Dear all,
we are currently trying to add mobile support to our Moodle 3.8.5 instance. When given our Moodle's URL (https://moodle.lender.schule), both the mobile and the desktop app fail and throw an error:
Ungültiger Rückgabewert
(which translates to "Invalid return value"). I do not even get to the point where I could insert my credentials.
The FAQ says that this may happen with http-redirects, but
a) I already give an address with https so it should never go to http
b) I can see that the request are not redirected but correctly sent to the https-address (using the debugging tools of the Desktop App) (Apart from that we have HSTS enabled which should prevent any http requests anyway.)
c) I also turned off http forwards and it didn't get better.
The actual server response to token.php is:
- {error: "Notwendiger Parameter "username" fehlt", errorcode: "missingparam", stacktrace: null,…}
- debuginfo: null
- error: "Notwendiger Parameter "username" fehlt"
- errorcode: "missingparam"
- reproductionlink: null
- stacktrace: null
- debuginfo: null
- [{error: true, exception: {message: "Ungültiger Rückgabewert", errorcode: "invalidresponse",…}}]
- 0: {error: true, exception: {message: "Ungültiger Rückgabewert", errorcode: "invalidresponse",…}}
- error: true
- exception: {message: "Ungültiger Rückgabewert", errorcode: "invalidresponse",…}
- errorcode: "invalidresponse"
- link: "https://moodle.lender.schule/"
- message: "Ungültiger Rückgabewert"
- moreinfourl: "http://docs.moodle.org/38/de/error/debug/invalidresponse"
- 0: {error: true, exception: {message: "Ungültiger Rückgabewert", errorcode: "invalidresponse",…}}
[Tue Jun 09 2020] [php7:notice] Default exception handler: Notwendiger Parameter "username" fehlt Debug: \nError code: missingparam\n* line 494 of /lib/setuplib.php: moodle_exception thrown\n* line 562 of /lib/moodlelib.php: call to print_error()\n* line 34 of /login/token.php: call to required_param()\nOur Moodle runs behind a reverse proxy that also handles the TLS encryption; mobile app access and so on are enabled.
We're running PHP 7.4 with Apache 2.4.38. Latest mobile an desktop apps.
We're using LDAP for authentication (but not with SSO).
What else can I check? Where else should I look?
Thanks
Sebastian
Edit: I recorded the network traffic for this on the server side; it matches what I can see in the developer console. Just to ensure that the reverse proxy doesn't manipulate the data in any unexpected way …