Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Module not working for HTTPS-Only HumHub installations #3

Open
daum3ns opened this issue Jan 12, 2020 · 19 comments
Open

Module not working for HTTPS-Only HumHub installations #3

daum3ns opened this issue Jan 12, 2020 · 19 comments
Assignees

Comments

@daum3ns
Copy link

daum3ns commented Jan 12, 2020

The Module sets the document.url incorrect so that a "download failed" alert is seen:
https://stackoverflow.com/questions/46545410/docker-document-server-download-failed

https://api.onlyoffice.com/editors/config/document#url
i see in the logs that the url is set like humhub was plain-http although humhub is setup to use https. there is no way to set this in gui, nor in config files..

when i disable automatic redirect of http traffic to https for humhub, the module works ...

please fix this issue, or let me help you fix it! i think it must be quite simple, but i don't know the framework...

@Eloncase
Copy link
Member

Hello! Thanks for your contribution.
We are using framework method Url::to to generate links, same method used to generate permalinks for example.
It's probably related to this issue and until it is resolved we can't really tell if this is our problem or not. As soon as issue is resolved we'll make appropriate changes.

@Eloncase Eloncase self-assigned this Jan 15, 2020
@daum3ns
Copy link
Author

daum3ns commented Jan 20, 2020

thanks eloncase for reply. as i understand the issue you linked it is about termination off ssl and plan http humhub. but i have set humhub to use HTTPS and still the module generates an http url.. thats what i think is strange. so it is the other way arround:
client->HTTPS->proxy->HTTPS->HUMHUB
then the client gets a plain HTTP url as callback, so it will receive a redirect from the proxy which onlyoffice cant handle..
as HumHub is set to use HTTPS i would assume an HTTPS link... (for example sharing a file is no problem, there it works...)

on the linked issue a plain HTTP linke makes sense for me, as the installation is plain HTTP...

@Eloncase
Copy link
Member

Eloncase commented Jan 22, 2020

Have you tried making permalink to a post? Is it http or https?

The issue mostly about that Base URL setting (Settings -> General -> Base URL) should be taken into consideration when generating any kind of URL. Right now it takes current context to do that.
For example if you set Base URL to https://192.168.1.10 but navigate to humhub using http://localhost all links will navigate to http://localhost ignoring settings.

Is Forwarded headers configured properly on your proxy server?
Especially Forwarded-Proto.

@daum3ns
Copy link
Author

daum3ns commented Jan 23, 2020

thanks eloncase, i will check this as soon as i have some spare minutes, i think BaseUrl should be correct but the headers i have to check!

@bha-lockdrives
Copy link

Are there any news? I have the same problems. Humhub is on SSL only.
onlyoffice

@dreua
Copy link

dreua commented Dec 22, 2020

To add a data point here: My https only installation works fine after some debugging. (Only issue remaining: #28) The installation experience could be improved by more/better error messages or maybe a wizard / some automated tests though.

I have the document server docker image with a port switch: -p 8080:80 (Earlier mistake: Use port 8080 of the container. Not sure what that is but it surely does not work.) Make sure you can access the document server with your browser via Https. It should display a nicely formatted welcome page ("ONLYOFFICE Docs™ Community Edition – Welcome!").

Apache is setup with virtual hosts for two subdomains, one serving the onlyoffice document server as proxy adding Https (my configuration) and the other serving Humhub.

@daum3ns
Copy link
Author

daum3ns commented Jan 26, 2021

@bha-lockdrives when i remember correctly adding this in humhub/protected/config/web.php did the trick for me:
$_SERVER['HTTPS'] = 'on';

(see humhub/humhub#3815)

@smurf1965
Copy link

Hi, recently added DocServer to Humhub. Apparently successfully connected, however when trying to create doument, Humhub throws up 'Could not Onlyoffice Document editor'. Now I think that as Hunhub is on https:// and Digital Ocen Docserver on http://, this could be the issue? Not entirely certain, however any help or suggestion would be greatly appreciated!
image
image
image
image

@dreua
Copy link

dreua commented Mar 31, 2021

Hunhub is on https:// and Digital Ocen Docserver on http://, this could be the issue?

