-
Notifications
You must be signed in to change notification settings - Fork 2.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Requests against some /ocs endpoints return empty body and invalidate the session if OAuth2 is enabled. #28860
Comments
Do you have the exact queries ? Are these GET queries or OPTIONS ? In curl format would be nice. We have integration tests that use the OCS API or some things like sharing API and these passed, so it's likely not all OCS endpoints. |
i have checked for GETs when session is already alive. Some examples:
maybe more requests needed for getting tokens. I have those ones FTM. Their relatives with Authorization:Basic work as expected. |
@PVince81 those are GETs, yup - e.g. request to get the user info and nope, not for all of them. (though as said in the title this only happens when OAuth app is enabled)
Also, note how those empty-body replies also break the session: https://asciinema.org/a/fC0GpQkWjLMzFOtQt3COEYzeE |
hmmm.. here we go:
cc/ @noveens @PVince81 -> #28457 (comment) |
@SamuAlfageme , Also, |
@noveens OAuth2. With basic auth the problem does not happen. |
PR here: |
Fix was merged, please retry with tomorrow's daily master and reopen if the problem persists. |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs. |
Request against some endpoints /ocs return empty body, making clients not to behave as expected.
This is happening in daily master from today with OAuth2 app enabled. OAuth2 app worked properly before and no more commits were added, so i guess this is not matter of OAuth2 app.
Some examples, all of them with daily master (2017-08-30), that are not reproducible with daily from 28th.
Requests like:
returns empty body with OAuth2 enabled and correct response with OAuth2 disabled.
@SamuAlfageme also experience this effect using Desktop Client
(Suspicions related with #28457 ... )
The text was updated successfully, but these errors were encountered: