ocis: OCIS desktop client does not reconnect automatically (OIDC)
Describe the bug
A clear and concise description of what the bug is.
After a while, the windows desktop client needs sign out and relogin and re-validate the link in the browser for authentication
Expected behavior
A clear and concise description of what you expected to happen.
I expect the client to stay connected all the time (similar behaviour as say nextcloud client), or at least to reconnect after pressing “Reconnect” button.
Actual behavior
A clear and concise description of what happened.
Client is not connected, it needs logging out, then relogin and vaildate the link in the browser. This happens every other 12 hours or upon pc restart.
Setup
Im using authelia with oidc for all 3 clients (web, desktop and android app). Domain handled via caddy v2. My working docker compose:
owncloud:
container_name: owncloud
hostname: owncloud
image: owncloud/ocis:latest
profiles:
- private
networks:
- ownmedia
entrypoint:
- /bin/sh
command: ["-c", "ocis init || true; ocis server"]
environment:
DEMO_USERS: "false"
PROXY_TLS: "false"
OCIS_INSECURE: "false"
OCIS_URL: ${OCIS_URL}
PROXY_HTTP_ADDR: ${OCIS_PROXY_HTTP_ADDR}
OCIS_LOG_LEVEL: info
OCIS_LOG_COLOR: "true"
OCIS_LOG_PRETTY: "true"
OCIS_LOG_TIMEZONE: ${TZ}
OCIS_OIDC_ISSUER: ${OCIS_OIDC_ISSUER}
WEB_OIDC_CLIENT_ID: ${OCIS_WEB_OIDC_CLIENT_ID}
PROXY_OIDC_REWRITE_WELLKNOWN: "true"
PROXY_OIDC_ACCESS_TOKEN_VERIFY_METHOD: none
expose:
- 9200
volumes:
- ${CONFIGDIR}/ownCloud/config:/etc/ocis
- ${CLOUDDIR}/owncloud:/var/lib/ocis
restart: unless-stopped
Web and android work as expected, I get re-auth issues only for desktop.
oidc setup for desktop:
- id: xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69
description: ownCloud desktop client
public: false
secret: 'UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh'
consent_mode: pre-configured
pre_configured_consent_duration: 2M
audience: [xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69]
scopes:
- openid
- groups
- profile
- email
- offline_access
redirect_uris:
- http://127.0.0.1
- http://localhost
Additional context
Add any other context about the problem here.
Logs from the client, as soon as the pc is booted up (thus no connection). “placeholder” is used to sub my domain
23-02-26 12:46:29:800 [ info sync.clientproxy ]: Set proxy configuration to use system configuration
23-02-26 12:46:29:816 [ info gui.folder.manager ]: Schedule folder "C:/Users/placeholder/ownCloud/Personal/" to sync!
23-02-26 12:46:29:816 [ info gui.folder.manager ]: Folder is not ready to sync, not scheduled!
23-02-26 12:46:29:816 [ info gui.folder.manager ]: Schedule folder "C:/Users/placeholder/ownCloud/Shares/" to sync!
23-02-26 12:46:29:816 [ info gui.folder.manager ]: Folder is not ready to sync, not scheduled!
