Can't get iOS client authorized with oauth2

10

#1

We have an owncloud server with federation and oauth2 enabled. Our android and desktop clients works properly connecting with our servers.

But the iOS client can't connect to our server after IdP authorization and oauth2 app approval, given the following error:
Too many http redirects

Through web interface in security app I can see iOS device and checking the database I can see all related tokens.

Expected behaviour

iOS client authorized with oauth2

Actual behaviour

Given too many http redirects errors.

Server configuration

Operating system:
Ubuntu 14.04.5 LTS

Web server:
Apache/2.4.33 (Ubuntu)

Database:
mysqld Ver 5.5.54-1trusty for debian-linux-gnu on x86_64 ((Ubuntu), wsrep_25.20)
galera-3 25.3.23+1trusty

PHP version:
PHP 5.6.34-1+ubuntu14.04.1+deb.sury.org+1 (fpm-fcgi)

ownCloud version: (see ownCloud admin page)
10.0.4

Updated from an older ownCloud or fresh install:
Updated from 7, then from 9

Where did you install ownCloud from:
tar.gz from owncloud.org

The content of config/config.php:

    "system": {
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
         "allow_user_to_change_display_name": false,
        "appstoreenabled": false,
        "asset-pipeline.enabled": true,
        "custom_csp_policy": "default-src 'self'; script-src  'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; frame-src *; img-src 'self' blob: *; font-src *  'self' data:; media-src *",
        "datadirectory": "\/var\/www\/cncCloud\/data",
        "default_language": "pt_BR",
        "dbtype": "mysql",
        "dbname": "owncloud",
        "dbhost": "proxy-dev-01",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "dbtableprefix": "oc_",
        "enable_avatars": false,
        "forcessl": true,
        "has_internet_connection": false,
        "installed": true,
        "knowledgebaseenabled": false,
        "log_type": "syslog",
        "logfile": "",
        "loglevel": "0",
        "logtimezone": "America\/Recife",
        "lost_password_link": "disabled",
        "mail_from_address": "noreply",
        "mail_smtpname": "***REMOVED SENSITIVE VALUE***",
        "mail_smtppassword": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "587",
        "mail_smtpauth": true,
        "mail_smtpauthtype": "LOGIN",
        "mail_smtpmode": "smtp",
        "mail_smtpsecure": "ssl",
        "maintenance": false,
        "session_lifetime": "21600",
        "trashbin_retention_obligation": "30, auto",
        "memcached_servers": [
            [
                "web-dev-01",
                "11211"
            ],
            [
                "web-dev-02",
                "11211"
            ]
        ],
        "skeletondirectory": "",
        "updatechecker": false,
        "version": "10.0.4.4",
        "versions_retention_obligation": "auto"
    }
}

**List of activated apps:**

Enabled:
  - account_closure: 0.0.1
  - activity: 2.3.6
  - anolis_openstack: 0.0.1
  - comments: 0.3.0
  - configreport: 0.1.1
  - customgroups: 0.3.6
  - dav: 0.3.2
  - federatedfilesharing: 0.3.1
  - federation: 0.1.0
  - feedback: 1.1
  - files: 1.5.1
  - files_external: 0.7.1
  - files_pdfviewer: 0.8.2
  - files_restriction: 1.0.0
  - files_sharing: 0.10.1
  - files_texteditor: 2.2.1
  - files_trashbin: 0.9.1
  - files_versions: 1.3.0
  - files_videoplayer: 0.9.8
  - folder_uploader: 0.0.1
  - gallery: 16.0.2
  - interactive_tutorial: 1.0
  - notifications: 0.3.2
  - oauth2: 0.2.1
  - provisioning_api: 0.5.0
  - richdocuments: 2.0.5
  - systemtags: 0.3.0
  - templateeditor: 0.1
  - theme-edudrive: 1.0.0
  - updatenotification: 0.2.1
  - user_shib: 0.1

Are you using external storage, if yes which one:
yes, openstack swift

Are you using encryption: yes/no
no

Are you using an external user-backend, if yes which one:
Yes, Shibboleth

Client

iOS version:
iOS 11.3.1
ownCloud app version:
3.7.3
Device model:
iphone 7

Logs

no useful apache or owncloud logs

Client log

http://paste.openstack.org/show/BBCFVMD31DuRbF4skjHw/


#2

Maybe this is caused by this outdated version? I think it could worth to update to the latest version 10.0.8 as pointed out in another thread and try again as there are at least two oauth2 fixes mentioned in the newer releases versions:

It seems also that you're using an older version 0.2.1 of the oauth2 app (at the marketplace there is 0.2.2 available) as well as some uncommon apps (e.g. user_shib or feedback) which are not even available at https://marketplace.owncloud.com/