_RETENTION_POLICY: --keep-within=7d --keep-weekly=4 --keep-monthly=6 # Allows to adjust borgs retention policy. See https://github.com/nextcloud/all-in-one#how-to-adjust-borgs-retention-policy
# COLLABORA_SECCOMP_DISABLED: false # Setting this to true allows to disable Collabora's Seccomp feature. See https://github.com/nextcloud/all-in-one#how-to-disable-collaboras-seccomp-feature
# FULLTEXTSEARCH_JAVA_OPTIONS: "-Xms1024M -Xmx1024M" # Allows to adjust the fulltextsearch java options. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-fulltextsearch-java-options
# NEXTCLOUD_DATADIR: /mnt/ncdata # Allows to set the host directory for Nextcloud's datadir. ⚠️⚠️⚠️ Warning: do not set or adjust this value after the initial Nextcloud installation is done! See https://github.com/nextcloud/all-in-one#how-to-change-the-default-location-of-nextclouds-datadir
# NEXTCLOUD_MOUNT: /mnt/ # Allows the Nextcloud container to access the chosen directory on the host. See https://github.com/nextcloud/all-in-one#how-to-allow-the-nextcloud-container-to-access-directories-on-the-host
# NEXTCLOUD_UPLOAD_LIMIT: 16G # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-upload-limit-for-nextcloud
# NEXTCLOUD_MAX_TIME: 3600 # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-max-execution-time-for-nextcloud
# NEXTCLOUD_MEMORY_LIMIT: 512M # Can be adjusted if you need more. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-php-memory-limit-for-nextcloud
# NEXTCLOUD_TRUSTED_CACERTS_DIR: /path/to/my/cacerts # CA certificates in this directory will be trusted by the OS of the nextcloud container (Useful e.g. for LDAPS) See https://github.com/nextcloud/all-in-one#how-to-trust-user-defined-certification-authorities-ca
# NEXTCLOUD_STARTUP_APPS: deck twofactor_totp tasks calendar contacts notes # Allows to modify the Nextcloud apps that are installed on starting AIO the first time. See https://github.com/nextcloud/all-in-one#how-to-change-the-nextcloud-apps-that-are-installed-on-the-first-startup
# NEXTCLOUD_ADDITIONAL_APKS: imagemagick # This allows to add additional packages to the Nextcloud container permanently. Default is imagemagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-os-packages-permanently-to-the-nextcloud-container
# NEXTCLOUD_ADDITIONAL_PHP_EXTENSIONS: imagick # This allows to add additional php extensions to the Nextcloud container permanently. Default is imagick but can be overwritten by modifying this value. See https://github.com/nextcloud/all-in-one#how-to-add-php-extensions-permanently-to-the-nextcloud-container
# NEXTCLOUD_ENABLE_DRI_DEVICE: true # This allows to enable the /dev/dri device for containers that profit from it. ⚠️⚠️⚠️ Warning: this only works if the '/dev/dri' device is present on the host! If it should not exist on your host, don't set this to true as otherwise the Nextcloud container will fail to start! See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud
# NEXTCLOUD_ENABLE_NVIDIA_GPU: true # This allows to enable the NVIDIA runtime and GPU access for containers that profit from it. ⚠️⚠️⚠️ Warning: this only works if an NVIDIA gpu is installed on the server. See https://github.com/nextcloud/all-in-one#how-to-enable-hardware-acceleration-for-nextcloud.