Yes this is the issue. The other way around works but you should never attempt to use http resources in a page loaded via https. It creates warnings or does not work at all.

@smurf1965
Copy link

@dreua Thanks for that, glad to see on the right track! :)

@dreua
Copy link

dreua commented Mar 31, 2021

@smurf1965 Happy to help! Getting OO+Humhub to work together can really be a p... - well let's call it difficult 😉
If you have further questions I'd suggest you create a new issue, maybe I can help. In my opinion, appending to already existing issues is only advisable if you are quite sure that you have the same issue and you have something valuable to add. (Otherwise do it Youtube-Style: Hit thumbs up on the top post and subscribe! Or create a new issue and link to the existing issue.)

@ someone with moderation privilege: Feel free to hide my off-topic comments here.

@monacoblue
Copy link

monacoblue commented Oct 12, 2021

@Eloncase @dreua @daum3ns

Hi guys,

Sorry to revisit this issue , but I'm a newbie that tried a kazillion things and am desperately trying to get this to work!

Log Error: "Expected JWT"
"The document could not be saved. Please check connection settings or contact your administrator"

Version: Humhub 1.9,1
Document Server: ONLYOFFICE DOCS 6.4.1 (Cloudron/Docker) runing on https://office.glowrepeat.net
Humhub Server: LAMP installation on CentOS WHM PHP 7.3. AutoSSL (Secticgo) running on https://hub.glowrepe.at

Here's what I did/tried so far:

  • Checked that all prerequisites are met on my CentOS LAMP installation - they are - green checkmarks on everything. Installation completed without issues and everything else works.
  • Checked that both Humhub and Onlyoffice is running on https- they are Humhub base url is configured correctly and permalinks are https://
  • To verify things are working at the Onlyoffice end, I created a free humhub account on humhub.com and tested the plugin there connecting to my onlyoffice office.glowrepeat.net - works pefectly!
  • However configuring the plugin start well on my own server with: "ONLYOFFICE Docs successfully connected! - Installed version: 6.4.1.45" BUT when opening document I get the "JWT Expected" error in log.
  • Checked that WHM Firewall is not blocking ports - all ok as far as I can see.

Here is the humhub LOG:

`2021-10-12 15:39:22 [78.129.139.241][-][-][error][onlyoffice] Expected JWT
2021-10-12 15:39:22 [78.129.139.241][-][-][info][application] $_GET = [
'key' => '(hidden)'
]

