SSO login doesn't work for custom profile

[Mikaela]

This is copy-paste from element-hq/element-web#21841 as I am unable to try officially supported release as I don't have either Debian or Ubuntu available. I am thus unable to test whether this is an issue with flatpak or upstream.

---

Steps to reproduce

1. Run flatpak run im.riot.Riot --profile pikaviestin
2. Set homeserver URL as https://pikaviestin.fi/
3. Select Continue with authentik
4. Web browser opens.
5. Login
6. Select "Continue"
7. Another Element opens without the specified profile (it keeps loading forever, but I presume it's the default profile for another account)

Outcome

What did you expect?

I expected Element to be logged in.

What happened instead?

I got a different Element instance with a different profile.

Operating system

Fedora release 36 (Thirty Six)

Application version

1.10.10 ?

How did you install the app?

https://flathub.org/apps/details/im.riot.Riot (Element doesn't provide Fedora packaging and "blessed" repository is discontinued element-hq/element-web#3781 (comment))

Homeserver

pikaviestin.fi on Synapse 1.51.0

Will you send logs?

No

---

This appears to be a regression, element-hq/element-web#12932 is the same, but previously fixed and I presume a new issue is required two years later.

I cannot send logs as they require being logged in.

[Mikaela]

Update: it has been confirmed as issue with the flatpak, element-hq/element-web#21841 (comment).

[SISheogorath]

I just tried to reproduce this with the latest flatpak build and my homeserver, and at least here SSO worked completely fine, with and without specifying --profile.

The start command I used was flatpak run im.riot.Riot --profile test.

[Mikaela]

I just tried again with flatpak run im.riot.Riot --profile pikaviestin and this still happened. How can I debug it?

[Mikaela]

I just performed rm -rf ~/.var/app/im.riot.Riot and this still happens. The first profile logged in without SSO, the second prompted web browser which prompted me to continue with Element which then started the first profile which now loaded normally.

[SISheogorath]

Is it possible that something strips the parameters of the URL passed to Element? Maybe some adblocker/URL cleaner?

What browser do you use to authenticate? If you want, you could build a Element version that logs the domain before starting Element by adding a line echo "$@" in front of this section:

im.riot.Riot/element.sh

Line 10 in 3e0914d

env TMPDIR="$XDG_RUNTIME_DIR/app/${FLATPAK_ID:-im.riot.Riot}" zypak-wrapper /app/Element/element-desktop $FLAGS "$@"

Maybe "authentik" strips something important, so it might also be worth to check if e.g. the Mozilla or Fedora homeserver works for you?

[Mikaela]

Is it possible that something strips the parameters of the URL passed to Element?

I don't think so.

Maybe some adblocker/URL cleaner?

I disabled them all without luck (in Firefox).

What browser do you use to authenticate?

I was originally using Microsoft Edge, but I am consistently reproducing this also on Mozilla Firefox 100.0b8 (developer edition). I am on Wayland/Sway if that has effect, except that Element is in xwayland (#229).

The difference between Edge and Firefox is that Firefox asks which application to open the Element link in, which has no effect.

If you want, you could build a Element version

I don't know how to build flatpaks and I don't want to maintain one by myself.

Maybe "authentik" strips something important

I don't think so, Authentik is the SSO provider/system pikaviestin.fi uses for logging in.

• https://goauthentik.io/

so it might also be worth to check if e.g. the Mozilla or Fedora homeserver works for you?

I don't have an account on either to my knowledge and I don't think I am affiliated with them enough for me using them to be justified. If I do have a Fedora homeserver account, I would be affected by fedora-infra/noggin#105 as I have no desire to bring my "deadnick" there, which is older than Matrix itself.

[Mikaela]

Reproduced with Fedora homeserver. My earlier concerns did happen as apparently my "deadnick" was restored and the homeserver found my previous name from somewhere, but those are separate issues.

On the left is Fedora opening web browser and the right the Element which Firefox opens.

[SISheogorath]

Ah, do you have XDG_RUNTIME_DIR set up in sway? We use that for the temp directory, which makes element aware of already running sessions. If not, please try to run the element flatpak in a shell with an XDG_RUNTIME_DIR specified and see if this fixes the problem.

[Mikaela]

I don't know where it should be specified, but it was appearing in env. I also specified XDG_RUNTIME_DIR=/run/user/1000 in ~/.config/user-dirs.dirs and ran xdg-user-dirs-update and rebooted without effect.

Afterwards I specified it in front of the command, without change:

└┌(%:~)┌- flatpak run --env=XDG_RUNTIME_DIR=/run/user/1000 im.riot.Riot --profile fedora

/home/mikaela/.var/app/im.riot.Riot/config/Element-fedora exists: yes
/home/mikaela/.var/app/im.riot.Riot/config/Riot-fedora exists: no
LaunchProcess: failed to execvp:
xdg-settings
[3:0508/200515.703028:ERROR:bus.cc(397)] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: Tiedostoa tai hakemistoa ei ole
[3:0508/200515.703099:ERROR:bus.cc(397)] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: Tiedostoa tai hakemistoa ei ole
Starting auto update with base URL: https://packages.element.io/desktop/update/
Auto update not supported on this platform
Fetching translation json for locale: en_EN
Changing application language to fi
Fetching translation json for locale: fi
Resetting the UI components after locale change
Resetting the UI components after locale change
libva error: vaGetDriverNameByIndex() failed with unknown libva error, driver_name = (null)
[44:0508/200517.038458:ERROR:sandbox_linux.cc(377)] InitializeSandbox() called with multiple threads in process gpu-process.
Changing application language to fi
Fetching translation json for locale: fi
Resetting the UI components after locale change
[44:0508/200522.335825:ERROR:gl_surface_presentation_helper.cc(260)] GetVSyncParametersIfAvailable() failed for 1 times!

