Desktop: Webflow Login Stuck on "Redirecting"

@rullzer

I'm having the same problem. At first I thought it was due to a corrupted nssdb because my logging kept on throwing things like

[14361:14388:0523/202121.306105:ERROR:nss_util.cc(808)] After loading Root Certs, loaded==false: NSS error code: -8018

I created a new $HOME/.pki/nssdb folder and reinitialized it using certutil -d $HOME/.pki/nssdb -N but my authentication flow is still sticking on Redirecting.

It creates the auth in Nextcloud itself, but never seems to get the token back from the webkit view.

Some log output:

[OCC::Application::setupTranslations    Using "en_US" translation
[OCC::SocketApi::SocketApi      server started, listening at  "/run/user/1000/Nextcloud/socket"
[OCC::FolderMan::FolderMan      setting remote poll timer interval to 30000 msec
[OCC::AccountManager::restoreFromLegacySettings         Migrate: restoreFromLegacySettings, checking settings group "Nextcloud"
[OCC::AccountManager::restoreFromLegacySettings         Migrate: checking old config  "/home/adam/.config/ownCloud/owncloud.cfg"
[OCC::FolderMan::setupFoldersMigration  Setup folders from  "/home/adam/.config/Nextcloud/folders" (migration)
[OCC::ClientProxy::setupQtProxyFromConfig       Set proxy configuration to use system configuration
[OCC::ownCloudGui::slotOpenSettingsDialog       No configured folders yet, starting setup wizard
[OCC::WebViewPage::WebViewPage  Time for a webview!
[OCC::OCUpdater::backgroundCheckForUpdate       Checking for available update
[OCC::AccessManager::createRequest      2 "" "https://updates.nextcloud.org/client/?client=redacted%3D%3D&version=2.5.0.0&platform=linux&oem=Nextcloud&versionsuffix=git" has X-Request-ID "c2012c1a-4159-4824-9220-3a4ba98c7bbc"
[OCC::PassiveUpdateNotifier::versionInfoArrived         Client is on latest version!
[OCC::OwncloudSetupWizard::slotSystemProxyLookupDone    No system proxy set by OS
[OCC::AccessManager::createRequest      2 "" "https://cloud.redacted.com/status.php" has X-Request-ID "f405a827-df51-490e-a7af-c2ca608574d5"
[OCC::AbstractNetworkJob::start         OCC::CheckServerJob created for "https://cloud.redacted.com" + "status.php" "OCC::OwncloudSetupWizard"
[OCC::CheckServerJob::finished  status.php returns:  QJsonDocument({"edition":"","installed":true,"maintenance":false,"needsDbUpgrade":false,"productname":"Techendeavors","version":"13.0.2.1","versionstring":"13.0.2"})   QNetworkReply::NetworkError(NoError)  Reply:  QNetworkReplyHttpImpl(0x55b16ea57c30)
[OCC::DetermineAuthTypeJob::start       Determining auth type for QUrl("https://cloud.redacted.com/remote.php/webdav/")
[OCC::AccessManager::createRequest      2 "" "https://cloud.redacted.com/remote.php/webdav/" has X-Request-ID "382e67bb-891b-42bc-a486-c6df5491a178"
[OCC::AbstractNetworkJob::start         OCC::SimpleNetworkJob created for "https://cloud.techendeavors.com" + "" "OCC::Account"
[OCC::AccessManager::createRequest      6 "PROPFIND" "https://cloud.redacted.com/remote.php/webdav/" has X-Request-ID "b3bc71b6-9af3-482d-89b5-939bf5555595"
[OCC::AbstractNetworkJob::start         OCC::SimpleNetworkJob created for "https://cloud.redacted.com" + "" "OCC::Account"
[OCC::DetermineAuthTypeJob::checkBothDone       Auth type for QUrl("https://cloud.redacted.com/remote.php/webdav/") is 3
[OCC::WebViewPage::initializePage       Url to auth at:  "https://cloud.redacted.com/index.php/login/flow"
[OCC::WebViewPageUrlSchemeHandler::requestStarted       Got user:  "adam" , server:  "https://cloud.redacted.com"
[OCC::WebViewPage::urlCatched   Got user:  "adam" , server:  "https://cloud.redacted.com"
[OCC::WebViewPage::urlCatched   URL:  "https://cloud.techendeavors.com"
[OCC::OwncloudSetupWizard::slotConnectToOCUrl   Connect to url:  "https://cloud.redacted.com"
[OCC::WebFlowCredentials::createQNAM    Get QNAM
[OCC::AccessManager::createRequest      6 "PROPFIND" "https://cloud.redacted.com/remote.php/webdav/" has X-Request-ID "8bdb3166-936f-4176-9f32-1526a15695d0"
[OCC::AbstractNetworkJob::start         OCC::PropfindJob created for "https://cloud.redacted.com" + "/" "OCC::OwncloudSetupWizard"
[OCC::WebFlowCredentials::slotFinished  request finished
[OCC::WebFlowCredentials::stillValid    Still valid?
[OCC::WebFlowCredentials::stillValid    QNetworkReply::NetworkError(AuthenticationRequiredError)
[OCC::WebFlowCredentials::stillValid    "Error transferring https://cloud.redacted.com/remote.php/webdav/ - server replied: "
[OCC::PropfindJob::finished     PROPFIND of QUrl("https://cloud.redacted.com/remote.php/webdav/") FINISHED WITH STATUS QNetworkReply::NetworkError(AuthenticationRequiredError) "Error transferring https://cloud.redacted.com/remote.php/webdav/ - server replied: "
[OCC::PropfindJob::finished     *not* successful, http result code is 401 ""
[OCC::WebFlowCredentials::stillValid    Still valid?
[OCC::WebFlowCredentials::stillValid    QNetworkReply::NetworkError(AuthenticationRequiredError)
[OCC::WebFlowCredentials::stillValid    "Error transferring https://cloud.redacted.com/remote.php/webdav/ - server replied: "

I'm using the following clients on the server running Beta channel 13.0.2:

nextcloud-client/bionic,now 2.4.0-20180523.165631~bionic1 amd64
libnextcloudsync0/bionic,now 2.4.0-20180523.165631~bionic1 amd64 

Is this still happening? I had the same issues with the appimage but those got solved. Maybe you are missing some dependencies?

I have the same problem with nextcloud-client-appimage-daily from Arch User Repo. When I want to use App-Token I can't even get to the redirect page. The button "Grant access" does nothing.
On my server I use docker with a reverse-proxy (Proxy + Nextcloud).

I tested also nextcloud-desktop-git from AUR and had the same problem.
The login via the Android App works perfect.

Server log from nextcloud-client-appimage-daily:
https://hastebin.com/atewukorov.pl

Server log from Android App:
https://hastebin.com/xexohijise.coffeescript

Can any of you provide me with a test account on your system?

Thanks. I changed the password (just to be sure). I'll see if I can reproduce thnx.

Could you post your webserver config?

It is weird. A 401 is returned but for some reason the correct Qt signal (authentication required) is never emitted.

Here is the config of the reverse-proxy (nginx)
https://hastebin.com/isevapidov.txt
The config of the nextcloud webserver is the default apache2 config from the official docker image.
I put the apache2 folder in a tar archive

@rullzer Still having this issue. Here's a testing/demo account you can use:
https://cloud.spryservers.net
u: demo
p: demodemo

same problem here. don't know what to do.
I'm using docker image, on local is working but when i'm using with traefik isn't working. stuck on redirecting... seem it's related to reverse proxy

@bitdegree67 yeah seems to only happen in with nginx powered servers.

same problem with kubernetes reverse proxy and with nginx reverse proxy (in traefik)

@tabp0le I didn't had any problems using your demo app. Maybe you should try it in inkognito window and you have a cached redirect or sth????

