Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Error M_UNAUTHORIZED: Supplied credentials are invalid #88

Open
prismplex opened this issue Feb 6, 2021 · 5 comments
Open

Error M_UNAUTHORIZED: Supplied credentials are invalid #88

prismplex opened this issue Feb 6, 2021 · 5 comments

Comments

@prismplex
Copy link

prismplex commented Feb 6, 2021
edited
Loading

First of all thank you for this great project. Unfortunately I cannot manage to get the configuration to work. Maybe I am missing something...
Currently getting this error when I try to add my identity server via Element web interface (also self-hosted):
INFO io.kamax.mxisd.http.undertow.handler.BasicHttpHandler - Request POST http://matrix.prismplex.tech/_matrix/identity/v2/account/register - Error M_UNAUTHORIZED: Supplied credentials are invalid
The whole project (besides nginx) runs in docker containers with acme.sh as letsencrypt provider.
Could somebody help me please? Thank you!

Nginx

.../sites-enabled/matrix.domain.com.conf

...
    # ma1sd
    location /_matrix/client/r0/user_directory {
        proxy_pass http://localhost:8090/_matrix/client/r0/user_directory;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $remote_addr;
    }

    # ma1sd
    location ^~ /_matrix/identity {
        proxy_pass http://localhost:8090/_matrix/identity;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $remote_addr;
    }

    # synapse
    location ~* ^(\/_matrix|\/_synapse\/client) {
        proxy_pass http://localhost:8008;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $remote_addr;
    }

    # synapse
    location / {
        proxy_pass http://localhost:8008;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $remote_addr;
    }
...

ma1sd

.../etc/ma1sd.yaml

matrix:
  domain: 'matrix.domain.com'
  v1: true   # deprecated
  v2: true   # MSC2140 API v2. Riot require enabled V2 API.

key:
  path: '/var/ma1sd/sign.key'

storage:
  backend: sqlite # or postgresql
  provider:
    sqlite:
      database: '/var/ma1sd/ma1sd.db'

threepid:
  medium:
    email:
      identity:
        from: "matrix@domain.com"
      connectors:
        smtp:
          host: "mail.domain.com"
          tls: 1
          port: 587
          login: "matrix@domain.com"
          password: "password"

hashing:
  enabled: false # enable or disable the hash lookup MSC2140 (default is false)
  pepperLength: 20 # length of the pepper value (default is 20)
  rotationPolicy: per_requests # or `per_seconds` how often the hashes will be updating
  hashStorageType: sql # or `in_memory` where the hashes will be stored
  algorithms:
    - none   # the same as v1 bulk lookup
    - sha256 # hash the 3PID and pepper.
  delay: 2m # how often hashes will be updated if rotation policy = per_seconds (default is 10s)
  requests: 10 # how many lookup requests will be performed before updating hashes if rotation policy = per_requests (default is 10)
  synapseSql:
   lookup:
     query: 'select user_id as mxid, medium, address from user_threepid_id_server' # query for retrive 3PIDs for hashes.