23-02-26 12:46:29:816 [ warning gui.account.state ]: checkConnectivity blocking: false
23-02-26 12:46:29:816 [ debug sync.credentials.http ] [ OCC::HttpCredentials::fetchUser ]: user already set, no need to fetch from settings
23-02-26 12:46:29:816 [ info sync.credentials.manager ]: get "ownCloud_credentials:cloud.placeholder.net:ec236fb1-f60d-4d55-80cb-0f5f5157c118:http/oauthtoken"
23-02-26 12:46:29:816 [ debug sync.connectionvalidator ] [ OCC::ConnectionValidator::checkServer ]: Checking server and authentication
23-02-26 12:46:29:816 [ debug sync.connectionvalidator ] [ OCC::ConnectionValidator::checkServer ]: Trying to look up system proxy
23-02-26 12:46:29:816 [ info gui.socketapi ]: New connection QLocalSocket(0x2323fbb5b20)
23-02-26 12:46:29:816 [ info gui.socketapi ]: Sending SocketAPI message --> "REGISTER_PATH:C:\\Users\\placeholder\\ownCloud" to QLocalSocket(0x2323fbb5b20)
23-02-26 12:46:29:816 [ debug sync.networkjob.jobqueue ] [ OCC::JobQueue::block ]: block: 1 "statusquo@cloud.placeholder.net"
23-02-26 12:46:29:816 [ debug sync.credentials.oauth ] [ OCC::AccountBasedOAuth::refreshAuthentication ]: fetching dynamic registration data
23-02-26 12:46:29:816 [ info sync.credentials.manager ]: get "ownCloud_credentials:cloud.placeholder.net:ec236fb1-f60d-4d55-80cb-0f5f5157c118:http/clientSecret"
23-02-26 12:46:29:816 [ debug sync.credentials.oauth ] [ OCC::AccountBasedOAuth::refreshAuthentication::::operator() ]: fetched dynamic registration data successfully
23-02-26 12:46:29:816 [ debug sync.credentials.oauth ] [ `anonymous-namespace'::logCredentialsJobResult ]: credentials job has finished
23-02-26 12:46:29:816 [ critical sync.credentials.oauth ]: Failed to read client id ""
23-02-26 12:46:29:816 [ debug sync.credentials.oauth ] [ OCC::AccountBasedOAuth::fetchWellKnown ]: starting CheckServerJob before fetching "/.well-known/openid-configuration"
23-02-26 12:46:29:832 [ info sync.connectionvalidator ]: No system proxy set by OS
23-02-26 12:46:30:004 [ info sync.checkserverjob ]: status.php returns: QJsonDocument({"edition":"Community","installed":true,"maintenance":false,"needsDbUpgrade":false,"product":"Infinite Scale","productname":"Infinite Scale","productversion":"2.0.0+5ad8e283b","version":"10.11.0.0","versionstring":"10.11.0"}) QNetworkReply::NoError Reply: QNetworkReplyHttpImpl(0x2323f9ceb50)
23-02-26 12:46:30:004 [ debug sync.credentials.oauth ] [ OCC::AccountBasedOAuth::fetchWellKnown::::operator() ]: CheckServerJob succeeded, fetching "/.well-known/openid-configuration"
23-02-26 12:46:30:004 [ debug sync.credentials.oauth ] [ OCC::OAuth::fetchWellKnown ]: fetching "/.well-known/openid-configuration"
23-02-26 12:46:30:004 [ info sync.checkserverjob ]: status.php returns: QJsonDocument({"edition":"Community","installed":true,"maintenance":false,"needsDbUpgrade":false,"product":"Infinite Scale","productname":"Infinite Scale","productversion":"2.0.0+5ad8e283b","version":"10.11.0.0","versionstring":"10.11.0"}) QNetworkReply::NoError Reply: QNetworkReplyHttpImpl(0x2323fbcda60)