@alwinmarkcf it only doesn't work with the loginflow using the built in qtweb in the desktop client. It works with Android app using new flow even. Just not desktop client.

I have the same problem but I don't use a proxy I only use apache.
Simple configuration from the official documentation + TLS stuff.
The only special stuff I can think of:
Apache version: 2.4.34
http2 enabled

I did set logging to debug and found:

No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured

Full Log

nothing new ?

Same issue here.

@bitdegree67 i doubt you will see a fix soon. They will have to collaborate probably with the nextcloud server developer too regarding this.

If you are compiling yourself, you can use this commit to force legacy auth: https://github.com/SpryServers/sprycloud-client-next/commit/b18c3ce5acadc51c73655b06f1d9b898853e850a

@rullzer any update on this? we're seeing the same thing, and no idea how to work around this... we're stuck unable to add the nextcloud files on one of our machines

(tested with the latest linux appimage and latest ubuntu PPA version)

@JonasT if you are able to compile yourself, I listed a work-around in my previous comment.

Hi! Could any of you test this build - please make sure to have a clean configuration - https://download.nextcloud.com/desktop/daily/Windows/Nextcloud-2.5.0.61352-daily-20180904.exe?
It solved openssl/qtkeychain/credentials issues (But sadly I could never reproduce this specific issue).

@camilasan

I just installed 2.5.0-20180904.004725~xenial1 from the PPA and it was able to migrate my existing config from 2.3.3.

I also tried to start from scratch by renaming the config directories and deleting the sync'd directory but that resulted in a crash on start.

Mint 18.3 (Ubuntu 16.04)

I'll give it a shot when I get into the office. I do not think it's related to SSL though. I think it's more related to a misinterpreted http response code.

Nope, still broken

See #624

This issue is fixed with ^^

I shouldn't have closed it since it's not merged yet 😂

Now it is merged :D

I confirm issue is fixed for me. Thanks all and thanks @rullzer

Looks good here as well.

Thanks! :+1:

Hello and sorry to reopen.
Same think happened today with ubuntu 18.10 and a 16.04
The installation was made with the ppa or with the AppImage provided (2.5) and the app was still stuck on "the redirecting".

Nextcloud server : 14.0.3

Could it be a server misconfiguration as it seems fixed for others ?

Bye

Same on macos.

• Client version: 2.5.0daily (build 20181112)
• Server version: 14.0.3

Confirming on Windows 10, using client version 2.5.0 official release.
My Fedora 29 virtual machine, with client 2.3.3-2.fc28 works fine with the same server.

In my opinion this issue should be reopened as there are reports of this still happening on Ubuntu, MacOS, and Windows.

Try again with Nextcloud 14.0.4
This was a bug there and should be fixed now.

@janvlug did you upgrade Nextcloud? Is it working now?

@camilasan The issue is with a NextCloud server that is out of my control, so I could not test it yet.

@camilasan I've updated server to 14.0.4 and I'm still experiencing same issue.

Let's see if we can reproduce.

Same problem - apparently - here. Login with any client (Ubuntu 18.10 PPA version and daily AppImage, Android, and Windows 10) fails and gets stuck on "Redirecting"; fresh 14.04 install on Debian 9 (stable) with Apache and PHP-FPM 7.0 from Debian repos.

Here is the excerpt from nextcloud.log with log_level=0:
{"reqId":"edlU0Ko1RsLonLX6wJN1","level":2,"time":"2018-12-03T19:02:30+00:00","remoteAddr":"xx.xx.xx.xx","user":"--","app":"core","method":"PROPFIND","url":"\remote.php\/webdav\/","message":"Login failed: 'My+Name' (Remote IP: 'xx.xx.xx.xx')","userAgent":"Mozilla\/5.0 (Linux) mirall\/2.5.0daily (build 20181203) (Nextcloud)","version":"14.0.4.2"} {"reqId":"edlU0Ko1RsLonLX6wJN1","level":1,"time":"2018-12-03T19:02:30+00:00","remoteAddr":"xx.xx.xx.xx","user":"--","app":"core","method":"PROPFIND","url":"\/remote.php\/webdav\/","message":"Bruteforce attempt from \"xx.xx.xx.xx\" detected for action \"login\".","userAgent":"Mozilla\/5.0 (Linux) mirall\/2.5.0daily (build 20181203) (Nextcloud)","version":"14.0.4.2"} {"reqId":"edlU0Ko1RsLonLX6wJN1","level":0,"time":"2018-12-03T19:02:30+00:00","remoteAddr":"xx.xx.xx.xx","user":"--","app":"webdav","method":"PROPFIND","url":"\/remote.php\/webdav\/","message":{"Exception":"Sabre\\DAV\\Exception\\NotAuthenticated","Message":"Username or password was incorrect, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured","Code":0,"Trace":[{"function":"beforeMethod","class":"Sabre\\DAV\\Auth\\Plugin","type":"->","args":[{"absoluteUrl":"https:\/\/mycloud.xyz.de\/remote.php\/webdav\/","__class__":"Sabre\\HTTP\\Request"},{"__class__":"Sabre\\HTTP\\Response"}]},{"file":"\/var\/www\/nextcloud\/3rdparty\/sabre\/event\/lib\/EventEmitterTrait.php","line":105,"function":"call_user_func_array","args":[[{"autoRequireLogin":true,"__class__":"Sabre\\DAV\\Auth\\Plugin"},"beforeMethod"],[{"absoluteUrl":"https:\/\/mycloud.xyz.de\/remote.php\/webdav\/","__class__":"Sabre\\HTTP\\Request"},{"__class__":"Sabre\\HTTP\\Response"}]]},{"file":"\/var\/www\/nextcloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Server.php","line":466,"function":"emit","class":"Sabre\\Event\\EventEmitter","type":"->","args":["beforeMethod",[{"absoluteUrl":"https:\/\/mycloud.xyz.de\/remote.php\/webdav\/","__class__":"Sabre\\HTTP\\Request"},{"__class__":"Sabre\\HTTP\\Response"}]]},{"file":"\/var\/www\/nextcloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Server.php","line":254,"function":"invokeMethod","class":"Sabre\\DAV\\Server","type":"->","args":[{"absoluteUrl":"https:\/\/mycloud.xyz.de\/remote.php\/webdav\/","__class__":"Sabre\\HTTP\\Request"},{"__class__":"Sabre\\HTTP\\Response"}]},{"file":"\/var\/www\/nextcloud\/apps\/dav\/appinfo\/v1\/webdav.php","line":80,"function":"exec","class":"Sabre\\DAV\\Server","type":"->","args":[]},{"file":"\/var\/www\/nextcloud\/remote.php","line":163,"args":["\/var\/www\/nextcloud\/apps\/dav\/appinfo\/v1\/webdav.php"],"function":"require_once"}],"File":"\/var\/www\/nextcloud\/3rdparty\/sabre\/dav\/lib\/DAV\/Auth\/Plugin.php","Line":168,"CustomMessage":"--"},"userAgent":"Mozilla\/5.0 (Linux) mirall\/2.5.0daily (build 20181203) (Nextcloud)","version":"14.0.4.2"}
... and so on.