Full log

[main] INFO io.undertow - starting server: Undertow - 2.0.27.Final
[main] INFO App - ma1sd started
[Thread-1] INFO io.undertow - stopping server: Undertow - 2.0.27.Final
[Thread-1] INFO App - ma1sd stopped
[main] INFO io.kamax.mxisd.config.YamlConfigLoader - Reading config from /etc/ma1sd/ma1sd.yaml
[main] INFO io.kamax.mxisd.config.YamlConfigLoader - Loaded config from /etc/ma1sd/ma1sd.yaml
[main] INFO App - ma1sd starting
[main] INFO App - Version: 2.4.0
[main] INFO App - Logging config:
[main] INFO App -   Logging level hasn't set, use default
[main] INFO App -   Log requests: false
[main] INFO io.kamax.mxisd.config.DirectoryConfig - --- Account config ---
[main] INFO io.kamax.mxisd.config.DirectoryConfig - Allow registration only for trust domain: true
[main] INFO io.kamax.mxisd.config.DirectoryConfig - --- Directory config ---
[main] INFO io.kamax.mxisd.config.DirectoryConfig - Exclude:
[main] INFO io.kamax.mxisd.config.DirectoryConfig -   Homeserver: false
[main] INFO io.kamax.mxisd.config.DirectoryConfig -   3PID: false
[main] INFO io.kamax.mxisd.config.DnsOverwriteConfig - --- DNS Overwrite config ---
[main] INFO io.kamax.mxisd.config.DnsOverwriteConfig - Homeserver:
[main] INFO io.kamax.mxisd.config.DnsOverwriteConfig - 	Client: []
[main] INFO io.kamax.mxisd.config.DnsOverwriteConfig - 	Federation: []
[main] INFO io.kamax.mxisd.config.FirebaseConfig - --- Firebase configuration ---
[main] INFO io.kamax.mxisd.config.FirebaseConfig - Enabled: false
[main] INFO io.kamax.mxisd.config.InvitationConfig - --- Invite config ---
[main] INFO io.kamax.mxisd.config.InvitationConfig - Expiration: {"after":10080}
[main] INFO io.kamax.mxisd.config.InvitationConfig - Resolution: {"recursive":true,"timer":5}
[main] INFO io.kamax.mxisd.config.InvitationConfig - Policies: {"if_sender":{"has_role":[]}}
[main] INFO io.kamax.mxisd.config.ldap.LdapConfig - --- Generic LDAP Config ---
[main] INFO io.kamax.mxisd.config.ldap.LdapConfig - Enabled: false
[main] INFO io.kamax.mxisd.config.RecursiveLookupBridgeConfig - --- Bridge integration lookups config ---
[main] INFO io.kamax.mxisd.config.RecursiveLookupBridgeConfig - Enabled: false
[main] INFO io.kamax.mxisd.config.MatrixConfig - --- Matrix config ---
[main] INFO io.kamax.mxisd.config.MatrixConfig - Domain: matrix.domain.com
[main] INFO io.kamax.mxisd.config.MatrixConfig - Identity:
[main] INFO io.kamax.mxisd.config.MatrixConfig - 	Servers: {"matrix-org":["https://matrix.org"]}
[main] INFO io.kamax.mxisd.config.MatrixConfig - API v1: true
[main] INFO io.kamax.mxisd.config.MatrixConfig - API v2: true
[main] WARN io.kamax.mxisd.config.MatrixConfig - API v1 is deprecated via MSC2140: https://github.com/matrix-org/matrix-doc/pull/2140 and will be deleted in future releases.
[main] WARN io.kamax.mxisd.config.MatrixConfig - Please upgrade your homeserver and enable only API v2.
[main] INFO io.kamax.mxisd.config.ldap.LdapConfig - --- NetIQ eDirectory Config ---
[main] INFO io.kamax.mxisd.config.ldap.LdapConfig - Enabled: false
[main] INFO io.kamax.mxisd.config.threepid.notification.NotificationConfig - --- Notification config ---
[main] INFO io.kamax.mxisd.config.threepid.notification.NotificationConfig - Handlers:
[main] INFO io.kamax.mxisd.config.threepid.notification.NotificationConfig -   msisdn: raw
[main] INFO io.kamax.mxisd.config.threepid.notification.NotificationConfig -   email: raw
[main] INFO io.kamax.mxisd.config.rest.RestBackendConfig - --- REST backend config ---
[main] INFO io.kamax.mxisd.config.rest.RestBackendConfig - Enabled: false
[main] INFO io.kamax.mxisd.config.SessionConfig - --- Session config ---
[main] INFO io.kamax.mxisd.config.SessionConfig - Global Policy: {"validation":{"enabled":true},"unbind":{"enabled":true,"notifications":true}}