23-02-26 12:46:30:004 [ info sync.connectionvalidator ]: ** Application: ownCloud found: QUrl("https://cloud.placeholder.net/") with version "10.11.0"
23-02-26 12:46:30:004 [ debug sync.connectionvalidator ] [ OCC::ConnectionValidator::reportResult ]: OCC::ConnectionValidator::CredentialsNotReady
23-02-26 12:46:30:004 [ info gui.account.state ]: AccountState connection status change: OCC::ConnectionValidator::Undefined -> OCC::ConnectionValidator::CredentialsNotReady
23-02-26 12:46:30:191 [ debug sync.credentials.oauth ] [ OCC::OAuth::fetchWellKnown::::operator() ]: parsing .well-known reply successful, auth endpoint QUrl("https://auth.placeholder.net/api/oidc/authorization") and token endpoint QUrl("https://auth.placeholder.net/api/oidc/token") and registration endpoint QUrl("")
23-02-26 12:46:30:191 [ debug sync.credentials.oauth ] [ OCC::AccountBasedOAuth::refreshAuthentication::::()::::operator() ]: registration endpoint not provided or empty: QUrl("")
23-02-26 12:46:30:289 [ debug sync.credentials.http ] [ OCC::HttpCredentials::fetchUser ]: user already set, no need to fetch from settings
23-02-26 12:46:30:289 [ info sync.account ]: Clearing cookies
23-02-26 12:46:30:305 [ info sync.credentials.manager ]: del "ownCloud_credentials:cloud.placeholder.net:ec236fb1-f60d-4d55-80cb-0f5f5157c118:http/oauthtoken"
23-02-26 12:46:30:305 [ info sync.credentials.manager ]: removed "ownCloud_credentials:cloud.placeholder.net:ec236fb1-f60d-4d55-80cb-0f5f5157c118:http/oauthtoken"
23-02-26 12:46:32:809 [ info gui.updater ]: Checking for available update
23-02-26 12:46:32:995 [ info gui.updater ]: Version info arrived: Your version: 3.2.0.10193 Skipped version: Available version: "" Available version string: "" Web url: "" Download url: ""
23-02-26 12:46:32:995 [ info gui.updater ]: No version information available at the moment
23-02-26 12:47:31:806 [ warning gui.account.state ]: checkConnectivity blocking: false
23-02-26 12:48:33:802 [ warning gui.account.state ]: checkConnectivity blocking: false
23-02-26 12:49:35:811 [ warning gui.account.state ]: checkConnectivity blocking: false
23-02-26 12:50:37:816 [ warning gui.account.state ]: checkConnectivity blocking: false
23-02-26 12:51:39:813 [ warning gui.account.state ]: checkConnectivity blocking: false
23-02-26 12:52:41:804 [ warning gui.account.state ]: checkConnectivity blocking: false
23-02-26 12:53:43:813 [ warning gui.account.state ]: checkConnectivity blocking: false
23-02-26 12:54:08:707 [ info gui.socketapi ]: New connection QLocalSocket(0x2323f8898b0)
23-02-26 12:54:08:707 [ info gui.socketapi ]: Sending SocketAPI message --> "REGISTER_PATH:C:\\Users\\placeholder\\ownCloud" to QLocalSocket(0x2323f8898b0)
23-02-26 12:54:08:707 [ info gui.socketapi ]: Sending SocketAPI message --> "REGISTER_PATH:C:\\Users\\placeholder\\ownCloud" to QLocalSocket(0x2323fbb5b20)
23-02-26 12:54:45:815 [ warning gui.account.state ]: checkConnectivity blocking: false