The Nextcloud server I tested with is now running 14.0.4. The Windows client 2.5.0, nor 2.5.1 can connect. They both are stuck in the redirecting screen. I got feedback from someone using a Mac client that client version 2.5.0 works. I did not test with the Linux client version 2.5.x.

I've got the same issue :
installed a fresh Ubuntu 18.04 LTS
then the appropriate Nextcloud ppa
checked the passwords, everything worked fine in the navigator (Brave Browser)
installed the nextcloud client via synaptics
followed the procedure, seems working fine but...
...stuck at the "redirecting" after apprently accepting login and password

I've got Nextcloud 14.0.1, looking forward to get the 15.0 !

Nextcloud 14.0.1

I interpret this comment as if this was only fixed in 14.0.4. However, for my Windows client that seems not to be the case, as stated in my previous comment.

I tested Nextcloud desktop 2.5.0 from the Fedora Linux testing repository in a vanilla Fedora 29 installation.

On one 14.0.4 server, Nextcloud desktop 2.5.0 still gets stuck in the Redirecting screen. The URL of this server has this form: https://cloud.company.com

On another 14.0.4 server, Nextcloud desktop 2.5.0 works fine. The URL of this server has this form: https://name.service.com/nextcloud

For me this also broke a while ago, and I also have an URL of the variant https://cloud.company.com (no /nextcloud subfolder endpoint). Just in case that is relevant

Can confirm that my nextcloud domain has the same URL pattern, if that matters.

I'm having a similar problem...

• Windows NextCloud client 2.5.1
• Ubuntu 16.04 server, running NextCloud 14.0.4

I'm using SSO & SAML authentication. With it enabled, I get the "redirecting" screen for both SSO and direct logins in the NC client. With it disabled, I'm able to connect with direct logins. So it seems to be something related to the SSO & SAML application for me.

Edit: I should also point out that login works perfectly fine with SSO & SAML on the Android client, and with a web browser.

On our affected instance, we were using external LDAP logins. So I guess that could be possibly related...?

I tested with external LDAP to see if I had the same issue. LDAP seems to work for me, as long as SAML/SSO are disabled.

@Fug1 is your endpoint cloud.yourcompany.com, or yourcompany.com/nextcloud? Just curious since that seems to be possibly related as well

@JonasT my endpoint is in the format cloud.yourcompany.com. Also, my NC server is behind an Apache reverse proxy.

@camilasan does any of this info help reproduce the issue?

Edit: sorry, had wrong name referenced here before!

@JonasT it isn't impossible, but cloud.nextcloud.com AND our private cloud both work that way, and none of our employees has this issue. So there must certainly be more to it. Can you, @Fug1 and @ dschmidtke share what setup exactly you have (server and client version and platform, webserver, database, PHP version) and if there's anything in the server log?

Also, you can run the client with --logwindow, there might be clues in there as to what is wrong.

Server:

• NextCloud 14.0.4
• Proxmox host w/ Ubuntu 16.04 LXC container, behind Apache2 reverse proxy
• Apache2 webserver
• MariaDB 10.0.36
• PHP 7.1.17

Client:

• Windows 7
• NC client 2.5.1

Logs below captured after I select "grant access". The test user account is local, so it's strange that the NextCloud client log is receiving a SAML redirect URL.

NextCloud log of successful connection (w/o SSO/SAML enabled):

{"reqId":"YiKjOBe5PhC0ajoL3N5M","level":0,"time":"2018-12-12T19:09:06+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"core","method":"GET","url":"\/index.php\/login\/flow\/redirect?clientIdentifier=&stateToken=<token>","message":"Scss is disabled for \/var\/www\/nextcloud\/core\/css\/jquery-ui-fixes.scss, ignoring","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"YiKjOBe5PhC0ajoL3N5M","level":0,"time":"2018-12-12T19:09:06+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"core","method":"GET","url":"\/index.php\/login\/flow\/redirect?clientIdentifier=&stateToken=<token>","message":"Scss is disabled for \/var\/www\/nextcloud\/core\/css\/server.scss, ignoring","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"YiKjOBe5PhC0ajoL3N5M","level":0,"time":"2018-12-12T19:09:06+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"core","method":"GET","url":"\/index.php\/login\/flow\/redirect?clientIdentifier=&stateToken=<token>","message":"Scss is disabled for \/var\/www\/nextcloud\/core\/css\/css-variables.scss, ignoring","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"YiKjOBe5PhC0ajoL3N5M","level":0,"time":"2018-12-12T19:09:06+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"core","method":"GET","url":"\/index.php\/login\/flow\/redirect?clientIdentifier=&stateToken=<token>","message":"Scss is disabled for \/var\/www\/nextcloud\/apps\/firstrunwizard\/css\/firstrunwizard.scss, ignoring","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"YiKjOBe5PhC0ajoL3N5M","level":0,"time":"2018-12-12T19:09:06+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"core","method":"GET","url":"\/index.php\/login\/flow\/redirect?clientIdentifier=&stateToken=<token>","message":"Scss is disabled for \/var\/www\/nextcloud\/core\/css\/jquery.ocdialog.scss, ignoring","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"YiKjOBe5PhC0ajoL3N5M","level":0,"time":"2018-12-12T19:09:06+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"core","method":"GET","url":"\/index.php\/login\/flow\/redirect?clientIdentifier=&stateToken=<token>","message":"Scss is disabled for \/var\/www\/nextcloud\/core\/search\/css\/results.scss, ignoring","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"gakXIp28hvzktZVgWvkj","level":0,"time":"2018-12-12T19:09:06+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"no app in context","method":"GET","url":"\/index.php\/core\/js\/oc.js?v=40ad2e87","message":"No cache entry found for \/appdata_ocmkurjbezvq\/theming\/images\/background (storage: local::\/NextCloud\/data\/, internalPath: appdata_ocmkurjbezvq\/theming\/images\/background)","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"wwfwhqggcK46CPV8jwXe","level":0,"time":"2018-12-12T19:09:07+00:00","remoteAddr":"192.168.15.78","user":"--","app":"cron","method":"GET","url":"\/cron.php","message":"Run OCA\\Files_Sharing\\DeleteOrphanedSharesJob job with ID 12","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"wwfwhqggcK46CPV8jwXe","level":0,"time":"2018-12-12T19:09:07+00:00","remoteAddr":"192.168.15.78","user":"--","app":"DeleteOrphanedSharesJob","method":"GET","url":"\/cron.php","message":"0 orphaned share(s) deleted","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"wwfwhqggcK46CPV8jwXe","level":0,"time":"2018-12-12T19:09:07+00:00","remoteAddr":"192.168.15.78","user":"--","app":"cron","method":"GET","url":"\/cron.php","message":"Finished OCA\\Files_Sharing\\DeleteOrphanedSharesJob job with ID 12 in 0 seconds","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"l5W3BcnoJ3ss6lmzdOFE","level":3,"time":"2018-12-12T19:09:32+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"files","method":"PROPFIND","url":"\/remote.php\/webdav\/","message":" Backends provided no user object for 2f86c0bc-e6a9-1037-85eb-5790e758536c","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"jqLeborDRPMAE3bNnOml","level":3,"time":"2018-12-12T19:09:33+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"files","method":"PROPFIND","url":"\/remote.php\/webdav\/","message":" Backends provided no user object for 2f86c0bc-e6a9-1037-85eb-5790e758536c","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}

NextCloud log of unsuccessful connection (w/ SSO/SAML enabled):

