Before I head down a rabbit hole has anyone advice how to tackle the following issue.

When editing documents in a CODE window things work well for a bit but then I get this message and cant save anymore

“Document cannot be saved due to an invalid or expired access token.”

is this Cells side config or CODE side?

im guessing its Cells issuing short lived tokens

any help appreciated !

thanks

Hi,
could you tell me which pydio cells version are you on?

actually, i wasnt sure if it was 1.2.4 or 1.2.5. I made the n00b mistake of using latest as the docker tag.

Now after a cluster power failure things arnt starting back up, so ill have to try and sort that out fist.

Lots of entries like:

{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.web.auth”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}
{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.grpc.data-key”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}
{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.grpc.user-key”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}
{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.grpc.policy”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}
{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.grpc.user-meta”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}
{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.grpc.user”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}
{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.grpc.role”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}
{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.grpc.workspace”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}
{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.grpc.meta”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}
{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.grpc.changes”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}
{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.grpc.auth”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}
{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.grpc.config”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}
{“level”:“error”,“ts”:“2019-01-28T18:58:48Z”,“logger”:“pydio.grpc.acl”,“msg”:"Could not prepare start ",“error”:“Storage is not available”}

so ill have to fathom this out first. In the mean time ive pinned the version to 1.2.3 as I know for sure this is what I was using a month or so ago.

ill be back in touch when ive recovered things

Hi,
yeah it seems that the latest tag on docker does not give the latest version, i’ll ask that to be changed.

ive got stuff back up running now, the dns in the cluster went a bit funky so pydio couldnt speak to the maria db pod.

ive pinned to v1.2.5 for now and i shall let you know what happens

its still happening;

I opened pydio cells in my safari browser,
edited a doc and saved it,
did some stuff in another tab for a bit,
went back to the pydio tab and made a change and tried to save

some logs here (would you like to know some bits of the pydio config file?)