# NEXTCLOUD_KEEP_DISABLED_APPS: false # Setting this to true will keep Nextcloud apps that are disabled in the AIO interface and not uninstall them if they should be installed. See https://github.com/nextcloud/all-in-one#how-to-keep-disabled-apps
# SKIP_DOMAIN_VALIDATION: false # This should only be set to true if things are correctly configured. See https://github.com/nextcloud/all-in-one?tab=readme-ov-file#how-to-skip-the-domain-validation
# TALK_PORT: 3478 # This allows to adjust the port that the talk container is using which is exposed on the host. See https://github.com/nextcloud/all-in-one#how-to-adjust-the-talk-port
# WATCHTOWER_DOCKER_SOCKET_PATH: /var/run/docker.sock # Needs to be specified if the docker socket on the host is not located in the default '/var/run/docker.sock'. Otherwise mastercontainer updates will fail. For macos it needs to be '/var/run/docker.sock'
# security_opt: ["label:disable"] # Is needed when using SELinux
# # Optional: Caddy reverse proxy. See https://github.com/nextcloud/all-in-one/discussions/575
# # Alternatively, use Tailscale if you don't have a domain yet. See https://github.com/nextcloud/all-in-one/discussions/5439
# # Hint: You need to uncomment APACHE_PORT: 11000 above, adjust cloud.example.com to your domain and uncomment the necessary docker volumes at the bottom of this file in order to make it work
# # You can find further examples here: https://github.com/nextcloud/all-in-one/discussions/588
# caddy:
# image: caddy:alpine
# restart: always
# container_name: caddy
# volumes:
# - caddy_certs:/certs
# - caddy_config:/config
# - caddy_data:/data
# - caddy_sites:/srv
# network_mode: "host"
# configs:
# - source: Caddyfile
# target: /etc/caddy/Caddyfile
# configs:
# Caddyfile:
# content: |
# # Adjust cloud.example.com to your domain below
# https://cloud.example.com:443 {
# reverse_proxy localhost:11000
# }
volumes: # If you want to store the data on a different drive, see https://github.com/nextcloud/all-in-one#how-to-store-the-filesinstallation-on-a-separate-drive
nextcloud_aio_mastercontainer:
name: nextcloud_aio_mastercontainer # This line is not allowed to be changed as otherwise the built-in backup solution will not work
# caddy_certs:
# caddy_config:
# caddy_data:
# caddy_sites:
Other valuable info
@marinofaggiana Was there a fix included in 6.6.0?
I ask because I do not have an iPhone myself so will have to persuade someone who does to test.
Thanks.
Edit: Will test with iOS Simulator on M2 Mac
@marinofaggiana
Doesn't look good. I can't retest at the moment as the iOS Simulator cannot connect to my Nextcloud instance now despite being able to access any other site, and my instance being available from any other device...
Steps followed:
- Built latest from trunk
- Logged in
- The embedded browser saying "You can now close this window" only led to not being signed into the app. The only way to close the window is to either kill Nextcloud app or press back arrow and both led to not being signed in.
After trying two or three times I got the alert with "Invalid response" and then could not access my instance anymore as mentioned.
Here are the logs for the invalid response:
[Request]: GET https://<redacted>/status.php
[Headers]: None
[Body]: None
[Response]: None
[Network Duration]: 0.17560505867004395s
[Serialization Duration]: 2.0708335796371102e-05s
[Result]: failure(Alamofire.AFError.sessionTaskFailed(error: Error Domain=NSURLErrorDomain Code=-1017 "cannot parse response" UserInfo={_kCFStreamErrorCodeKey=-1, NSUnderlyingError=0x600000d454d0 {Error Domain=kCFErrorDomainCFNetwork Code=-1017 "(null)" UserInfo={NSErrorPeerAddressKey=<CFData 0x600002189040 [0x1e6ebb4f0]>{length = 16, capacity = 16, bytes = 0x100201bb310cf2800000000000000000}, _kCFStreamErrorCodeKey=-1, _kCFStreamErrorDomainKey=4}}, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <06FE3186-6FEE-4201-B546-7423AE65C613>.<1>, _NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <06FE3186-6FEE-4201-B546-7423AE65C613>.<1>"
), NSLocalizedDescription=cannot parse response, NSErrorFailingURLStringKey=https://<redacted>/status.php, NSErrorFailingURLKey=https://<redacted>/status.php, _kCFStreamErrorDomainKey=4}))
2025-04-05 23:18:35 Network response request: https://<redacted>/status.php, result: failure(Alamofire.AFError.sessionTaskFailed(error: Error Domain=NSURLErrorDomain Code=-1017 "cannot parse response" UserInfo={_kCFStreamErrorCodeKey=-1, NSUnderlyingError=0x600000d454d0 {Error Domain=kCFErrorDomainCFNetwork Code=-1017 "(null)" UserInfo={NSErrorPeerAddressKey=<CFData 0x600002189040 [0x1e6ebb4f0]>{length = 16, capacity = 16, bytes = 0x100201bb310cf2800000000000000000}, _kCFStreamErrorCodeKey=-1, _kCFStreamErrorDomainKey=4}}, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <06FE3186-6FEE-4201-B546-7423AE65C613>.<1>, _NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <06FE3186-6FEE-4201-B546-7423AE65C613>.<1>"
), NSLocalizedDescription=cannot parse response, NSErrorFailingURLStringKey=https://<nextcloud>/status.php, NSErrorFailingURLKey=https://<nextcloud>/status.php, _kCFStreamErrorDomainKey=4}))
@marinofaggiana Someone else with same issue 👉🏼 https://help.nextcloud.com/t/access-forbidden-state-token-missing-ios-app/220806/14
Looking at the docs, the app should poll the auth endpoint for an appPassword payload until logged in and it is created on the server. However, when reaching the “Account connected” page after logging in, the 404 auth poll persists. At that point I am assuming it should return the json payload with appPassword as the docs mention but get nothing. Pressing back button goes back to asking for hostname.