{"reqId":"gUnZuGp9UTAeHAlklclQ","level":0,"time":"2018-12-12T19:16:40+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"core","method":"GET","url":"\/index.php\/login\/flow\/redirect?clientIdentifier=&stateToken=<token>","message":"Scss is disabled for \/var\/www\/nextcloud\/core\/css\/jquery-ui-fixes.scss, ignoring","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"gUnZuGp9UTAeHAlklclQ","level":0,"time":"2018-12-12T19:16:40+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"core","method":"GET","url":"\/index.php\/login\/flow\/redirect?clientIdentifier=&stateToken=<token>","message":"Scss is disabled for \/var\/www\/nextcloud\/core\/css\/server.scss, ignoring","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"gUnZuGp9UTAeHAlklclQ","level":0,"time":"2018-12-12T19:16:40+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"core","method":"GET","url":"\/index.php\/login\/flow\/redirect?clientIdentifier=&stateToken=<token>","message":"Scss is disabled for \/var\/www\/nextcloud\/core\/css\/css-variables.scss, ignoring","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"gUnZuGp9UTAeHAlklclQ","level":0,"time":"2018-12-12T19:16:40+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"core","method":"GET","url":"\/index.php\/login\/flow\/redirect?clientIdentifier=&stateToken=<token>","message":"Scss is disabled for \/var\/www\/nextcloud\/apps\/firstrunwizard\/css\/firstrunwizard.scss, ignoring","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"gUnZuGp9UTAeHAlklclQ","level":0,"time":"2018-12-12T19:16:40+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"core","method":"GET","url":"\/index.php\/login\/flow\/redirect?clientIdentifier=&stateToken=<token>","message":"Scss is disabled for \/var\/www\/nextcloud\/core\/css\/jquery.ocdialog.scss, ignoring","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"gUnZuGp9UTAeHAlklclQ","level":0,"time":"2018-12-12T19:16:41+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"core","method":"GET","url":"\/index.php\/login\/flow\/redirect?clientIdentifier=&stateToken=<token>","message":"Scss is disabled for \/var\/www\/nextcloud\/core\/search\/css\/results.scss, ignoring","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}
{"reqId":"Vnd5PcLXfN2CpfFNJiz6","level":0,"time":"2018-12-12T19:16:41+00:00","remoteAddr":"192.168.15.78","user":"test_user","app":"no app in context","method":"GET","url":"\/index.php\/core\/js\/oc.js?v=40ad2e87","message":"No cache entry found for \/appdata_ocmkurjbezvq\/theming\/images\/background (storage: local::\/NextCloud\/data\/, internalPath: appdata_ocmkurjbezvq\/theming\/images\/background)","userAgent":"Mozilla\/5.0 (Windows) mirall\/2.5.1final (build 20181204) (Nextcloud)","version":"14.0.4.2"}

Apache log of unsuccessful connection (w/ SSO/SAML enabled):

192.168.15.78 - - [12/Dec/2018:14:21:39 -0500] "GET /index.php/login/flow/redirect?clientIdentifier=&stateToken=<token> HTTP/1.1" 200 2885 "-" "Mozilla/5.0 (Windows) mirall/2.5.1final (build 20181204) (Nextcloud)"
192.168.15.78 - - [12/Dec/2018:14:21:39 -0500] "GET /core/js/login/redirect.js HTTP/1.1" 200 2360 "-" "Mozilla/5.0 (Windows) mirall/2.5.1final (build 20181204) (Nextcloud)"
192.168.15.78 - - [12/Dec/2018:14:21:39 -0500] "GET /index.php/core/js/oc.js?v=40ad2e87 HTTP/1.1" 200 6651 "-" "Mozilla/5.0 (Windows) mirall/2.5.1final (build 20181204) (Nextcloud)"
192.168.15.78 - - [12/Dec/2018:14:21:40 -0500] "POST /index.php/login/flow HTTP/1.1" 303 988 "-" "Mozilla/5.0 (Windows) mirall/2.5.1final (build 20181204) (Nextcloud)"
192.168.15.78 - test_user [12/Dec/2018:14:21:40 -0500] "PROPFIND /remote.php/webdav/ HTTP/1.1" 302 706 "-" "Mozilla/5.0 (Windows) mirall/2.5.1final (build 20181204) (Nextcloud)"
192.168.15.78 - - [12/Dec/2018:14:21:40 -0500] "GET /cron.php HTTP/1.1" 200 977 "-" "Mozilla/5.0 (Windows) mirall/2.5.1final (build 20181204) (Nextcloud)"

Apache reverse proxy log of unsuccessful connection (w/ SSO/SAML enabled):

192.168.15.13 - - [12/Dec/2018:14:29:45 -0500] "GET /index.php/login/flow/redirect?clientIdentifier=&stateToken=<token> HTTP/1.1" 200 2943 "-" "Mozilla/5.0 (Windows) mirall/2.5.1final (build 20181204) (Nextcloud)"
192.168.15.13 - - [12/Dec/2018:14:29:45 -0500] "GET /core/js/login/redirect.js HTTP/1.1" 200 972 "-" "Mozilla/5.0 (Windows) mirall/2.5.1final (build 20181204) (Nextcloud)"
192.168.15.13 - - [12/Dec/2018:14:29:45 -0500] "GET /index.php/core/js/oc.js?v=40ad2e87 HTTP/1.1" 200 6715 "-" "Mozilla/5.0 (Windows) mirall/2.5.1final (build 20181204) (Nextcloud)"
192.168.15.13 - - [12/Dec/2018:14:29:45 -0500] "POST /index.php/login/flow HTTP/1.1" 303 1052 "-" "Mozilla/5.0 (Windows) mirall/2.5.1final (build 20181204) (Nextcloud)"
192.168.15.13 - - [12/Dec/2018:14:29:46 -0500] "PROPFIND /remote.php/webdav/ HTTP/1.1" 302 4040 "-" "Mozilla/5.0 (Windows) mirall/2.5.1final (build 20181204) (Nextcloud)"
192.168.15.13 - - [12/Dec/2018:14:29:45 -0500] "GET /cron.php HTTP/1.1" 200 1041 "-" "Mozilla/5.0 (Windows) mirall/2.5.1final (build 20181204) (Nextcloud)"

NextCloud client log of unsuccessful connection (w/ SSO/SAML enabled):

[OCC::WebViewPageUrlSchemeHandler::requestStarted   Got user:  "test_user" , server:  "https://nextcloud.thisismydomain.com"
[OCC::WebViewPage::urlCatched   Got user:  "test_user" , server:  "https://nextcloud.thisismydomain.com"
[OCC::WebViewPage::urlCatched   URL:  "https://nextcloud.thisismydomain.com"
[OCC::OwncloudSetupWizard::slotConnectToOCUrl   Connect to url:  "https://nextcloud.thisismydomain.com"
[OCC::WebFlowCredentials::createQNAM    Get QNAM
[OCC::AccessManager::createRequest  6 "PROPFIND" "https://nextcloud.thisismydomain.com/remote.php/webdav/" has X-Request-ID "dd8cd3fc-dbc6-46d9-af47-99aa27928948"
[OCC::AbstractNetworkJob::start     OCC::PropfindJob created for "https://nextcloud.thisismydomain.com" + "/" "OCC::OwncloudSetupWizard"
[OCC::WebFlowCredentials::slotFinished  request finished
[OCC::WebFlowCredentials::stillValid    Still valid?
[OCC::WebFlowCredentials::stillValid    QNetworkReply::NetworkError(NoError)
[OCC::WebFlowCredentials::stillValid    "Unknown error"
[OCC::PropfindJob::finished     PROPFIND of QUrl("https://nextcloud.thisismydomain.com/remote.php/webdav/") FINISHED WITH STATUS "OK"
[OCC::PropfindJob::finished     *not* successful, http result code is 302 "https://nextcloud.thisismydomain.com/index.php/apps/user_saml/saml/selectUserBackEnd?redirectUrl="
[OCC::OwncloudSetupWizard::slotAuthError    Authed request was redirected to "https://nextcloud.thisismydomain.com/index.php/apps/user_saml/saml/selectUserBackEnd?redirectUrl="