$_SERVER = [
'CONTENT_LENGTH' => '161'
'CONTENT_TYPE' => 'application/json'
'CONTEXT_DOCUMENT_ROOT' => '/home/glowrepe/public_html/APP_hub'
'CONTEXT_PREFIX' => ''
'DOCUMENT_ROOT' => '/home/glowrepe/public_html/APP_hub'
'GATEWAY_INTERFACE' => 'CGI/1.1'
'HTTPS' => 'on'
'HTTP_CPANEL_LOCALHOST' => '1'
'HTTP_HOST' => 'hub.glowrepe.at'
'HTTP_USER_AGENT' => 'Node.js/6.13'
'HTTP_X_FORWARDED_FOR' => '46.101.106.221'
'HTTP_X_FORWARDED_HOST' => 'hub.glowrepe.at'
'HTTP_X_FORWARDED_PORT' => '443'
'HTTP_X_FORWARDED_PROTO' => 'https'
'HTTP_X_FORWARDED_SERVER' => 'hub.glowrepe.at'
'HTTP_X_REAL_IP' => '46.101.106.221'
'PATH' => '/bin:/usr/bin'
'PHP_INI_SCAN_DIR' => '/opt/cpanel/ea-php73/root/etc:/opt/cpanel/ea-php73/root/etc/php.d:.'
'QUERY_STRING' => 'key=(hidden)'
'REDIRECT_HTTPS' => 'on'
'REDIRECT_QUERY_STRING' => 'key=(hidden)'
'REDIRECT_STATUS' => '200'
'REDIRECT_UNIQUE_ID' => '(hidden)'
'REDIRECT_URL' => '/onlyoffice/backend/track'
'REDIRECT_isproxyrequest' => '1'
'REMOTE_ADDR' => '78.129.139.241'
'REMOTE_PORT' => '40560'
'REQUEST_METHOD' => 'POST'
'REQUEST_SCHEME' => 'https'
'REQUEST_URI' => '/onlyoffice/backend/track?key=(hidden)'
'SCRIPT_FILENAME' => '/home/glowrepe/public_html/APP_hub/index.php'
'SCRIPT_NAME' => '/index.php'
'SERVER_ADDR' => '78.129.139.242'
'SERVER_ADMIN' => '(hidden)'
'SERVER_NAME' => 'hub.glowrepe.at'
'SERVER_PORT' => '443'
'SERVER_PROTOCOL' => 'HTTP/1.1'
'SERVER_SIGNATURE' => ''
'SERVER_SOFTWARE' => 'Apache'
'TZ' => 'Europe/Copenhagen'
'UNIQUE_ID' => '(hidden)'
'isproxyrequest' => '1'
'PHP_SELF' => '/index.php'
'REQUEST_TIME_FLOAT' => (hidden)
'REQUEST_TIME' => (hidden)
'argv' => [
0 => 'key=(hidden)'
]
'argc' => 1
]`

Onlyoffice and Humhub are on two different servers so it seems the internal requests sections are not relevant.

I suspect that it is related to the AutoSSL that is preventing onlyoffice from seeing Humhub? However I am havinga hard time wrapping my head around what specifically I need to do to fix that?

I would be very grateful for any tips or help 🙏

Many thanks,
M

@daum3ns
Copy link
Author

daum3ns commented Oct 13, 2021

thats weird, did you configure JWT secret in the module configuration?

@monacoblue
Copy link

monacoblue commented Oct 13, 2021

thats weird, did you configure JWT secret in the module configuration?

Thanks for getting back daum3ns :). Yes I configured Fields 'Hostname' and JWT secret and it immediately connects successfully with green message on top in module config: "ONLYOFFICE Docs successfully connected! - Installed version: 6.4.1.45".

But when I try to open document i get the error message:
"The document could not be saved. Please check connection settings or contact your administrator"

And in log "Expected JWT" as shown in post above.

@daum3ns
Copy link
Author

daum3ns commented Oct 13, 2021

argh, i remember having exactly that message.. did you verify the setting i mentioned here: #3 (comment)

@monacoblue
Copy link

argh, i remember having exactly that message.. did you verify the setting i mentioned here: #3 (comment)

Thanks... for your feedback :). Yes - saw your message in ealier dialogue, and added that to web.php, because thought it couldn't hurt - but no dice. Did you configure the proxy settings in humhub admin - Is that what I am missing. I have not actively set a proxy for use on my server, but perhaps simply enabling AutoSSL on my Cpanel/WHM is somehting that now intercepts humhub as a proxy?

@daum3ns
Copy link
Author

daum3ns commented Oct 13, 2021

no i don't have proxy settings set... (although i have a reverse proxy in front, but that's all handled by docker-compose in my case i think, the same reverse proxy is in front of the docserver and translates back to plain http, i.e the docserver itself thinks its plain http when i remember correctly)

it was a time ago i set this up.. maybe give it a try without autossl... idk..

@monacoblue
Copy link

Ok many thanks daum3ns - very good to know! Can't justify abandoning AutoSSL, but you're right I could try and switch it off.

If anyone has ideas to share, I would be eternally grateful :)

@monacoblue
Copy link

Problem remains and I'm stuck with "The document could not be saved. Please check connection settings or contact your administrator"

Does anything in my error log posted above spring into your eyes - what am I missing?

@Eloncase @dreua I know you are probably super busy, but would be grateful for any help/pointers :)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

6 participants