Am thinking it could be server-side issue so am investigating why this is 404ing. But the request could also be incorrect.
I've checked for the poll_token in oc_login_flow_v2 and it's not there. Either the server is not creating the token or the app is not initialising the flow properly.
So. To recap:
-
I’ve checked the poll_token in oc_login_flow_v2 DB table on server and it doesn’t exist. So either server is not creating it when it should or iOS app is not initialising the flow correctly.
-
If I manually create an app token it is apparently not a valid password in the iOS app.
Not sure if it's iOS app or server yet so there is this issue and one on AIO issue tracker that was closed but have asked to be reopened. Issue for server / AIO distribution
I think it is [Bug]: Can't login from iOS client app · Issue #50619 · nextcloud/server · GitHub resolved by fix(base.php): Correct order for booting \OC\Server by nickvergessen · Pull Request #51361 · nextcloud/server · GitHub but I only deployed my instance a few days ago. Need to check actual fix version
Edit: Looks like I'm on the latest version 31.0.2 which contains the above fix. Strange. The description of the issue is identical to what I'm facing
2025-04-06 02:35:42 Network request started: POST https://<redacted>/login/v2/poll?token=6GDboX1uKqRy8PuWMt64asb8IsmjaGrmXfeT3HSm3qtgiaAB44svklmDkWomoyu7tUfafBkGa0FdTvzXBxrC2CkemF1spDW0yko26hytV6GrpDkfwgWHdfbmEkEnlKuP
[Request]: POST https://<redacted>/login/v2/poll?token=6GDboX1uKqRy8PuWMt64asb8IsmjaGrmXfeT3HSm3qtgiaAB44svklmDkWomoyu7tUfafBkGa0FdTvzXBxrC2CkemF1spDW0yko26hytV6GrpDkfwgWHdfbmEkEnlKuP
[Headers]:
User-Agent: Mozilla/5.0 (iOS) Nextcloud-iOS/6.5.0
[Body]: None
[Response]:
[Status Code]: 200
[Headers]:
Alt-Svc: h3=":443"; ma=2592000
Cache-Control: no-cache, no-store, must-revalidate
Content-Encoding: gzip
Content-Length: 161
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
Content-Type: application/json; charset=utf-8
Date: Sun, 06 Apr 2025 01:35:42 GMT
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
referrer-policy: no-referrer
Strict-Transport-Security: max-age=31536000;
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: ThF089IZSTLslESvZa8n
x-robots-tag: noindex, nofollow
x-xss-protection: 1; mode=block
[Body]:
{"server":"<redacted>","loginName":"<redacted>","appPassword":"<redacted>"}
[Network Duration]: 0.1823059320449829s
[Serialization Duration]: 3.5583332646638155e-05s
[Result]: success(149 bytes)
2025-04-06 02:35:43 Network response request: https://<redacted>/login/v2/poll?token=6GDboX1uKqRy8PuWMt64asb8IsmjaGrmXfeT3HSm3qtgiaAB44svklmDkWomoyu7tUfafBkGa0FdTvzXBxrC2CkemF1spDW0yko26hytV6GrpDkfwgWHdfbmEkEnlKuP, result: success(149 bytes)
Looks like poll was successful at least on this attempt. Then I get this error:
Task <9A4C41EE-2C69-4CBF-B66E-9FEF295DF525>.<1> finished with error [-1005] Error Domain=NSURLErrorDomain Code=-1005 "The network connection was lost." UserInfo={_kCFStreamErrorCodeKey=-4, NSUnderlyingError=0x600000dfd650 {Error Domain=kCFErrorDomainCFNetwork Code=-1005 "(null)" UserInfo={NSErrorPeerAddressKey=<CFData 0x6000021a65d0 [0x1e6ebb4f0]>{length = 16, capacity = 16, bytes = 0x100201bb310cf2800000000000000000}, _kCFStreamErrorCodeKey=-4, _kCFStreamErrorDomainKey=4}}, _NSURLErrorFailingURLSessionTaskErrorKey=LocalDataTask <9A4C41EE-2C69-4CBF-B66E-9FEF295DF525>.<1>, _NSURLErrorRelatedURLSessionTaskErrorKey=(
"LocalDataTask <9A4C41EE-2C69-4CBF-B66E-9FEF295DF525>.<1>"
), NSLocalizedDescription=The network connection was lost., NSErrorFailingURLStringKey=https://<redacted>/ocs/v2.php/cloud/user, NSErrorFailingURLKey=https://<redacted>/ocs/v2.php/cloud/user, _kCFStreamErrorDomainKey=4}
Same problem. Server: 31.0.2 latest (just now) App: 6.6.0
r/2025:05:29:11 +0000] "POST /login/v2/poll?token=xxxx HTTP/1.1" 404 716 "-" "Mozilla/5.0 (iOS) Nextcloud-iOS/6.6.0"
Same problem. Server: 31.0.2 latest (just now) App: 6.6.0
r/2025:05:29:11 +0000] "POST /login/v2/poll?token=xxxx HTTP/1.1" 404 716 "-" "Mozilla/5.0 (iOS) Nextcloud-iOS/6.6.0"
The 404s are expected to happen while polling for the token. But the last request should be a 200 response I believe.
