Keepass2android: HTTP WebDav issue unsupported auth scheme

Created on 22 Sep 2017  路  12Comments  路  Source: PhilippC/keepass2android

fist: thanks for moving to github! much apperciated.

is there an update on that issue here? https://keepass2android.codeplex.com/workitem/664
as i cannot use keepass2android anymore since i turned on TOTP/2FA/Two-Factor-Authentication in NextCloud :-(

enhancement

Most helpful comment

@kosli: thanks a lot! Might take a few weeks until I work on this, but hopefully can include it in the next release!

All 12 comments

as mentioned on Codeplex, I cannot work on this without an account for testing.

a hint: if just any WebDAV-account for testing is needed, you can get one at https://demo.nextcloud.com/ and then under settings you can create an app-password or even install the TOTP-app afterwards.

@PhilippC Sorry I missed your comment! Happy to provide you an account. Can you provide me a contact email address?
(Thank you for the new release of Keepass2android, that triggered me to check what happened with the issue here :-))

@kosli thanks for the offer, can you send credentials to [email protected]? Thanks!

@PhilippC check your mail. thank you.

@kosli: thanks a lot! Might take a few weeks until I work on this, but hopefully can include it in the next release!

I'm in the same boat as Kosli, currently having to sync the file within the Nextcloud app and then open the local file via Keepass2Android which is not ideal given the ability within K2A to sync exists. If you need any help testing @PhilippC I'm more than happy to assist.

I was able to reproduce the error thanks to @kosli. I was also able to fix this error by generating an "App password", so there seems no action required on the KP2A side.

now i am puzzled, i thought i always tried it with a app specific password and that there it didn't work. but obviously it works, even when i tried it right now. thank you very much for your tests and confirmation. so i can delete your account?

@PhilippC: i tried it on another nextcloud instance where i have TOTP activated, but there it doesn't seem to work with the app specific password. the file seems to get downloaded, but when i enter the password and press on unlock i get the following error message overlay:
An error occured: Expected ':status' header not present.
any idea? the difference to that server is that the user authentication is handled by LDAP, but that should have any influence on the app specific passwords,as with other applications/clients it works.

@kosli please upgrade to the beta channel. You are now experiencing issue #44 which has been fixed already.

Was trying to figure out why I randomly see this issue myself this is what I found:

Nextcloud has a bad habit of invalidating App Passwords, if this happens in keepass2android you will see the unsupported auth scheme error.

  • If you change you master password all your app passwords are automatically invalidated
  • If you're using external authentication and that times out it invalidates all you app passwords i.e. I have IMAP auth and my server was rebooting and a DavDroid poll caused my app passwords to invalidate.
Was this page helpful?
0 / 5 - 0 ratings

Related issues

Erwyn picture Erwyn  路  4Comments

DonPavlov picture DonPavlov  路  4Comments

tgp1994 picture tgp1994  路  4Comments

metafarion picture metafarion  路  5Comments

jyf007 picture jyf007  路  6Comments