23-02-26 12:55:30:771 [ warning default ]: OpenType support missing for "MS Shell Dlg 2", script 20
23-02-26 12:55:30:771 [ warning default ]: OpenType support missing for "Arial", script 20
23-02-26 12:55:30:772 [ warning default ]: OpenType support missing for "MS UI Gothic", script 20
23-02-26 12:55:30:772 [ warning default ]: OpenType support missing for "SimSun", script 20
23-02-26 12:55:33:958 [ info gui.socketapi ]: Received SocketAPI message <-- "RETRIEVE_FILE_STATUS:C:\\Users\\placeholder\\ownCloud" from QLocalSocket(0x2323fbb5b20)
23-02-26 12:55:33:958 [ info gui.socketapi ]: Sending SocketAPI message --> "STATUS:NOP:C:\\Users\\placeholder\\ownCloud" to QLocalSocket(0x2323fbb5b20)
23-02-26 12:55:38:206 [ info gui.socketapi ]: New connection QLocalSocket(0x2323fd276a0)
23-02-26 12:55:38:206 [ info gui.socketapi ]: Sending SocketAPI message --> "REGISTER_PATH:C:\\Users\\placeholder\\ownCloud" to QLocalSocket(0x2323f8898b0)
23-02-26 12:55:38:206 [ info gui.socketapi ]: Sending SocketAPI message --> "REGISTER_PATH:C:\\Users\\placeholder\\ownCloud" to QLocalSocket(0x2323fbb5b20)
23-02-26 12:55:38:206 [ info gui.socketapi ]: Sending SocketAPI message --> "REGISTER_PATH:C:\\Users\\placeholder\\ownCloud" to QLocalSocket(0x2323fd276a0)
23-02-26 12:55:38:207 [ info gui.socketapi ]: Received SocketAPI message <-- "V2/GET_CLIENT_ICON:{\"arguments\":{\"size\":16},\"id\":\"0\"}" from QLocalSocket(0x2323fd276a0)
23-02-26 12:55:38:207 [ debug gui.socketapi ] [ OCC::SocketApi::command_V2_GET_CLIENT_ICON ]: void __cdecl OCC::SocketApi::command_V2_GET_CLIENT_ICON(const class QSharedPointer<class OCC::SocketApiJobV2> &) const got icon from theme: QIcon(availableSizes[normal,Off]=(QSize(128, 128)),cacheKey=0x200000000)
23-02-26 12:55:38:208 [ info gui.socketapi ]: Sending SocketAPI message --> "V2/GET_CLIENT_ICON_RESULT:{\"arguments\":{\"png\":\"iVBORw0KGgoAAAANSUhEUgAAABAAAAAQCAYAAAAf8/9hAAAACXBIWXMAAA7EAAAOxAGVKw4bAAABqElEQVQ4jZ2Sz0uTcRzHX9/Hx/n4hG1uurCh0zFB0REeVPyRxCCCMDwmeNhBvIj/QHTQczDGjiIR3iSNDkEFCupG7pDlQSEoEgxT6jA2nyny+MVvh6Ahz4i59/XD+/V5vz98BLdG2nSXvqhgQAh0ypBSSAEZacuY0JujKQR3yzE6SaRFVXP0otzNpZJolZoBhEDXSg1c1TrTsTG2383zZGbivxDH9qmJUSbHH9LT3Y4QgkhHiGzuhNX0J/YPjhwAR4Lbfh/ZnMWHj3vs7H1j98s+j+4PsrmSxKw1nDX0lqgCCLcGeHCvl8TcDN8PjvB66vB6bgJweal4/T6FaRgkFpZZ39q5WqHGVc3GSpLD498A/Pj5i3BroBhTE4SDAe50hRnuixDsf4xVOCtWME2DBp+b7o4Qr96mcNfdIH9S+AdQSmFfSAAMw8XaUpyh3ggAVZq7be783CZvnRJqaeLz7lc624M8ffYcv6+evFVgNv6CRq8Hs7aG+PxLmvw+lt+sk81ZxRtUqpJ/cC2AUshKzX9fGTKVAgRkNGnLGIr0dZIohUSRlraM/QFdU4n8YwAx9gAAAABJRU5ErkJggg==\"},\"id\":\"0\"}" to QLocalSocket(0x2323fd276a0)
23-02-26 12:55:38:208 [ info gui.socketapi ]: Received SocketAPI message <-- "GET_STRINGS:CONTEXT_MENU_TITLE" from QLocalSocket(0x2323fd276a0)
23-02-26 12:55:38:208 [ info gui.socketapi ]: Sending SocketAPI message --> "GET_STRINGS:BEGIN" to QLocalSocket(0x2323fd276a0)
23-02-26 12:55:38:208 [ info gui.socketapi ]: Sending SocketAPI message --> "STRING:CONTEXT_MENU_TITLE:ownCloud" to QLocalSocket(0x2323fd276a0)