2019-01-30T19:35:58.980Z INFO pydio.grpc.data.sync.personal CreateNode {“node”: "Uuid:“b84c4494-276d-4c29-a1d4-0017a8570972” Path:“ross/shopping/week2.docx” Type:LEAF Size:6182 MTime:1548876957 Mode:511 Etag:“166ece7b9b0d5b9c36e8a8e03493dee9” "}
2019-01-30T19:36:03.158Z INFO Restarting Gateway Proxy {“caddyfile”: “\n\t\thttp://0.0.0.0:30010 {\n\t\tproxy /a 10.244.3.115:44255 {\n\t\t\twithout /a\n\t\t\ttransparent\n\t\t}\n\t\tproxy /auth/dex 10.244.3.115:37041 {\n\t\t\ttransparent\n\t\t\tinsecure_skip_verify\n\t\t}\n\t\tproxy /io :32923 {\n\t\t\ttransparent\n\t\t}\n\t\tproxy /data :32923 {\n\t\t\ttransparent\n\t\t}\n\t\tproxy /ws PENDING {\n\t\t\twebsocket\n\t\t\twithout /ws\n\t\t}\n\t\tproxy /plug/ 10.244.3.115:39683 {\n\t\t\ttransparent\n\t\t\theader_downstream Cache-Control “public, max-age=31536000”\n\t\t}\n\t\tproxy /dav/ 10.244.3.115:40187 {\n\t\t\ttransparent\n\t\t}\n\n\t\tproxy /public/ 10.244.3.115:39683 {\n\t\t\ttransparent\n\t\t}\n\n\t\tproxy /user/reset-password/ 10.244.3.115:39683 {\n\t\t\ttransparent\n\t\t}\n\n\t\tproxy /robots.txt 10.244.3.115:39683 {\n\t\t\ttransparent\n\t\t}\n\n\t\tproxy /login 10.244.3.115:39683/gui {\n\t\t\ttransparent\n\t\t\twithout /login\n\t\t}\n\n\t\tredir 302 {\n\t\t if {path} is /\n\t\t / /login\n\t\t}\n\n\t\t\n\t\t\n proxy /wopi/ 10.244.3.115:40871 {\n transparent\n }\n\n proxy /loleaflet/ https://collabora:9980/loleaflet {\n transparent\n insecure_skip_verify\n without /loleaflet/\n }\n\n proxy /hosting/discovery https://collabora:9980/hosting/discovery {\n transparent\n insecure_skip_verify\n without /hosting/discovery\n }\n\n proxy /lool/ https://collabora:9980/lool/ {\n transparent\n insecure_skip_verify\n websocket\n without /lool/\n }\n \n\t\t\n\n\t\trewrite {\n\t\t\tif {path} not_starts_with “/a/”\n\t\t\tif {path} not_starts_with “/auth/”\n\t\t\tif {path} not_starts_with “/io”\n\t\t\tif {path} not_starts_with “/data”\n\t\t\tif {path} not_starts_with “/ws/”\n\t\t\tif {path} not_starts_with “/plug/”\n\t\t\tif {path} not_starts_with “/dav/”\n\t\t\t\n\t\t\tif {path} not_starts_with “/wopi/”\n\t\t\t\n\t\t\tif {path} not_starts_with “/loleaflet/”\n\t\t\t\n\t\t\tif {path} not_starts_with “/hosting/discovery”\n\t\t\t\n\t\t\tif {path} not_starts_with “/lool/”\n\t\t\t\n\t\t\tif {path} not_starts_with “/public/”\n\t\t\tif {path} not_starts_with “/user/reset-password”\n\t\t\tif {path} not_starts_with “/robots.txt”\n\t\t\tto {path} {path}/ /login\n\t\t}\n\n\t\t\n\t\terrors “/root/.config/pydio/cells/logs/caddy_errors.log”\n\t\t}\n\n\t\t\n\t”}
2019-01-30T19:36:03.158Z INFO [INFO] Reloading
2019-01-30T19:36:05.392Z INFO [INFO] Reloading complete
2019-01-30T19:36:05.392Z INFO Restart Finished
2019-01-30T19:36:05.392Z INFO http: Server closed
2019-01-30T19:36:16.399Z INFO Restarting Gateway Proxy {“caddyfile”: “\n\t\thttp://0.0.0.0:30010 {\n\t\tproxy /a 10.244.3.115:44255 {\n\t\t\twithout /a\n\t\t\ttransparent\n\t\t}\n\t\tproxy /auth/dex 10.244.3.115:37041 {\n\t\t\ttransparent\n\t\t\tinsecure_skip_verify\n\t\t}\n\t\tproxy /io :32923 {\n\t\t\ttransparent\n\t\t}\n\t\tproxy /data :32923 {\n\t\t\ttransparent\n\t\t}\n\t\tproxy /ws PENDING {\n\t\t\twebsocket\n\t\t\twithout /ws\n\t\t}\n\t\tproxy /plug/ 10.244.3.115:39683 {\n\t\t\ttransparent\n\t\t\theader_downstream Cache-Control “public, max-age=31536000”\n\t\t}\n\t\tproxy /dav/ 10.244.3.115:40187 {\n\t\t\ttransparent\n\t\t}\n\n\t\tproxy /public/ 10.244.3.115:39683 {\n\t\t\ttransparent\n\t\t}\n\n\t\tproxy /user/reset-password/ 10.244.3.115:39683 {\n\t\t\ttransparent\n\t\t}\n\n\t\tproxy /robots.txt 10.244.3.115:39683 {\n\t\t\ttransparent\n\t\t}\n\n\t\tproxy /login 10.244.3.115:39683/gui {\n\t\t\ttransparent\n\t\t\twithout /login\n\t\t}\n\n\t\tredir 302 {\n\t\t if {path} is /\n\t\t / /login\n\t\t}\n\n\t\t\n\t\t\n proxy /wopi/ 10.244.3.115:40871 {\n transparent\n }\n\n proxy /loleaflet/ https://collabora:9980/loleaflet {\n transparent\n insecure_skip_verify\n without /loleaflet/\n }\n\n proxy /hosting/discovery https://collabora:9980/hosting/discovery {\n transparent\n insecure_skip_verify\n without /hosting/discovery\n }\n\n proxy /lool/ https://collabora:9980/lool/ {\n transparent\n insecure_skip_verify\n websocket\n without /lool/\n }\n \n\t\t\n\n\t\trewrite {\n\t\t\tif {path} not_starts_with “/a/”\n\t\t\tif {path} not_starts_with “/auth/”\n\t\t\tif {path} not_starts_with “/io”\n\t\t\tif {path} not_starts_with “/data”\n\t\t\tif {path} not_starts_with “/ws/”\n\t\t\tif {path} not_starts_with “/plug/”\n\t\t\tif {path} not_starts_with “/dav/”\n\t\t\t\n\t\t\tif {path} not_starts_with “/wopi/”\n\t\t\t\n\t\t\tif {path} not_starts_with “/loleaflet/”\n\t\t\t\n\t\t\tif {path} not_starts_with “/hosting/discovery”\n\t\t\t\n\t\t\tif {path} not_starts_with “/lool/”\n\t\t\t\n\t\t\tif {path} not_starts_with “/public/”\n\t\t\tif {path} not_starts_with “/user/reset-password”\n\t\t\tif {path} not_starts_with “/robots.txt”\n\t\t\tto {path} {path}/ /login\n\t\t}\n\n\t\t\n\t\terrors “/root/.config/pydio/cells/logs/caddy_errors.log”\n\t\t}\n\n\t\t\n\t”}
.
.
.
2019-01-30T19:41:45.355Z INFO [INFO] Reloading
2019-01-30T19:41:45.359Z INFO [INFO] Reloading complete
2019-01-30T19:41:45.359Z INFO Restart Finished
2019-01-30T19:41:45.359Z INFO http: Server closed
2019-01-30T19:41:56.366Z INFO Restarting Gateway Proxy {“caddyfile”: “\n\t\thttp://0.0.0.0:30010 {\n\t\tproxy /a 10.244.3.115:44255 {\n\t\t\twithout /a\n\t\t\ttransparent\n\t\t}\n\t\tproxy /auth/dex 10.244.3.115:37041 {\n\t\t\ttransparent\n\t\t\tinsecure_skip_verify\n\t\t}\n\t\tproxy /io :32923 {\n\t\t\ttransparent\n\t\t}\n\t\tproxy /data :32923 {\n\t\t\ttransparent\n\t\t}\n\t\tproxy /ws PENDING {\n\t\t\twebsocket\n\t\t\twithout /ws\n\t\t}\n\t\tproxy /plug/ 10.244.3.115:39683 {\n\t\t\ttransparent\n\t\t\theader_downstream Cache-Control “public, max-age=31536000”\n\t\t}\n\t\tproxy /dav/ 10.244.3.115:40187 {\n\t\t\ttransparent\n\t\t}\n\n\t\tproxy /public/ 10.244.3.115:39683 {\n\t\t\ttransparent\n\t\t}\n\n\t\tproxy /user/reset-password/ 10.244.3.115:39683 {\n\t\t\ttransparent\n\t\t}\n\n\t\tproxy /robots.txt 10.244.3.115:39683 {\n\t\t\ttransparent\n\t\t}\n\n\t\tproxy /login 10.244.3.115:39683/gui {\n\t\t\ttransparent\n\t\t\twithout /login\n\t\t}\n\n\t\tredir 302 {\n\t\t if {path} is /\n\t\t / /login\n\t\t}\n\n\t\t\n\t\t\n proxy /wopi/ 10.244.3.115:40871 {\n transparent\n }\n\n proxy /loleaflet/ https://collabora:9980/loleaflet {\n transparent\n insecure_skip_verify\n without /loleaflet/\n }\n\n proxy /hosting/discovery https://collabora:9980/hosting/discovery {\n transparent\n insecure_skip_verify\n without /hosting/discovery\n }\n\n proxy /lool/ https://collabora:9980/lool/ {\n transparent\n insecure_skip_verify\n websocket\n without /lool/\n }\n \n\t\t\n\n\t\trewrite {\n\t\t\tif {path} not_starts_with “/a/”\n\t\t\tif {path} not_starts_with “/auth/”\n\t\t\tif {path} not_starts_with “/io”\n\t\t\tif {path} not_starts_with “/data”\n\t\t\tif {path} not_starts_with “/ws/”\n\t\t\tif {path} not_starts_with “/plug/”\n\t\t\tif {path} not_starts_with “/dav/”\n\t\t\t\n\t\t\tif {path} not_starts_with “/wopi/”\n\t\t\t\n\t\t\tif {path} not_starts_with “/loleaflet/”\n\t\t\t\n\t\t\tif {path} not_starts_with “/hosting/discovery”\n\t\t\t\n\t\t\tif {path} not_starts_with “/lool/”\n\t\t\t\n\t\t\tif {path} not_starts_with “/public/”\n\t\t\tif {path} not_starts_with “/user/reset-password”\n\t\t\tif {path} not_starts_with “/robots.txt”\n\t\t\tto {path} {path}/ /login\n\t\t}\n\n\t\t\n\t\terrors “/root/.config/pydio/cells/logs/caddy_errors.log”\n\t\t}\n\n\t\t\n\t”}
2019-01-30T19:41:56.366Z INFO [INFO] Reloading
2019-01-30T19:41:56.391Z INFO [INFO] Reloading complete
2019-01-30T19:41:56.391Z INFO Restart Finished
2019-01-30T19:41:56.391Z INFO http: Server closed
2019-01-30T19:41:56.883Z ERROR JWT token validation failed, cannot process request