Nextcloud desktop client 2.5.0git from Fedora testing repository gives:

[OCC::WebViewPageUrlSchemeHandler::requestStarted   Got user:  "First+Last" , server:  "https://cloud.example.com"
[OCC::WebViewPage::urlCatched   Got user:  "First+Last" , server:  "https://cloud.example.com"
[OCC::WebViewPage::urlCatched   URL:  "https://cloud.example.com"
[OCC::OwncloudSetupWizard::slotConnectToOCUrl   Connect to url:  "https://cloud.example.com"
[OCC::WebFlowCredentials::createQNAM    Get QNAM
[OCC::AccessManager::createRequest  6 "PROPFIND" "https://cloud.example.com/remote.php/webdav/" has X-Request-ID "0acd2a77-6bbb-4d1a-ae25-ad7e3f6d911b"
[OCC::AbstractNetworkJob::start     OCC::PropfindJob created for "https://cloud.example.com" + "/" "OCC::OwncloudSetupWizard"
[OCC::WebFlowCredentials::slotAuthentication    Requires authentication
[OCC::WebFlowCredentials::slotFinished  request finished
[OCC::WebFlowCredentials::stillValid    Still valid?
[OCC::WebFlowCredentials::stillValid    QNetworkReply::NetworkError(AuthenticationRequiredError)
[OCC::WebFlowCredentials::stillValid    "Host requires authentication"
[OCC::PropfindJob::finished     PROPFIND of QUrl("https://cloud.example.com/remote.php/webdav/") FINISHED WITH STATUS "AuthenticationRequiredError Host requires authentication"
[OCC::PropfindJob::finished     *not* successful, http result code is 401 ""
[OCC::WebFlowCredentials::stillValid    Still valid?
[OCC::WebFlowCredentials::stillValid    QNetworkReply::NetworkError(AuthenticationRequiredError)
[OCC::WebFlowCredentials::stillValid    "Host requires authentication"
[OCC::AbstractNetworkJob::slotTimeout   Network job timeout QUrl("ocs/v2.php/core/navigation/apps")

Still open with Debian Jessie & 14.04 and Apache-Proxy configuration. Sad!

I use nextcloud docker with apache in reverse proxy configuration and I see the same. Clients are arch linux with nextcloud-client 2.5.1

a downgrade on my clientmachine to version 2.3.3 fixed it for the moment.

Dear all,
since yesterday I cannot reestablish connection with my sync client (I removed the old connection and wanted to recreate the original one).
On my desktop PC I use the internal IP of the NC-Server (i.e. 192.168.1.175/nextcloud). The sync client asks me to trust the SSL certificate (since it refers to my fqdn). Normally I would expect to be forwarded to entering my username and an app token password. However, the sync client window stays blank.

When adding the connection and using the fqdn (i.e. example.com/nextcloud) it works seamlessly. The SSL certificate is accepted (since the referred domain matches).

Server: Ubuntu 18.04
Desktop: Ubuntu 18.04
NC: 14.0.4
Client: 2.5.1 (from repository)
2FAA is on.

Edit:
I tried a new connection from my windows machine (client version 2.5.0)
and received the following error msg that was not displayed in ubuntu)
"The web page https://192.168.1.175/nextcloud//index.php/login/flow not available or has been moved.
ERR_CERT_COMMON_NAME_INVALID" (translated from German)

I am experiencing the same problem with SAML activated using nextcloud 15 via Docker.
I tried it with yesterday's daily macOS build (Nextcloud-qt5.9.2-2.5.1.20181218daily.pkg) from https://download.nextcloud.com/desktop/daily/Mac/Installer as well as stable 1.5.0 and 1.5.1

This issue seems to affect only installations using a reverse proxy (nginx, traefik and apache all have been documented here). So is it some missing/malformed HTTP header?

Update: As @dschmidtke mentioned this also applies to installations without a reverse proxy in place.

This issue seems to affect only installations using a reverse proxy (nginx, traefik and apache all have been documented here)

No. I have a simple Debian 9 install with Apache and PHP-FPM pulled from Debian repos. No reverse proxy.

Thank you for clarifying this @dschmidtke
The alternative app token login also hangs after clicking "Grant access". The old desktop client (2.3.3) does not work with SAML so right now I will have to disable SAML altogether. Is there any other way?

I'm reporting the same thing here as well.
I have been using verions 2.3 on a few machines so far.
Today I installed a new Windows machine, and I installed NextCloud Windows client 2.5.1 on it.

And I'm making it point to https://myserver.com/nextcloud
The server configuration is nginx server with php-fpm with php 7.2.
Nextcloud server is 14.0.4.

All of the sudden I got a weird new login flow asking me either to login or to provide an app token.

• If I login, I get stuck after I click "grant", the screen displays "Redirecting ..."
  In the server logs, in verbose mode, I got some "Authentication token bearer not found"

• If I set a token, nothing happens when I click "grant"
  In the server logs, in verbose mode, I got nothing.
  However, if I right click and do a 'view source', Edge opens and shows a page with a 404 error.
  The URL is something like
  https://myserver.com/nextcloud/index.php/login/flow/redirect?clientIdentifier=&stateToken=token

Now I'm using the desktop version 2.3.3.1, it woks fine and I can login properly.

same problem with 14.0.4.2 on freebsd-11.2, just unable to get access after login because some dirty codes make stupid redirections in loop.
please, don't kill nextcloud... instead of go ahead of new versions so quickly (15 allready) unstable with dirty codes, do resolve things and make this stable and clean.

The last one stable and serious version was 12 (with php-5.6... just before you update things and change php major version without informative message around that; who make people un-happy... you remember ?)

Update: I installed the Nextcloud android app and made it point to the same server.
With the android app it works. I didn't try the login, instead I went for the app token.
It worked fined I and got signed in okay.

In the end it's not a server issue, it's the Nextcloud desktop client which has an issue.

@RedKage and if you access from a web browser from a computer (who is not a desktop ui) ?

@jerome-diver
You mean, like, Chrome in responsive mode?
Unfortunately I didn't try.

But I found what made it work for me. I had a hunch that maybe the login flow was using the wrong HTTP scheme.

Lemme explain my config
I had two URLs available to access Nextcloud.
In my 'trusted_domains' key in config.php I had two entries.

  'trusted_domains' => 
  array (
    0 => 'myserver.com:1234',
    1 => 'myserver.com:4567',
  ),
'overwrite.cli.url' => 'https://myserver.com:1234/nextcloud',

Port 1234 is for SSL and port 4567 is for non-ssl
I also have an overwrite cli to make the SSL scheme as default.