23-02-26 12:55:38:208 [ info gui.socketapi ]: Sending SocketAPI message --> "GET_STRINGS:END" to QLocalSocket(0x2323fd276a0)
23-02-26 12:55:38:208 [ info gui.socketapi ]: Received SocketAPI message <-- "GET_MENU_ITEMS:C:\\Users\\placeholder\\AppData\\Local\\Temp\\ownCloud-logdir\\ownCloud.log" from QLocalSocket(0x2323fd276a0)
23-02-26 12:55:38:208 [ info gui.socketapi ]: Sending SocketAPI message --> "GET_MENU_ITEMS:BEGIN" to QLocalSocket(0x2323fd276a0)
23-02-26 12:55:38:208 [ info gui.socketapi ]: Sending SocketAPI message --> "GET_MENU_ITEMS:END" to QLocalSocket(0x2323fd276a0)
23-02-26 12:55:38:209 [ info gui.socketapi ]: Lost connection QLocalSocket(0x2323fd276a0)
23-02-26 12:55:47:814 [ warning gui.account.state ]: checkConnectivity blocking: false
23-02-26 12:56:49:811 [ warning gui.account.state ]: checkConnectivity blocking: false
23-02-26 12:57:51:807 [ warning gui.account.state ]: checkConnectivity blocking: false
23-02-26 12:58:36:745 [ info gui.account.settings ]: Opening local folder QUrl("file:///C:/Users/placeholder/ownCloud/Personal/")
23-02-26 12:58:39:612 [ info sync.vfs.win ]: void __cdecl OCC::callbackFetchData(const struct CF_CALLBACK_INFO *,const struct CF_CALLBACK_PARAMETERS *)
23-02-26 12:58:39:613 [ info sync.vfs.win ]: fetch data request "C:/Users/placeholder/ownCloud/Personal/" "C:\\Users\\placeholder\\ownCloud\\Personal\\BOS.jpg" "3f06c9c0-b4c6-4194-9891-7a85dfe9040f$84b97425-0b5f-4132-8fd5-d04ed1defb9c!92a26255-9c20-4426-bb1b-7b6a3dcb85b7" 0 111040 0 0 Resume: 0 to 111040 size: 111040
23-02-26 12:58:39:613 [ debug sync.database.sql ] [ OCC::SqlQuery::prepare ]: SQL prepare "SELECT path, inode, modtime, type, md5, fileid, remotePerm, filesize, ignoredChildrenRemote, contentchecksumtype.name || ':' || contentChecksum FROM metadata LEFT JOIN checksumtype as contentchecksumtype ON metadata.contentChecksumTypeId == contentchecksumtype.id WHERE fileid=?1" Try: 0
23-02-26 12:58:39:614 [ debug sync.networkjob.get ] [ OCC::GETFileJob::start ]: QObject(0x0) false false
23-02-26 12:58:39:614 [ info sync.networkjob ]: Created OCC::GETFileJob(OCC::Account("statusquo@cloud.placeholder.net"), "https://cloud.placeholder.net/dav/spaces/3f06c9c0-b4c6-4194-9891-7a85dfe9040f$84b97425-0b5f-4132-8fd5-d04ed1defb9c/BOS.jpg", "GET", Original-Request-ID: "18ae5170-11b6-4e5e-924c-574c92b77f4c", X-Request-ID: "18ae5170-11b6-4e5e-924c-574c92b77f4c") for OCC::HydrationContext(0x232404ff3a0)
23-02-26 12:58:39:680 [ debug sync.credentials.http ] [ OCC::HttpCredentials::slotAuthentication ]: void __cdecl OCC::HttpCredentials::slotAuthentication(class QNetworkReply *,class QAuthenticator *) QNetworkReplyHttpImpl(0x2323fd26e20)
23-02-26 12:58:39:680 [ debug sync.networkjob.jobqueue ] [ OCC::JobQueue::retry ]: Direct retry OCC::GETFileJob(OCC::Account("statusquo@cloud.placeholder.net"), "https://cloud.placeholder.net/dav/spaces/3f06c9c0-b4c6-4194-9891-7a85dfe9040f$84b97425-0b5f-4132-8fd5-d04ed1defb9c/BOS.jpg", "GET", Original-Request-ID: "18ae5170-11b6-4e5e-924c-574c92b77f4c", X-Request-ID: "18ae5170-11b6-4e5e-924c-574c92b77f4c", NetworkError: "Host requires authentication")