Hi,
i spoke with the devs and they told me that they are on it,
for the time being you could either increase yourself the token duration, you can find the values inside the pydio.json file.

Screenshot 2019-01-31 at 09.37.55.png722×288 54.7 KB

is it IdTokensExpiry or RefreshTokensExpiry?

Hi,
you can increase both as long as the refresh token is longer than the Id token.

Ive done that, things are looking ok so far.

thanks for your help

Hey all,

Just to notice you that I had the same problem, and editing pydio.json fixed that.

Thanks

Hey there,

I got exactly the same problem again. I tried to edit pydio.json again but it looks like that there is not the option about the token like before.

Invalid or expired access token

Hello,
Up please, it’s annoying to work on a file and you loose data because of the Invalid or expired access token…

Hi,

You can configure the lifespan of the access token by changing / or adding the accessTokenLifespan configuration to the services/pydio.web.oauth section as in the example below

{
    "services": {
        ...
        "pydio.web.oauth": {
            ...
            "accessTokenLifespan": "10m"
        }
    }
}

The current default is 10m (10 minutes)

Thanks,
Greg

Hello !

Thanks a lot for your reply, I’m really happy to read you because it’s very annoying to type text and don’t save and have the expired token.

But I have problem to apply your configuration :

/home/pydio/.config/pydio/cells/services/pydio.web.oauth
it’s not a file, it’s a folder that contains a file nammed version.

Can you explain a little more how to apply the token duration please ?

Thanks a lot !

Hello @lubovic,

You can find the "pydio.web.oauth" section inside your pydio.json, that is the location where you have to add the line as seen in the example.

I can confirm it’s working. Thanks a lot!

This topic was automatically closed 11 days after the last reply. New replies are no longer allowed.