[main] INFO io.kamax.mxisd.config.ServerConfig - --- Server config ---
[main] INFO io.kamax.mxisd.config.ServerConfig - Name: matrix.domain.com
[main] INFO io.kamax.mxisd.config.ServerConfig - Port: 8090
[main] INFO io.kamax.mxisd.config.ServerConfig - Public URL: https://matrix.domain.com
[main] INFO io.kamax.mxisd.config.ServerConfig - Hostname: 0.0.0.0
[main] INFO io.kamax.mxisd.config.sql.SqlConfig - --- Synapse SQL Provider config ---
[main] INFO io.kamax.mxisd.config.sql.SqlConfig - Enabled: false
[main] INFO io.kamax.mxisd.config.ViewConfig - --- View config ---
[main] INFO io.kamax.mxisd.config.ViewConfig - Session: {"local":{"on_token_submit":{}},"on_token_submit":{"failure":"classpath:/templates/session/tokenSubmitFailure.html","success":"classpath:/templates/session/tokenSubmitSuccess.html"}}
[main] INFO io.kamax.mxisd.config.PolicyConfig - --- Policy Config ---
[main] INFO io.kamax.mxisd.config.PolicyConfig - Empty
[main] WARN io.kamax.mxisd.config.HashingConfig - V2 enabled without the hash configuration.
[main] INFO io.kamax.mxisd.config.HashingConfig - Hash configuration disabled, used only `none` pepper.
[main] INFO io.kamax.mxisd.storage.ormlite.OrmLiteSqlStorage - Create the dao: ChangelogDao
[main] INFO io.kamax.mxisd.storage.ormlite.OrmLiteSqlStorage - Create the dao: ThreePidInviteIO
[main] INFO io.kamax.mxisd.storage.ormlite.OrmLiteSqlStorage - Create the dao: HistoricalThreePidInviteIO
[main] INFO io.kamax.mxisd.storage.ormlite.OrmLiteSqlStorage - Create the dao: ThreePidSessionDao
[main] INFO io.kamax.mxisd.storage.ormlite.OrmLiteSqlStorage - Create the dao: ASTransactionDao
[main] INFO io.kamax.mxisd.storage.ormlite.OrmLiteSqlStorage - Create the dao: AccountDao
[main] INFO io.kamax.mxisd.storage.ormlite.OrmLiteSqlStorage - Create the dao: AcceptedDao
[main] INFO io.kamax.mxisd.storage.ormlite.OrmLiteSqlStorage - Create the dao: HashDao
[main] INFO io.kamax.mxisd.storage.crypto.FileKeyStore - Key store is already in directory format
[main] INFO com.mchange.v2.c3p0.C3P0Registry - Initializing c3p0-0.9.5.4 [built 23-March-2019 23:00:48 -0700; debug? true; trace: 10]
[main] INFO io.kamax.mxisd.config.threepid.medium.EmailTemplateConfig - --- E-mail Generator templates config ---
[main] INFO io.kamax.mxisd.config.threepid.medium.EmailTemplateConfig - Invite: Built-in (/threepids/email/invite-template.eml)
[main] INFO io.kamax.mxisd.config.threepid.medium.EmailTemplateConfig - Session:
[main] INFO io.kamax.mxisd.config.threepid.medium.EmailTemplateConfig -   Validation: classpath:/threepids/email/validate-template.eml
[main] INFO io.kamax.mxisd.config.threepid.medium.EmailTemplateConfig -   Unbind:
[main] INFO io.kamax.mxisd.config.threepid.medium.EmailTemplateConfig -     Notification: classpath:/threepids/email/unbind-notification.eml
[main] INFO io.kamax.mxisd.config.threepid.connector.EmailSmtpConfig - --- E-mail SMTP Connector config ---
[main] INFO io.kamax.mxisd.config.threepid.connector.EmailSmtpConfig - Host: mail.domain.com
[main] INFO io.kamax.mxisd.config.threepid.connector.EmailSmtpConfig - Port: 587
[main] INFO io.kamax.mxisd.config.threepid.connector.EmailSmtpConfig - TLS Mode: 1
[main] INFO io.kamax.mxisd.config.threepid.connector.EmailSmtpConfig - Login: matrix@domain.com
[main] INFO io.kamax.mxisd.config.threepid.connector.EmailSmtpConfig - Has password: true
[main] INFO io.kamax.mxisd.lookup.strategy.RecursivePriorityLookupStrategy - Found 2 providers
[main] INFO io.kamax.mxisd.lookup.strategy.RecursivePriorityLookupStrategy -   - io.kamax.mxisd.lookup.provider.DnsLookupProvider
[main] INFO io.kamax.mxisd.lookup.strategy.RecursivePriorityLookupStrategy -   - io.kamax.mxisd.lookup.provider.ForwarderProvider