In my nginx.conf I have a server block for SSL with

listen 1234 default ssl;
listen [::]:1234 default ssl

In my nginx.conf I have another server block for the non-SSL with

listen 4567;
listen [::]:4567;

What I just did was to:

• comment the trusted_domains 4567 (non-ssl)
• comment the whole server block for non-ssl (with the listen 4567)
• I added an error_page 497 https://$host:1234$request_uri; in my server block for SSL
• I didn't change the overwrite cli

Now the desktop client could successfully login using the app token method.
Very strange.
Because if the wrong scheme was the issue, then it should've failed on the android client as well. I guess. Unless the android client's webview , like, 'forces' the HTTPS URL whereas Edge on desktop sometimes gets mixed up with my HTTP port. No idea.

it is not because you android web client is working that any other client web ui should work.
That is exactly why i asked you if you allready try to access from a web-browser (and specifically firefox and chrome or midory) to check that.
(there is nothing relative with "responsive mode there in my question, but ok yes, try it on web browser from your phone, nevermind if the html/css page is or not responsive

Also, to create a block for each sub directory (http(s)://blbla.com/nextcloud) or not (http(s):blablabla.com/) for access nextcloud should works (the config just change a bit on nginx, but the newtcoud official manual documentation give examples for each way to access nextcloud on nginx.

My way is to get cloud.blablabla.com to be rooted with nginx on server side to nextcloud, then www.blablabla.com on my rails web site, mail.blablabla.com to my postfix mail server, etc... (DNS redirect on same IP, but nginx recognize the domain name is different and do the job.
So i think that (and also because i see many people ask for same problem with nextcloud) maybe the code of nextcloud as problem with his redirection for specific server AND web engine. (maybe not)
But in fact, the same config for nextcloud-12 is just... working.

so... i suspect nextcloud-14 code (also, i have no debug message relevent on nginx log, or nextcloud logs)..

@jerome-diver Okay I see

So yeah, I did try to log in from Chrome on Android before I fixed my issue with removing the non-ssl and all that stuff.
And yes at that time it did work fine. It was actually how I generated my app token for the Nextcloud client on android: I was using Chrome on mobile at that time to acces the admin backend and generate a token.
It worked

@RedKage coudl you pastebin your nginx.conf file please ? (and your nextcloud version)
normally there is nothing in relation with non-ssl block redeirect to ssl block...
also nextcloud manual provide nginx conf example, and it should works...

@jerome-diver
It's been a while since I made my .conf files, I made them for ownCloud 9 at the time.

My server is

• NextCloud 14.0.4
• nginx 1.14.1
• php-fpm 7.2.12

Here are my conf file BEFORE when I could not login with the new login flow on desktop
https://pastebin.com/pLx9NNpG
https://pastebin.com/3qWvkj9b

Here are my conf files AFTER I removed the non-SSL and now login works on Windows
https://pastebin.com/9X6BqCCF
https://pastebin.com/i3mVDts1

Here is the nginx conf file for Nextcloud, it didn't change
https://pastebin.com/JzD3Afiy

Problem is solved for me on Android with latest Nextcloud Dev Client from FDroid. No more infinite redirects, login (with username and password) succeeds. For the record: Did not change anything on the server side (Debian 9, Apache, PHP-FPM), so it appears to be a client issue. Hope to see an updated dev client version for Debian/Ubuntu soon!

Adding to my previous comment: the latest stable Nextcloud client from FDroid (version 3.4.1 of Dec 23, 2018) works as well. No need to use the developer version.

@dschmidtke For my company this problem only ever occurs in the Desktop clients. Can you check against the latest destop clients as well?

@dschmidt you didn't read my post, because if it was a "client issue", then the web browser would works... and all of mine failed with this loop unaccessible redirection on app/files.

@RedKage thank you for post your working configuration i will soon as possible double (triple) check in/compare with mine That should help me.

• When you writed "on windows", what does it mean ? Do you tryed from Internet explorer from Windows OS or Firefox (which version of firefox, there is many change from versions there)? (not the same browser engine between firefox and IE,, and i can not try on Windows OS as long as i don't want to install some commercial-bloated OS around me to be able to have a quiet and private life)
• Also, how can it works ? I not understand because your server provide SSL on port 8335, but your nextcloud application server side ask for connection on 4567 or 1234... are you sure it works like that ? How is it possible ?
• I see you use nextcloud application call with a sub-directory server configuration.
• If i delete all the http server side for nextcloud catch, it doesn't work more (but by the time, wich logic should be that a simple redirection from http to https able to break an application access ?).

This is my configurations files (Nginx side and nextcloud application config.php)
gist github link

thank you

@dschmidtke For my company this problem only ever occurs in the Desktop clients. Can you check against the latest destop clients as well?

As I said, the problem is fixed for me only in Android. The desktop client for Linux does not work here, same goes for the Windows 10 desktop client. Both of them are still on version 2.5.1, which gave me redirects, while the Android version was updated 4 days ago and redirection was fixed for me.

"The latest desktop clients", well, I tried to download the latest "daily" build for Win 10, but the Windows Defender detected a virus. False alarm or not, I stopped there, wondering why the latest daily was of 2018-12-11 ... and then - nothing. Very strange. @camilasan: is there a problem?

@dschmidtke there is also a "web client" (this was from long time the original access) where you can access from (just indicate the address of your server who redirect on your Nextcloud application).

Could you try to access Nextcloud from your web browser (IE or Firefox or Chromium or Opera... just indicate it, (from Windows or Linux anyway) please ?

@RedKage said it can now access from web client, but when i read his config files, i can see that it is not possible to access a service where the access port is not indicate the same from application side and from server config side... it is just impossible this way.

@jerome-diver, the problems I reported concern the dedicated Nextcloud client software (tried Android, Ubuntu and Win10 clients). I never reported any problems logging in from the browser. Please do not mix things.

@dschmidtke the subject, here, is: "Webflow Login Stuck on "Redirecting""
i not mix nothing. I just asked you if you could help on this.
Your are not alone to have problems...
but ok, i should open a new issue thread (and you should do it also, because we are together out of topic here).
So please, don't be so rude.

@jerome-diver: The OP reported an error stating "Nextcloud client" not "browser", see "details". So I guess I am on topic. Maybe you misunderstood the terminology "webflow". Nextcloud switched to a new login flow using a webview, and since I am not rude, I provide you with a link.

@dschmidtke the nextcloud client is in the detail, not in the title.
Question for you can understand my point of view:

1. Does a "webflow" can occur with web client connection ?
2. In case of webflow problem, does it make sens to understand if this is related with only desktop client or also with web browser client or any other ?

(your link doesn't remove the web ui from subject)

Is it so stupid to check something for add an indication about access login ? And for help someone ? And why ?
I can not understand your idea on that point... that is why i'm thinking you was rude (but ok, maybe you didn't want to be... i not said that you WANT to be rude, i said that you was rude, because i feel it like that for all of these reasons).

Nevermind, i want to think that your choice is to try to help (i want it to), and i'm sure you will also show it by facts.
Please just don't loose your time to try to trash me. If you don't want to give 2 minutes in your life to open your web browser and try to login from there, nevermind... but don't loose more time for answer to me then.

thank you very much for your participation to test things there.

(PS, i do open also an other one issue for more precision on my problem)

Hello @jerome-diver,

• When you writed "on windows", what does it mean ? Do you tryed from Internet explorer from Windows OS or Firefox (which version of firefox, there is many change from versions there)? (not the same browser engine between firefox and IE,, and i can not try on Windows OS as long as i don't want to install some commercial-bloated OS around me to be able to have a quiet and private life)

I meant in Windows with the Nexcloud client. On Windows in a browser (any browser, Chrome, Vivaldi, Edge, IE), it always worked fine. Only the webview inside the Nextcloud client was bugged for me. Sorry that was unclear!

My hunch is that Edge inside a webview component (webbrowser control) react differently than the real Edge browser. This was already the case with IE if I recall, its webbrowser control had more restrictions than the real IE browser.

