user_saml
user_saml copied to clipboard
nextcloud
Login with only kerberos as idp (environment variable) seems broken
Steps to reproduce
- Install Nextcloud
- Install user_saml and chose environment variable
- try to enter REOTE_USER
Expected behaviour
Tell us what should happen It should take the variable and use it to enable login against kerberos
Actual behaviour
Tell us what happens instead kerberos authorizes the login, user_saml seems to not catch the value of REMOTE_USER and prints an empty Error page (Nextcloud Errorpage but only Error as Error message In the error log i can see that kerberos grants the login and in the nextcloudlog i get an error when Nextcloud tries to get the token
Server configuration
Operating system: Ubuntu 20.04
Web server: Apach2
Database: mysql
PHP version: 7.4-cgi
Nextcloud version: (see Nextcloud admin page) 24.x
Where did you install Nextcloud from: webinstaller
List of activated apps:
- bbb: 2.4.0
- cloud_federation_api: 1.7.0
- dav: 1.22.0
- federatedfilesharing: 1.14.0
- files: 1.19.0
- files_rightclick: 1.3.0
- files_versions: 1.17.0
- group_default_quota: 0.1.4
- lookup_server_connector: 1.12.0
- nextcloud_announcements: 1.13.0
- notifications: 2.12.1
- oauth2: 1.12.0
- password_policy: 1.14.0
- privacy: 1.8.0
- provisioning_api: 1.14.0
- serverinfo: 1.14.0
- settings: 1.6.0
- sharebymail: 1.14.0
- survey_client: 1.12.0
- theming: 1.15.0
- twofactor_backupcodes: 1.13.0
- updatenotification: 1.14.0
- user_saml: 5.0.3
- viewer: 1.8.0
- workflowengine: 2.6.0
Nextcloud configuration:
[owncloud][PHP][3] {"Exception":"Error","Message":"Array to string conversion at /var/www/nextcloud/lib/private/Log/Errorlog.php#46","Code":0,"Trace":[{"file":"/var/www/nextcloud/lib/private/Log/Errorlog.php","line":46,"function":"onError","class":"OC\\Log\\ErrorHandler","type":"::"},{"file":"/var/www/nextcloud/lib/private/Log.php","line":375,"function":"write","class":"OC\\Log\\Errorlog","type":"->"},{"file":"/var/www/nextcloud/lib/private/Log.php","line":215,"function":"writeLog","class":"OC\\Log","type":"->"},{"file":"/var/www/nextcloud/lib/private/Log.php","line":193,"function":"log","class":"OC\\Log","type":"->"},{"file":"/var/www/nextcloud/lib/private/legacy/OC_App.php","line":183,"function":"debug","class":"OC\\Log","type":"->"},{"file":"/var/www/nextcloud/lib/private/legacy/OC_App.php","line":140,"function":"loadApp","class":"OC_App","type":"::"},{"file":"/var/www/nextcloud/lib/private/Console/Application.php","line":119,"function":"loadApps","class":"OC_App","type":"::"},{"file":"/var/www/nextcloud/console.php","line":99,"function":"loadCommands","class":"OC\\Console\\Application","type":"->"},{"file":"/var/www/nextcloud/occ","line":11,"args":["/var/www/nextcloud/console.php"],"function":"require_once"}],"File":"/var/www/nextcloud/lib/private/Log/ErrorHandler.php","Line":92,"CustomMessage":"--"}
[owncloud][user_saml][0] Array
{
"system": {
"instanceid": "***REMOVED SENSITIVE VALUE***",
"passwordsalt": "***REMOVED SENSITIVE VALUE***",
"secret": "***REMOVED SENSITIVE VALUE***",
"trusted_domains": [
"cloud.domain.tld",
"cloud",
"***REMOVED SENSITIVE VALUE***"
],
"default_phone_region": "DE",
"datadirectory": "***REMOVED SENSITIVE VALUE***",
"dbtype": "mysql",
"version": "24.0.7.1",
"overwrite.cli.url": "https:\/\/cloud.domain.tld",
"dbname": "***REMOVED SENSITIVE VALUE***",
"dbhost": "***REMOVED SENSITIVE VALUE***",
"dbport": "",
"dbtableprefix": "oc_",
"mysql.utf8mb4": true,
"dbuser": "***REMOVED SENSITIVE VALUE***",
"dbpassword": "***REMOVED SENSITIVE VALUE***",
"installed": true,
"memcache.local": "\\OC\\Memcache\\APCu",
"filelocking.enabled": true,
"memcache.locking": "\\OC\\Memcache\\Redis",
"memcache.distributed": "\\OC\\Memcache\\Redis",
"redis": {