Then the app tries to use the token and gets stuck. Is that the same for you? My colleague gets "State token invalid" and I'm getting stuck on the page telling me I can close it now (but I believe this is due to the embedded browser being used) but problem is the same.
AIO Installation is causing me lots of headaches as it's not easy to debug and change log levels etc for apache and caddy as it could be reverse proxy issue. There's an exception being thrown in reverseproxy.go of caddy but can't see the actual error nor trace the error to nextcloud container. Corroborating the logs is proving tricky.
{
"level": "error",
"ts": 1743917725.238705,
"logger": "http.log.error",
"msg": "NO_ERROR (remote)",
"request": {
"remote_ip": "<redacted>",
"remote_port": "18397",
"client_ip": "194.55.157.209",
"proto": "HTTP/3.0",
"method": "GET",
"host": "<redacted>",
"uri": "/ocs/v2.php/cloud/user",
"headers": {
"Accept-Language": [
"en-GB;q=1.0"
],
"User-Agent": [
"Mozilla/5.0 (iOS) Nextcloud-iOS/6.6.0"
],
"Ocs-Apirequest": [
"true"
],
"X-Nc-Account": [
"<redacted> <redacted>"
],
"Content-Type": [
"application/x-www-form-urlencoded"
],
"Accept-Encoding": [
"br;q=1.0, gzip;q=0.9, deflate;q=0.8"
],
"Accept": [
"application/json"
],
"Authorization": [
"REDACTED"
],
"Priority": [
"u=3, i"
],
"X-Nc-Checkinterceptor": [
"true"
]
},
"tls": {
"resumed": false,
"version": 772,
"cipher_suite": 4865,
"proto": "h3",
"server_name": "<redacted>"
}
},
"duration": 0.000988341,
"status": 502,
"err_id": "0vt7wpv8e",
"err_trace": "reverseproxy.statusError (reverseproxy.go:1373)"
}
Once I try one time in iOS simulator then I get this error until I completely erase it and start again.
What I don't get is that Apache spits out 200 log
194.55.157.209 - - [06/Apr/2025:08:24:22 +0000] "GET /status.php HTTP/1.1" 200 170 "-" "Nextcloud/6.6.0 (it.twsweb.Nextcloud; build:4; iOS 18.4.0) Alamofire/5.10.2"
and Caddy a 502 Bad Gateway
{"level":"error","ts":1743928311.7733276,"logger":"http.log.error","msg":"NO_ERROR (remote)","request":{"remote_ip":"194.55.157.209","remote_port":"18378","client_ip":"194.55.157.209","proto":"HTTP/3.0","method":"GET","host":"nextcloud.base.nu","uri":"/status.php","headers":{"Accept-Language":["en-GB;q=1.0"],"Accept-Encoding":["br;q=1.0, gzip;q=0.9, deflate;q=0.8"],"Cookie":["REDACTED"],"User-Agent":["Nextcloud/6.6.0 (it.twsweb.Nextcloud; build:4; iOS 18.4.0) Alamofire/5.10.2"],"Accept":["*/*"],"Priority":["u=3, i"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h3","server_name":"nextcloud.base.nu"}},"duration":0.000611538,"status":502,"err_id":"mtyhx8m7e","err_trace":"reverseproxy.statusError (reverseproxy.go:1373)"}
{"level":"error","ts":1743928311.825986,"logger":"http.log.error","msg":"NO_ERROR (remote)","request":{"remote_ip":"194.55.157.209","remote_port":"18379","client_ip":"194.55.157.209","proto":"HTTP/3.0","method":"GET","host":"nextcloud.base.nu","uri":"/status.php","headers":{"User-Agent":["Nextcloud/6.6.0 (it.twsweb.Nextcloud; build:4; iOS 18.4.0) Alamofire/5.10.2"],"Accept-Language":["en-GB;q=1.0"],"Accept-Encoding":["br;q=1.0, gzip;q=0.9, deflate;q=0.8"],"Cookie":["REDACTED"],"Accept":["*/*"],"Priority":["u=3, i"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h3","server_name":"nextcloud.base.nu"}},"duration":0.00096015,"status":502,"err_id":"zyed8u3bx","err_trace":"reverseproxy.statusError (reverseproxy.go:1373)"}
for same request from iOS.