• Also, how can it works ? I not understand because your server provide SSL on port 8335, but your nextcloud application server side ask for connection on 4567 or 1234... are you sure it works like that ? How is it possible ?

Sorry about that, there was a copy/paste error from me. It is ports 1234 for SSL and 4567 for non-ssl.
I have update the pastbins.

@RedKage ok i understand better now.
So i should have a problem with something (maybe php.ini config file) in relation with my web server then.
I also tryed to access from android client and i failed to access.
thank you for your help.

Same problem here. But I found a work round.
This issue has been there for well over a year. Up to recently I used the old OwnCloud client instead.
Ubuntu 18.04 / NextCloud 14.0.4 (stable) / https (virtual host) / Apache 2.4.18 / NC Desktop 2.5.1 (final)

After "Grant Access" gets stuck at "Redirecting..." Back button active.

Tried on two different machines on two different networks, exactly the same.

Note: Web client works perfectly.

Work round:
First, in the web client - Settings : Personal : Security
At the bottom of the page "Nextcloud" for app name then "Create new app password" then paste the resulting key into the "Alternative log in using app token" during the "Connect to your account" page in the Desktop client, then "Grant Access".

Could I get another test account on an affected system. That makes debugging a bit easier.

https:// nextcloud apple cropwell pear net
remove spaces and replace fruit with dots
User Debug, password DaftPassword. Account will be deleted at my leisure.

I encounter the same issue with Nextcloud 14.0.4 on Apache with FPM, PHP 7.2. Linux client version 2.5.1.
It only happens if the username contains a space.

I get the following messages in the nextcloud log:

{"reqId":"eRrdyOEfDIxTUmWF5yaW","level":2,"time":"2019-01-04T21:38:21+00:00","remoteAddr":"***.***.***.***","user":"--","app":"core","method":"PROPFIND","url":"\/remote.php\/webdav\/","message":"Login failed: 'test+user' (Remote IP: '***.***.***.***')","userAgent":"Mozilla\/5.0 (Linux) mirall\/2.5.1git (Nextcloud)","version":"14.0.4.2"}
{"reqId":"7ItATS57gBHi7tgJSUr8","level":2,"time":"2019-01-04T21:38:22+00:00","remoteAddr":"***.***.***.***","user":"--","app":"core","method":"PROPFIND","url":"\/remote.php\/webdav\/","message":"Login failed: 'test+user' (Remote IP: '***.***.***.***')","userAgent":"Mozilla\/5.0 (Linux) mirall\/2.5.1git (Nextcloud)","version":"14.0.4.2"}

[EDIT]

Client Log:

[OCC::WebFlowCredentials::createQNAM    Get QNAM
[OCC::AccessManager::createRequest  6 "PROPFIND" "https://example.ch/remote.php/webdav/" has X-Request-ID "9dca2d42-9086-42aa-bffc-cf22f623c3c0"
[OCC::AbstractNetworkJob::start     OCC::PropfindJob created for "https://example.ch" + "/" "OCC::OwncloudSetupWizard"
[OCC::WebFlowCredentials::slotAuthentication    Requires authentication
[OCC::WebFlowCredentials::slotFinished  request finished
[OCC::WebFlowCredentials::stillValid    Still valid?
[OCC::WebFlowCredentials::stillValid    QNetworkReply::NetworkError(AuthenticationRequiredError)
[OCC::WebFlowCredentials::stillValid    "Host requires authentication"
[OCC::PropfindJob::finished     PROPFIND of QUrl("https://example.ch/remote.php/webdav/") FINISHED WITH STATUS "AuthenticationRequiredError Host requires authentication"
[OCC::PropfindJob::finished     *not* successful, http result code is 401 ""
[OCC::WebFlowCredentials::stillValid    Still valid?
[OCC::WebFlowCredentials::stillValid    QNetworkReply::NetworkError(AuthenticationRequiredError)
[OCC::WebFlowCredentials::stillValid    "Host requires authentication"

I hope this is helpful to fix the issue.

When I try to log in, I am able to get past "Redirecting", but I am taken to a blank page with a blue loading bar which fills up all the way, and then nothing happens.

Client OS: Arch Linux

@the-moog I'm a bit puzzled as I just tried it locally with your server and It works as advertised for me.

@the-moog I'm a bit puzzled as I just tried it locally with your server and It works as advertised for me.
@rullzer - @mawit says it only happens with spaces in user names. I've created another user.
'Debug User', same password, same server, try that.

@J-A-M thanks I'll check again

Ok I can trigger it now. Let me see why.

It only happens if the username contains a space.

Wow, the Whitespace is the troublemaker, nothing but some simple encoding stuff? Anyway, can confirm that my Username has a whitespace.

Ah I got it. I'll prepare a patch..

So yes. QUrl does things slightly different with + (space). Patch will be incomming. Thanks for the help debugging all!

Glad to be of help.

I think we have multiple issues related to the client getting stuck on "redirecting". My username doesn't have spaces. For me, this issue only happens when the SAML app is enabled. @dj-hedgehog also reported this issue with SAML enabled.

@rullzer @Fug1 Indeed. I never used spaces in usernames and still experience this problem. I can set up a demo instance for you sometimes this week with SAML enabled. Please re-open this issue!

@dj-hedgehog please do. thanks!

When I try to log in, I am able to get past "Redirecting", but I am taken to a blank page with a blue loading bar which fills up all the way, and then nothing happens.

Client OS: Arch Linux

Looks similar to my problem (#960)

Hey all!

I'm also being affected by similar behaviour.

Trying to log in with nextcloud-client on Ubuntu results in endless login loop when trying to 'Grant Access'.
Also, I tried the workaround as suggested by @the-moog, using the alternative app token pass, but unfortunately that also doesn't work since it seems Nextcloud seems to forget the full server URL when logging in.

I've tried both the latest nextcloud-client from the official PPA and the latest appImage from the website.
I'm using Ubuntu 18.04.1 LTS.
Also, I was able to use nextcloud in my previous Ubuntu LTS, 16.04 LTS, and at this very moment people using 16.04 LTS are able to connect to the very same server, using the nextcloud-client available from the PPA for 16.04 LTS.

Here are some details from the logs.

This is the "normal login" loop that I got into:
[OCC::DetermineAuthTypeJob::checkBothDone Auth type for QUrl("https://koma-server/nextcloud/remote.php/webdav/") is 3 [OCC::WebViewPage::initializePage Url to auth at: "https://koma-server/nextcloud/index.php/login/flow" [unknown Mixed Content: The page at 'https://koma-server/nextcloud/index.php/login/flow/redirect?clientIdentifier=&stateToken=BwsScoRkVet5M8Rujck0TJsFQ9KCzLGq7OOgsyWYDLLWscF0ANGkizock5xQwwbv' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://koma-server/nextcloud/index.php/login/flow'. This endpoint should be made available over a secure connection. [unknown Mixed Content: The page at 'https://koma-server/nextcloud/index.php/login/flow/redirect?clientIdentifier=&stateToken=BwsScoRkVet5M8Rujck0TJsFQ9KCzLGq7OOgsyWYDLLWscF0ANGkizock5xQwwbv' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://koma-server/nextcloud/index.php/login/flow'. This endpoint should be made available over a secure connection. [unknown Mixed Content: The page at 'https://koma-server/nextcloud/index.php/login/flow/redirect?clientIdentifier=&stateToken=u6deM3c4X2eSDhPNknSVRIXYm8zaju90XK6br9JqDx5qjXCncjCo6A5SdNkUUvr1' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://koma-server/nextcloud/index.php/login/flow'. This endpoint should be made available over a secure connection.

