Nextcloud backup fails with 2fa/app password

KuroNeko · 3 October 2024 09:16

REPRODUCIBILITY: 100%
OS VERSION: 4.6.0.13
HARDWARE: Xperia 10 III
UI LANGUAGE: German
REGRESSION: No?

DESCRIPTION:

When uploading backups (and photos) to my nextcloud, the upload fails IF I enable 2fa and use an app password for this reason (since Sailfish OS does not support 2fa). Other nextcloud features work (nextcloud photos in the gallery, calendar sync, etc).

PRECONDITIONS:

Nextcloud with 2fa

STEPS TO REPRODUCE:

Create a new app password in the nextcloud security settings
Add the nextcloud account to your Sailfish device using the app password as the password
Try to upload a backup to Nextcloud using the manual backup in the settings

Alternatively sharing a photo to nextcloud seems to trigger the same issue.

EXPECTED RESULT:

Backup is uploaded

ACTUAL RESULT:

Backup fails

MODIFICATIONS:

I use the MyBackup extension, but I doubt that affects it.

ADDITIONAL INFORMATION:

I get the following error in my nextcloud logs:

"user":"--","app":"webdav","method":"PROPFIND","url":"/remote.php/dav/files/nicolas/Sailfish%20OS/Backups/Xperia-10-III_r2lEgxV5Aqf1","message":"No 
public access to this resource., No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfigured, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured, No 'Authorization: Basic' hea
der found. Either the client didn't send one, or the server is misconfigured","userAgent":"Mozilla/5.0","version":"29.0.7.1","exception":{"Exception":"Sabre\\DAV\\Exception\\NotAuthenticated","Message":"No public access to this resource., No 'Authorization: Basic' header found.
 Either the client didn't send one, or the server is misconfigured, No 'Authorization: Bearer' header found. Either the client didn't send one, or the server is mis-configured, No 'Authorization: Basic' header found. Either the client didn't send one, or the server is misconfig
ured"

This suggest to me, that the app password isn’t passed correctly when doing uploads? The confusing part to me is that downloads seem to work…

KuroNeko · 3 October 2024 22:35

Someone mentioned on Matrix, that this setup is working fine for them, so possibly it is related to some specifics with my setup (like using the ldap plugin).

KuroNeko · 3 October 2024 23:32

It also seems to me that the image upload from the gallery actually sometimes works, but the backup upload fails because the PROPFIND during the backup upload does not seem to have any auth headers set?

KuroNeko · 4 October 2024 00:06

Hm, I think this might not be a Sailfish issue now, it seems to fix itself for exactly one upload every time I restart the php process on my server, so possibly something is broken with my php setup?

calinutzzz · 4 October 2024 05:48

Do you have a valid certificate for your Nextcloud web address? Add it to your phone manually.

KuroNeko · 5 October 2024 23:54

Yes, I have a valid certificate. As I mentioned, everything works but only uploading the backup doesn’t (if I don’t restart the php process before it).

calinutzzz · 6 October 2024 20:15

I remember having the same issue and I solve it by adding the certificate to phone folder ‘/usr/share/pki/ca-trust-source/anchors/’ and after that running the ‘update-ca-trust’ command.
But if you say you did it already, than I have no idea what could be.