[main] INFO io.kamax.mxisd.lookup.strategy.RecursivePriorityLookupStrategy - Recursive lookup enabled: true
[main] INFO io.kamax.mxisd.lookup.strategy.RecursivePriorityLookupStrategy - 127.0.0.0/8 is allowed for recursion
[main] INFO io.kamax.mxisd.lookup.strategy.RecursivePriorityLookupStrategy - 10.0.0.0/8 is allowed for recursion
[main] INFO io.kamax.mxisd.lookup.strategy.RecursivePriorityLookupStrategy - 172.16.0.0/12 is allowed for recursion
[main] INFO io.kamax.mxisd.lookup.strategy.RecursivePriorityLookupStrategy - 192.168.0.0/16 is allowed for recursion
[main] INFO io.kamax.mxisd.lookup.strategy.RecursivePriorityLookupStrategy - ::1/128 is allowed for recursion
[main] INFO io.kamax.mxisd.lookup.strategy.RecursivePriorityLookupStrategy - Hash lookups enabled: false
[main] INFO io.kamax.mxisd.profile.ProfileManager - Profile Providers:
[main] INFO io.kamax.mxisd.notification.NotificationManager - Found handler raw for medium email
[main] INFO io.kamax.mxisd.notification.NotificationManager - --- Notification handler ---
[main] INFO io.kamax.mxisd.notification.NotificationManager - 	Handler for email: raw
[main] INFO io.kamax.mxisd.invitation.InvitationManager - Loaded saved invites
[main] INFO io.kamax.mxisd.invitation.InvitationManager - Setting up invitation mapping refresh timer
[main] INFO io.kamax.mxisd.directory.DirectoryManager - Directory providers:
[main] INFO io.undertow - starting server: Undertow - 2.0.27.Final
[main] INFO App - ma1sd started
[XNIO-1 task-3] INFO io.kamax.mxisd.http.undertow.handler.auth.v2.AccountRegisterHandler - Registration from domain: domain.com, expired at Sat Feb 06 12:08:31 GMT 2021
[XNIO-1 task-3] INFO io.kamax.mxisd.auth.AccountManager - Registration from the server: domain.com
[XNIO-1 task-3] INFO io.kamax.mxisd.matrix.HomeserverFederationResolver - No DNS overwrite for domain.com
[XNIO-1 task-3] INFO io.kamax.mxisd.matrix.HomeserverFederationResolver - Could not parse well-known resource: M_BAD_JSON: com.google.gson.stream.MalformedJsonException: Use JsonReader.setLenient(true) to accept malformed JSON at line 1 column 12 path $
[XNIO-1 task-3] INFO io.kamax.mxisd.matrix.HomeserverFederationResolver - Resolution of domain.com via DNS SRV record to https://matrix.domain.com:8448
[XNIO-1 task-3] INFO io.kamax.mxisd.auth.AccountManager - Domain resolved: domain.com => https://matrix.domain.com:8448
[XNIO-1 task-3] ERROR io.kamax.mxisd.auth.AccountManager - Unable to get user info.
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
	at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
	at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1946)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:316)
	at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:310)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1639)
	at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:223)
	at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037)
	at sun.security.ssl.Handshaker.process_record(Handshaker.java:965)
	at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395)
	at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1379)
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
	at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
	at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
	at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:374)
	at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
	at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
	at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
	at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
	at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
	at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
	at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:108)