23-02-26 12:58:39:680 [ info sync.networkjob ]: Restarting OCC::GETFileJob(OCC::Account("statusquo@cloud.placeholder.net"), "https://cloud.placeholder.net/dav/spaces/3f06c9c0-b4c6-4194-9891-7a85dfe9040f$84b97425-0b5f-4132-8fd5-d04ed1defb9c/BOS.jpg", "GET", Original-Request-ID: "18ae5170-11b6-4e5e-924c-574c92b77f4c", X-Request-ID: "18ae5170-11b6-4e5e-924c-574c92b77f4c", NetworkError: "Host requires authentication") for the 1 time
23-02-26 12:58:39:680 [ debug sync.networkjob ] [ OCC::AbstractNetworkJob::slotFinished ]: Queued: OCC::GETFileJob(OCC::Account("statusquo@cloud.placeholder.net"), "https://cloud.placeholder.net/dav/spaces/3f06c9c0-b4c6-4194-9891-7a85dfe9040f$84b97425-0b5f-4132-8fd5-d04ed1defb9c/BOS.jpg", "GET", Original-Request-ID: "18ae5170-11b6-4e5e-924c-574c92b77f4c", X-Request-ID: "2a7d1a85-650e-415e-ae81-83fdde0fc6e6") for retry
23-02-26 12:58:39:683 [ debug sync.credentials.http ] [ OCC::HttpCredentials::slotAuthentication ]: void __cdecl OCC::HttpCredentials::slotAuthentication(class QNetworkReply *,class QAuthenticator *) QNetworkReplyHttpImpl(0x2323fc26680)
23-02-26 12:58:39:683 [ debug sync.networkjob.jobqueue ] [ OCC::JobQueue::retry ]: Direct retry OCC::GETFileJob(OCC::Account("statusquo@cloud.placeholder.net"), "https://cloud.placeholder.net/dav/spaces/3f06c9c0-b4c6-4194-9891-7a85dfe9040f$84b97425-0b5f-4132-8fd5-d04ed1defb9c/BOS.jpg", "GET", Original-Request-ID: "18ae5170-11b6-4e5e-924c-574c92b77f4c", X-Request-ID: "2a7d1a85-650e-415e-ae81-83fdde0fc6e6", NetworkError: "Host requires authentication")
23-02-26 12:58:39:683 [ info sync.networkjob ]: Restarting OCC::GETFileJob(OCC::Account("statusquo@cloud.placeholder.net"), "https://cloud.placeholder.net/dav/spaces/3f06c9c0-b4c6-4194-9891-7a85dfe9040f$84b97425-0b5f-4132-8fd5-d04ed1defb9c/BOS.jpg", "GET", Original-Request-ID: "18ae5170-11b6-4e5e-924c-574c92b77f4c", X-Request-ID: "2a7d1a85-650e-415e-ae81-83fdde0fc6e6", NetworkError: "Host requires authentication") for the 2 time
23-02-26 12:58:39:683 [ debug sync.networkjob ] [ OCC::AbstractNetworkJob::slotFinished ]: Queued: OCC::GETFileJob(OCC::Account("statusquo@cloud.placeholder.net"), "https://cloud.placeholder.net/dav/spaces/3f06c9c0-b4c6-4194-9891-7a85dfe9040f$84b97425-0b5f-4132-8fd5-d04ed1defb9c/BOS.jpg", "GET", Original-Request-ID: "18ae5170-11b6-4e5e-924c-574c92b77f4c", X-Request-ID: "87ff5c89-549a-4f6f-93d1-cd8d8287df71") for retry
Is there a bug or can you spot something wrong with the logs?
About this issue
- Original URL
- State: closed
- Created a year ago
- Comments: 21 (11 by maintainers)
Desktop clients will prompt for new login in 3M. (
refresh_token_lifespan: 3M)➡️ works as designed ✅
I’d recommend to capture HTTP requests and responses in the logs, then check there… https://doc.owncloud.com/desktop/3.2/appendices/troubleshooting.html#log-files