I have tried connecting to both http:// and https:// with no avail.

Afterwards, using the app token results in the client telling:
No connection to Nextcloud at https://koma-server. Server replied "404 Not Found" to "PROPFIND https://koma-server/remote.php/webdav/"

The issue to me seems to be, that the full URL "http://koma-server/nextcloud" has become "http://koma-server" which surely doesn't respond.

The forgetting seems be happening straight after giving the access token:
[OCC::WebViewPageUrlSchemeHandler::requestStarted Got user: "otto" , server: "https://koma-server" [OCC::WebViewPage::urlCatched Got user: "otto" , server: "https://koma-server" [OCC::WebViewPage::urlCatched URL: "https://koma-server/nextcloud" [OCC::OwncloudSetupWizard::slotConnectToOCUrl Connect to url: "https://koma-server" [OCC::WebFlowCredentials::createQNAM Get QNAM [OCC::AccessManager::createRequest 6 "PROPFIND" "https://koma-server/remote.php/webdav/" has X-Request-ID "64722023-d085-4c7c-bfaf-fd853d7104a3" [OCC::AbstractNetworkJob::start OCC::PropfindJob created for "https://koma-server" + "/" "OCC::OwncloudSetupWizard"

Find attached the full log-file.
nextcloud-login.log

Same issue here. It does not only affect the sync client, but also sync of caldav or cardav with kdepim. Is there a workaround for the failed SAML authentication?
For the nextcloud client I get:
I get: [OCC::AbstractNetworkJob::start OCC::SimpleNetworkJob created for "https://example.org/nextcloud" + "" "OCC::Account"
[OCC::DetermineAuthTypeJob::checkBothDone Auth type for QUrl("https://example.org/nextcloud/remote.php/webdav/") is 3
[OCC::WebViewPage::initializePage Url to auth at: "https://example.org/nextcloud/index.php/login/flow"
Now if one takes that URI and copies it into the browser, firefox shows "invalid request". No, I have no whitespace user name.

I've identified the exact error that needs to be added into the code touched in https://github.com/nextcloud/desktop/pull/758 to fix this problem for cert issues.

Also, you should enable logging of the error number somehow. To capture something that users can report to you. See qwebengine error info

This is a showstoppper for anyone relying on direct private IP access to a publicly accessible service. And yes, it is a showstopper.

I have the same problem.

I can see that the problem has been solved, but the next release hasn't been published, does it? The problem should be fixed in version 2.5.2. Am I right? When is it going to be released?

Hey community!
Any news with this one? Still heavily affected by the bug, and can't log in from the client.
I don't know if it's bad conduct and restless bumping a topic like this, but I thought it wouldn't hurt.

For me it was solved by using app passwords.

I'm pretty sure that I am hit by the issue with spaces in the user name. See https://github.com/nextcloud/desktop/pull/1001, which is not yet released.

Our usernames don't have spaces in the names but we use ldap. We solved it by downgrading to a previous version.

For me it was solved by using app passwords.

Are you referring to App Tokens? If so, I tried it but somehow the login flow seemed to forget the server URL in the process and thus the connection wasn't successful. (See my earlier post from Jan 9th for more details)

Our usernames don't have spaces in the names but we use ldap. We solved it by downgrading to a previous version.

Yep, no spaces here neither. Haven't tried downgrading to an earlier version though! Which version did you fall back to?

Thanks for the posts everyone!

... We solved it by downgrading to a previous version.

... Haven't tried downgrading to an earlier version though! Which version did you fall back to?

Ah, nevermind. Seems Ubuntu 18.04 Bionic only has one version available which is the one I have..
https://launchpad.net/~nextcloud-devs/+archive/ubuntu/client?field.series_filter=bionic

I guess downgrading is also not an option! Back to square one..

I'm pretty sure that I am hit by the issue with spaces in the user name. See #1001, which is not yet released.

Me too, username with spaces caused the trouble. On my Ubuntu desktop, the beta version of the Nextcloud Client from the offcial beta ppa fixed this bug. The current version number is 2.5.2git. On Android, I am using stable 3.50 from the F-Droid store and it works as well. Dunno about the Windows client, though.

... We solved it by downgrading to a previous version.

... Haven't tried downgrading to an earlier version though! Which version did you fall back to?

Ah, nevermind. Seems Ubuntu 18.04 Bionic only has one version available which is the one I have..
https://launchpad.net/~nextcloud-devs/+archive/ubuntu/client?field.series_filter=bionic

I guess downgrading is also not an option! Back to square one..

I elected to install the snap that is available of 2.3.3. It works ok, except it refuses to launch at login.

NC snap client info

This issue can be closed as the new 2.5.2 solved the issue and it has been deployed to the ppa as well.

Hey hey!
I tried to 2.5.2. available from the ppa:nextcloud-devs/client, but nothing seems to be different from last time.
I can connect to our nextcloud server through my webbrowser, but not through the client.
I'm experiencing identical behaviour as described in my message from Jan 9.
I've tried logging through our server with http, https, and with the alternative app token way.
Both the normal http and https logins get stuck in an eternal login loop and the alternative app token - it seems to me - is forgetting the address in the meawhile ( "https://koma-server/nextcloud/remote.php" becomes "https://koma-server/remote.php/webdav/" ).

So, all in all, still stuck.. :/

@01tot10 try to upgrade your nextcloud. It seems you are still on 13.0.4

@01tot10 try to upgrade your nextcloud. It seems you are still on 13.0.4

Thanks for the reply!

Hmm, I think I should be on the latest ver!

My nextcloud client is installed from ppa:nextcloud-devs/client for Ubuntu 18.04
apt-cache policy nextcloud returns

nextcloud-client:
Installed: 2.5.2-20190319.015224~bionic1
Candidate: 2.5.2-20190319.015224~bionic1
Version table:
* 2.5.2-20190319.015224~bionic1 500
500 http://ppa.launchpad.net/nextcloud-devs/client/ubuntu bionic/main amd64 Packages
100 /var/lib/dpkg/status

nextcloud --version returns

Nextcloud version 2.5.2git
Using Qt 5.9.5, built against Qt 5.9.5
Using 'OpenSSL 1.1.0g 2 Nov 2017'

As far as I'm concerned this should be the newest version!

Hey,

we've just released 2.6.1 RC1 which is built with Qt 5.12.5 and OpenSSL 1.1.1d on all platforms, so it features TLS 1.3 :-)

You may give it a try:
https://github.com/nextcloud/desktop/releases/tag/v2.6.1-rc1

Login (and client SSL certificates support) was fixed in the 2.6.0 release - but not with the WebView component, shown own your screenshots. Sadly the Qt webview has a lot of issues. That's why we implemented the new Login Flow v2 in v2.6.0 which is supported from NC server 16.x and up.

Closing this because of inactivity while the issue should by solved by using client version 2.6 in conjunction with a more recent Nextcloud server version 16 or higher (security!) ;-)

No, it is not in relation with nextcloud client maybe. It does happen also on web ui. It is nextcloud server. As long as no one find the solution, it is useless to close an issue not resolved.

No, it is not in relation with nextcloud client maybe. It does happen also on web ui. It is nextcloud server. As long as no one find the solution, it is useless to close an issue not resolved.

@jerome-diver If I get your comment right: In this case you should open a server issue: https://github.com/nextcloud/server/issues