In case the dbus error is relevant, Tiedostoa tai hakemistoa ei ole means "File or directory doesn't exist". I don't know what is supposed to create it.

In case it's helpful, I start sway by a wrapper script /usr/local/bin/startsway which contains:

#!/usr/bin/env bash

# Starting sway with proper environment too. My {bash,zsh}rc handles
# exec

set -x

# Using fcitx
export XMODIFIERS=@im=fcitx
export GTK_IM_MODULE="fcitx"
export QT_IM_MODULE="fcitx"

# qt5ct allows theme choosing
export QT_QPA_PLATFORMTHEME="qt5ct"

# Ensuring Wayland gets used as per Arch Wiki
# 2021-02-28 https://wiki.archlinux.org/index.php/Wayland#GUI_libraries
export QT_QPA_PLATFORM=wayland
export CLUTTER_BACKEND=wayland
export SDL_VIDEODRIVER=wayland
# Mozilla Products
export MOZ_ENABLE_WAYLAND=1

dbus-launch --exit-with-session sway --unsupported-gpu $@
set +x

[Mikaela]

Actually here is the same thing in English:

└┌(%:~)┌- flatpak run --env=LC_ALL=en_US.utf8 --env=XDG_RUNTIME_DIR=/run/user/1000 im.riot.Riot --profile fedora 

/home/mikaela/.var/app/im.riot.Riot/config/Element-fedora exists: yes
/home/mikaela/.var/app/im.riot.Riot/config/Riot-fedora exists: no
LaunchProcess: failed to execvp:
xdg-settings
[3:0508/201518.680606:ERROR:bus.cc(397)] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
[3:0508/201518.681423:ERROR:bus.cc(397)] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: No such file or directory
Starting auto update with base URL: https://packages.element.io/desktop/update/
Auto update not supported on this platform
libva error: vaGetDriverNameByIndex() failed with unknown libva error, driver_name = (null)
Fetching translation json for locale: en_EN
Changing application language to fi
Fetching translation json for locale: fi
[42:0508/201519.090005:ERROR:sandbox_linux.cc(377)] InitializeSandbox() called with multiple threads in process gpu-process.
Resetting the UI components after locale change
Resetting the UI components after locale change
Changing application language to fi
Fetching translation json for locale: fi
Resetting the UI components after locale change
[42:0508/201538.694150:ERROR:gl_surface_presentation_helper.cc(260)] GetVSyncParametersIfAvailable() failed for 1 times!
[42:0508/201538.703477:ERROR:gl_surface_presentation_helper.cc(260)] GetVSyncParametersIfAvailable() failed for 2 times!
[42:0508/201538.719785:ERROR:gl_surface_presentation_helper.cc(260)] GetVSyncParametersIfAvailable() failed for 3 times!

For some reason Element itself doesn't seem to respect LC_ALL as the UI stayed in Finnish, but at least the terminal messages changed language.

[Chris2000SP]

I have Arch Linux with wayland KDE and use Element from flatpak. I get this:

~/ flatpak run im.riot.Riot
/home/user/.var/app/im.riot.Riot/config/Element exists: yes
/home/user/.var/app/im.riot.Riot/config/Riot exists: no
LaunchProcess: failed to execvp:
xdg-settings
[3:0525/154958.491466:ERROR:bus.cc(397)] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: Datei oder Verzeichnis nicht gefunden
[3:0525/154958.491516:ERROR:bus.cc(397)] Failed to connect to the bus: Failed to connect to socket /run/dbus/system_bus_socket: Datei oder Verzeichnis nicht gefunden
Starting auto update with base URL: https://packages.element.io/desktop/update/
Auto update not supported on this platform
Fetching translation json for locale: en_EN
Changing application language to de
Fetching translation json for locale: de
Resetting the UI components after locale change
Resetting the UI components after locale change
libva error: vaGetDriverNameByIndex() failed with unknown libva error, driver_name = (null)
[43:0525/154958.551444:ERROR:sandbox_linux.cc(377)] InitializeSandbox() called with multiple threads in process gpu-process.
Changing application language to de
Fetching translation json for locale: de
Resetting the UI components after locale change
[43:0525/155918.837768:ERROR:gl_surface_presentation_helper.cc(260)] GetVSyncParametersIfAvailable() failed for 1 times!
[43:0525/155918.841479:ERROR:gl_surface_presentation_helper.cc(260)] GetVSyncParametersIfAvailable() failed for 2 times!
[43:0525/155918.846265:ERROR:gl_surface_presentation_helper.cc(260)] GetVSyncParametersIfAvailable() failed for 3 times!

Seems to be the same error.
I get a connection lost message in the app.

[Mikaela]

Workaround: in the "Continue to your account", instead of clicking the blue button [with white text], right click it and select copy link. Then open a terminal [or your preferred launcher/runner] and enter flatpak run im.riot.Riot --profile whatever "element://vector/webapp/?element-desktop-ssoid=..." where the last part is your link pasted in and it will work.