	at io.kamax.mxisd.auth.AccountManager.getUserId(AccountManager.java:77)
	at io.kamax.mxisd.auth.AccountManager.register(AccountManager.java:53)
	at io.kamax.mxisd.http.undertow.handler.auth.v2.AccountRegisterHandler.handleRequest(AccountRegisterHandler.java:54)
	at io.kamax.mxisd.http.undertow.handler.SaneHandler.handleRequest(SaneHandler.java:71)
	at io.undertow.server.Connectors.executeRootHandler(Connectors.java:376)
	at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:830)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
	at java.lang.Thread.run(Thread.java:748)
Caused by: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: validity check failed
	at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:362)
	at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:270)
	at sun.security.validator.Validator.validate(Validator.java:262)
	at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
	at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
	at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
	at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1621)
	... 28 more
Caused by: java.security.cert.CertPathValidatorException: validity check failed
	at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:135)
	at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:233)
	at sun.security.provider.certpath.PKIXCertPathValidator.validate(PKIXCertPathValidator.java:141)
	at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(PKIXCertPathValidator.java:80)
	at java.security.cert.CertPathValidator.validate(CertPathValidator.java:292)
	at sun.security.validator.PKIXValidator.doValidate(PKIXValidator.java:357)
	... 34 more
Caused by: java.security.cert.CertificateExpiredException: NotAfter: Tue Apr 28 13:32:03 GMT 2020
	at sun.security.x509.CertificateValidity.valid(CertificateValidity.java:274)
	at sun.security.x509.X509CertImpl.checkValidity(X509CertImpl.java:629)
	at sun.security.provider.certpath.BasicChecker.verifyValidity(BasicChecker.java:190)
	at sun.security.provider.certpath.BasicChecker.check(BasicChecker.java:144)
	at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(PKIXMasterCertPathValidator.java:125)
	... 39 more
[XNIO-1 task-3] INFO io.kamax.mxisd.http.undertow.handler.BasicHttpHandler - Request POST http://matrix.domain.com/_matrix/identity/v2/account/register - Error M_UNAUTHORIZED: Supplied credentials are invalid
[XNIO-1 task-6] INFO io.kamax.mxisd.http.undertow.handler.auth.v2.AccountRegisterHandler - Registration from domain: domain.com, expired at Sat Feb 06 12:29:12 GMT 2021
[XNIO-1 task-6] INFO io.kamax.mxisd.auth.AccountManager - Registration from the server: domain.com
[XNIO-1 task-6] INFO io.kamax.mxisd.matrix.HomeserverFederationResolver - No DNS overwrite for domain.com
[XNIO-1 task-6] INFO io.kamax.mxisd.matrix.HomeserverFederationResolver - Could not parse well-known resource: M_BAD_JSON: com.google.gson.stream.MalformedJsonException: Use JsonReader.setLenient(true) to accept malformed JSON at line 1 column 12 path $
[XNIO-1 task-6] INFO io.kamax.mxisd.matrix.HomeserverFederationResolver - Resolution of domain.com via DNS SRV record to https://matrix.domain.com:8448
[XNIO-1 task-6] INFO io.kamax.mxisd.auth.AccountManager - Domain resolved: domain.com => https://matrix.domain.com:8448
[XNIO-1 task-6] INFO io.kamax.mxisd.auth.AccountManager - Allow registration only for trust domain.
[XNIO-1 task-6] ERROR io.kamax.mxisd.auth.AccountManager - Deny user @thomas.winkler:domain.com to registration
[XNIO-1 task-6] INFO io.kamax.mxisd.http.undertow.handler.BasicHttpHandler - Request POST http://matrix.domain.com/_matrix/identity/v2/account/register - Error M_UNAUTHORIZED: Supplied credentials are invalid