"host": "***REMOVED SENSITIVE VALUE***",
"port": 0,
"timeout": 0
},
"maintenance": false,
"mail_smtpmode": "smtp",
"mail_smtpauthtype": "LOGIN",
"mail_sendmailmode": "smtp",
"mail_smtpauth": 1,
"mail_smtphost": "***REMOVED SENSITIVE VALUE***",
"mail_smtpport": "587",
"mail_smtpsecure": "tls",
"mail_from_address": "***REMOVED SENSITIVE VALUE***",
"mail_domain": "***REMOVED SENSITIVE VALUE***",
"mail_smtpname": "***REMOVED SENSITIVE VALUE***",
"mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
"theme": "",
"loglevel": 0,
"log_type": "errorlog",
"app_install_overwrite": [
"user_saml"
],
"updater.secret": "***REMOVED SENSITIVE VALUE***"
}
}
Client configuration
Browser: Chrome mobile on android Firefox on Ubuntu 22.04 Operating system:
Logs
Nextcloud log (data/owncloud.log)
Insert your Nextcloud log here
[Thu Nov 17 07:48:05.351829 2022] [php7:notice] [pid 637249] [client **********:43448] [owncloud][user_saml][0] Array
[Thu Nov 17 07:48:05.364705 2022] [php7:notice] [pid 637249] [client **********:43448] [owncloud][no app in context][0] {"Exception":"OC\\\\Authentication\\\\Exceptions\\\\InvalidTokenException","Message":"Token does not exist: token does not exist","Code":0,"Trace":[{"file":"/var/www/nextcloud/lib/private/Authentication/Token/Manager.php","line":133,"function":"getToken","class":"OC\\\\Authentication\\\\Token\\\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/private/User/Session.php","line":523,"function":"getToken","class":"OC\\\\Authentication\\\\Token\\\\Manager","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/private/User/Session.php","line":436,"function":"isTokenPassword","class":"OC\\\\User\\\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/private/User/Session.php","line":575,"function":"logClientIn","class":"OC\\\\User\\\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/base.php","line":1081,"function":"tryBasicAuthLogin","class":"OC\\\\User\\\\Session","type":"->"},{"file":"/var/www/nextcloud/lib/base.php","line":1019,"function":"handleLogin","class":"OC","type":"::"},{"file":"/var/www/nextcloud/index.php","line":36,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","Line":115,"Previous":{"Exception":"OCP\\\\AppFramework\\\\Db\\\\DoesNotExistException","Message":"token does not exist","Code":0,"Trace":[{"file":"/var/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","line":111,"function":"getToken","class":"OC\\\\Authentication\\\\Token\\\\PublicKeyTokenMapper","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/private/Authentication/Token/Manager.php","line":133,"function":"getToken","class":"OC\\\\Authentication\\\\Token\\\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/private/User/Session.php","line":523,"function":"getToken","class":"OC\\\\Authentication\\\\Token\\\\Manager","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/private/User/Session.php","line":436,"function":"isTokenPassword","class":"OC\\\\User\\\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/private/User/Session.php","line":575,"function":"logClientIn","class":"OC\\\\User\\\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/base.php","line":1081,"function":"tryBasicAuthLogin","class":"OC\\\\User\\\\Session","type":"->"},{"file":"/var/www/nextcloud/lib/base.php","line":1019,"function":"handleLogin","class":"OC","type":"::"},{"file":"/var/www/nextcloud/index.php","line":36,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenMapper.php","Line":89},"message":"Token is not valid: Token does not exist: token does not exist","exception":{},"CustomMessage":"Token is not valid: Token does not exist: token does not exist"}
Browser log
Insert your browser log here, this could for example include:
a) The javascript console log
b) The network log
c) ...