So the response from Caddy <- Apache must be interrupted.
Okay. I managed to fix the issue by not using the Caddy instance within apache container of AIO and using standalone caddy reverse proxy and disabling HTTP/3
Why is HTTP/3 even used??
I am using standalone version of nextcloud server(docker deployment), and use external nginx for reverse proxy. Does the problem come from reverse proxy? I'll test it
I am using standalone version of nextcloud server(docker deployment), and use external nginx for reverse proxy. Does the problem come from reverse proxy? I'll test it
I'm not sure if the HTTP/3 issue is related to "State token invalid" issue. I just had an issue with iOS simulator having interrupted HTTP/3 connections and couldn't debug, so I disabled HTTP/3.
I cannot recreate the "State token invalid" problem but my colleague still faces it. I will try to find what iOS and browser he is using from the logs. I believe it was Firefox and iOS 18 but not 100%. Def not Safari. Only problem is that I can't install App Store apps in the Simulator...
It may well be that the issue is now fixed and he just needs to clear browser cache but he doesn't know how to do that so I will help when I see him next week.
Issue with "state token missing" error still persists on affected iPhone but I don't have access to this device right now. Deleting the Nextcloud app and reinstalling it did not fix the problem.
I did notice that I could login on the affected device with a different account and this worked fine. I'm not sure why the one account comes up with this error.
I tested the 6.6.0 and 6.6.1 versions of the app on the simulator in ios18.4 and it worked very well (Tested with and without external nginx reverse proxy). Even without any overwrite set, it still works fine. However, using ios18.2's iPad and 18.5rc's iPhone, there will still be a problem of token missing. Very frustrating
I tested the 6.6.0 and 6.6.1 versions of the app on the simulator in ios18.4 and it worked very well (Tested with and without external nginx reverse proxy). Even without any overwrite set, it still works fine. However, using ios18.2's iPad and 18.5rc's iPhone, there will still be a problem of token missing. Very frustrating
This is very interesting @mxdlzg and I guess may help narrow down the problem? Were you able to recreate the problem in simulator (e.g. 18.5rc) or is this only on physical iPhone?
This issue is very frustrating. I’m unable to have employees sign in without me manually creating app passwords on IOS.
I got it working finally. I’m running AIO behind NPM and cloudflare. I had to add these entries stated here https://community.cloudflare.com/t/reverse-proxy-with-nextcloud/324133/2 in order to get the tokens to pass correctly. 🙌🏻🙌🏻🙌🏻
Nvm lol was a fluke I guess. Still getting invalid responses for login……
Just as a status update: The iOS app release 6.6.4 changed a minor detail about how website data is handled which might improve the situation and we currently have a patch/pull request for the server which can prevent the loss of state token in some use cases.
Just as a status update: The iOS app release 6.6.4 changed a minor detail about how website data is handled which might improve the situation and we currently have a patch/pull request for the server which can prevent the loss of state token in some use cases.
Several of my users had this issue, today the first one after 6.6.4 was available. Updating the app fixed the error. Btw all former problems were gone after connecting the app via Application Specific Password and the QR code generated on the server.
I'm using Nextcloud 6.6.6 on iOS 18.5 and still have the issue trying to connect to the server. The same thing happen using Nextcloud Notes 4.4.0. Am I missing something? I'm connecting using username and password normally.
I'm not familiar with debugging iOS clients but I'm available to collect any data you might need to understand what is happening if you need me to, just tell me what to do.
I'm connecting using username and password normally.
@mathiashls have you already tried to connect via application specific password and the QR-Code you can generate for it? That was the solution für most of our clients.
I'm connecting using username and password normally.
@mathiashls have you already tried to connect via application specific password and the QR-Code you can generate for it? That was the solution für most of our clients.
worked for me, thank you so much