*real domain has been replaced by matrix.domain.com
@rakshazi
Copy link

Issue still exists

@DanielRub
Copy link

i am facing the same issue

@janonym1
Copy link

janonym1 commented Jan 5, 2022
edited
Loading

I have a similar issue with a similar setup. When I look my at my account information (displayname, email) in my element profile, I get empty fields and the following errors on the server:

Jan 05 16:48:21 matrix-ma1sd[1650401]: [XNIO-1 task-2] INFO io.kamax.mxisd.auth.AccountManager - Found account for user: @matrixuser.matrix.domain.com
Jan 05 16:48:21 matrix-ma1sd[1650401]: [XNIO-1 task-2] ERROR io.kamax.mxisd.http.undertow.handler.AuthorizationHandler - Account for '@matrixuser.matrix.domain.com' from: matrix.domain.com
Jan 05 16:48:21 matrix-ma1sd[1650401]: [XNIO-1 task-2] ERROR io.kamax.mxisd.http.undertow.handler.SaneHandler - Unauthorized:
Jan 05 16:48:21 matrix-ma1sd[1650401]: io.kamax.mxisd.exception.InvalidCredentialsException: Supplied credentials are invalid
Jan 05 16:48:21 matrix-ma1sd[1650401]:         at io.kamax.mxisd.http.undertow.handler.AuthorizationHandler.handleRequest(AuthorizationHandler.java:65)
Jan 05 16:48:21 matrix-ma1sd[1650401]:         at io.kamax.mxisd.http.undertow.handler.SaneHandler.handleRequest(SaneHandler.java:71)
Jan 05 16:48:21 matrix-ma1sd[1650401]:         at io.undertow.server.Connectors.executeRootHandler(Connectors.java:387)
Jan 05 16:48:21 matrix-ma1sd[1650401]:         at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:841)
Jan 05 16:48:21 matrix-ma1sd[1650401]:         at org.jboss.threads.ContextClassLoaderSavingRunnable.run(ContextClassLoaderSavingRunnable.java:35)
Jan 05 16:48:21 matrix-ma1sd[1650401]:         at org.jboss.threads.EnhancedQueueExecutor.safeRun(EnhancedQueueExecutor.java:2019)
Jan 05 16:48:21 matrix-ma1sd[1650401]:         at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.doRunTask(EnhancedQueueExecutor.java:1558)
Jan 05 16:48:21 matrix-ma1sd[1650401]:         at org.jboss.threads.EnhancedQueueExecutor$ThreadBody.run(EnhancedQueueExecutor.java:1449)
Jan 05 16:48:21 matrix-ma1sd[1650401]:         at java.lang.Thread.run(Thread.java:748)
Jan 05 16:48:21 matrix-ma1sd[1650401]: [XNIO-1 task-2] INFO io.kamax.mxisd.http.undertow.handler.BasicHttpHandler - Request GET http://matrix.domain.com/_matrix/identity/v2/hash_details - Error M_UNAUTHORIZED: Supplied credentials are invalid

restarting the ma1sd-service by hand helps for some time but then the same error occurs again
edit:I still need to re-log my element web-session to be able to see my profile data correctly, just restarting the ma1sd-service itself doesnt help

@janonym1 janonym1 mentioned this issue Feb 3, 2022
Open
Craeckie pushed a commit to Craeckie/ma1sd that referenced this issue Dec 12, 2022
@ginkel
Merge pull request ma1uta#88 from tgbyte/dependabot/gradle/com.google…
dcd4736 
…code.libphonenumber-libphonenumber-8.12.56

Bump libphonenumber from 8.12.47 to 8.12.56
@Reis-A
Copy link

Reis-A commented Feb 17, 2023
edited
Loading

I ran into the same problem today, and I think we had the same issue here.
When I take a look at your nginx configuration, then you are missing the configuration lines for .well-known

location /.well-known/matrix/server {`
return 200 '{"m.server": "matrix.mydomain.com:443"}';
add_header Content-Type application/json;
}

location /.well-known/matrix/client {
return 200 '{"m.homeserver": {"base_url": "https://matrix.mydomain.com"}}';
add_header Content-Type application/json;
add_header "Access-Control-Allow-Origin" *;
}

That did it for me.

@AnassDriate
Copy link

Hello ALL,

I am facing the same issue. Not so much documentation and explanation about this issue.

Any support ?

Regards,

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@rakshazi @DanielRub @prismplex @janonym1 @AnassDriate @Reis-A