[Bug]: OC\Authentication\Exceptions\InvalidTokenException: Token is too short for a generated token, should be the password during basic auth

[MPTopper]

⚠️ This issue respects the following points: ⚠️

• This is a bug, not a question or a configuration/webserver/proxy issue.
• This issue is not already reported on Github OR Nextcloud Community Forum (I've searched it).
• Nextcloud Server is up to date. See Maintenance and Release Schedule for supported versions.
• I agree to follow Nextcloud's Code of Conduct.

Bug description

Today I updated my Nextcloud server from 27.1.2 to 27.1.3. Immediately afterwards warnings came (every minute) but everything before worked smoothly - Android/Windows Nextcloud clients are connected - connection is succesful, but warnings come nevertheless. Log:

[core] Warnung: OC\Authentication\Exceptions\InvalidTokenException: Token is too short for a generated token, should be the password during basic auth at <<closure>>

0. /var/www/html/nextcloud/lib/private/Authentication/Token/Manager.php line 133
   OC\Authentication\Token\PublicKeyTokenProvider->getToken("*** sensitive parameters replaced ***")
1. /var/www/html/nextcloud/lib/private/User/Session.php line 782
   OC\Authentication\Token\Manager->getToken("*** sensitive parameters replaced ***")
2. /var/www/html/nextcloud/lib/private/User/Session.php line 352
   OC\User\Session->validateToken("*** sensitive parameters replaced ***")
3. /var/www/html/nextcloud/lib/private/User/Session.php line 452
   OC\User\Session->login("*** sensitive parameters replaced ***")
4. /var/www/html/nextcloud/lib/private/User/Session.php line 580
   OC\User\Session->logClientIn("*** sensitive parameters replaced ***")
5. /var/www/html/nextcloud/lib/base.php line 1150
   OC\User\Session->tryBasicAuthLogin()
6. /var/www/html/nextcloud/ocs/v1.php line 61
   OC::handleLogin()
7. /var/www/html/nextcloud/ocs/v2.php line 23
   require_once("/var/www/html/nextcloud/ocs/v1.php")

Steps to reproduce

1. No idea

Expected behavior

Everything is working but log is blasted with warnings

Installation method

Community Manual installation with Archive

Nextcloud Server version

27

Operating system

Debian/Ubuntu

PHP engine version

PHP 8.1

Web server

Apache (supported)

Database engine version

MariaDB

Is this bug present after an update or on a fresh install?

Updated from a MINOR version (ex. 22.1 to 22.2)

Are you using the Nextcloud Server Encryption module?

Encryption is Disabled

What user-backends are you using?

• Default user-backend (database)
• LDAP/ Active Directory
• SSO - SAML
• Other

Configuration report

No response

List of activated Apps

No response

Nextcloud Signing status

No response

Nextcloud Logs

No response

Additional info

No response

[IPolarisI]

Same for me. My setup is the same (except for php being 8.2), log level is 2.

What seems to trigger it is any access made via caldav (Windows/Android calendar) and webdav. Everything works though, tasks and files sync both ways.

[MPTopper]

@IPolarisI yes, was also my assumption that CalDav access could be the problem

[j-ed]

After updating Nextcloud to the latest version several users have reported the same issue. See here:

https://help.nextcloud.com/t/token-is-too-short-for-a-generated-token-should-be-the-password-during-basic-auth/173064

[m-i-k-e-y]

I have my log filled with these messages too, alternating with this token does not exist message:

[core] Warnung: OC\Authentication\Exceptions\InvalidTokenException: Token does not exist: token does not exist at <<closure>>

 0. /var/www/nextcloud/lib/private/Authentication/Token/Manager.php line 133
    OC\Authentication\Token\PublicKeyTokenProvider->getToken("*** sensitive parameters replaced ***")
 1. /var/www/nextcloud/lib/private/User/Session.php line 782
    OC\Authentication\Token\Manager->getToken("*** sensitive parameters replaced ***")
 2. /var/www/nextcloud/lib/private/User/Session.php line 257
    OC\User\Session->validateToken("*** sensitive parameters replaced ***")
 3. /var/www/nextcloud/lib/private/User/Session.php line 232
    OC\User\Session->validateSession()
 4. /var/www/nextcloud/lib/private/legacy/OC_App.php line 228
    OC\User\Session->getUser()
 5. /var/www/nextcloud/lib/private/App/AppManager.php line 198
    OC_App::getEnabledApps()
 6. /var/www/nextcloud/lib/private/legacy/OC_App.php line 126
    OC\App\AppManager->loadApps()
 7. /var/www/nextcloud/lib/private/legacy/OC_User.php line 128
    OC_App::loadApps()
 8. /var/www/nextcloud/lib/base.php line 770
    OC_User::setupBackends()
 9. /var/www/nextcloud/lib/base.php line 1196
    OC::init()
10. /var/www/nextcloud/remote.php line 119
    require_once("/var/www/nextcloud/lib/base.php")

Caused by:

OCP\AppFramework\Db\DoesNotExistException: token does not exist at <<closure>>

 0. /var/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php line 168
    OC\Authentication\Token\PublicKeyTokenMapper->getToken("*** sensitive parameters replaced ***")
 1. /var/www/nextcloud/lib/private/Authentication/Token/Manager.php line 133
    OC\Authentication\Token\PublicKeyTokenProvider->getToken("*** sensitive parameters replaced ***")
 2. /var/www/nextcloud/lib/private/User/Session.php line 782
    OC\Authentication\Token\Manager->getToken("*** sensitive parameters replaced ***")
 3. /var/www/nextcloud/lib/private/User/Session.php line 257
    OC\User\Session->validateToken("*** sensitive parameters replaced ***")
 4. /var/www/nextcloud/lib/private/User/Session.php line 232
    OC\User\Session->validateSession()
 5. /var/www/nextcloud/lib/private/legacy/OC_App.php line 228
    OC\User\Session->getUser()
 6. /var/www/nextcloud/lib/private/App/AppManager.php line 198
    OC_App::getEnabledApps()
 7. /var/www/nextcloud/lib/private/legacy/OC_App.php line 126
    OC\App\AppManager->loadApps()
 8. /var/www/nextcloud/lib/private/legacy/OC_User.php line 128
    OC_App::loadApps()
 9. /var/www/nextcloud/lib/base.php line 770
    OC_User::setupBackends()
10. /var/www/nextcloud/lib/base.php line 1196
    OC::init()
11. /var/www/nextcloud/remote.php line 119
    require_once("/var/www/nextcloud/lib/base.php")

PROPFIND /remote.php/dav/calendars/nc_user/personal/
from [IPv6] by nc_user at 2023-10-27T11:31:03+00:00

The last line (PROPFIND...), which can be found in the Token too short messages too, makes me believe, this is related to calendar.

[solracsf]

This was already happening before, it was just not logged before 27.1.3 / 26.0.8, it is now after @ChristophWurst PR #40785

This is not an Error, but a Warning.

[brianjmurrell]

This was already happening before, it was just not logged before 27.1.3 / 26.0.8, it is now after @ChristophWurst PR #40785

This is not an Error, but a Warning.

A warning of what though? What should I do to mitigate what is being warned about?

And I don't mean just how do I hide the warning by setting log level to 3. The question is how do I correct the actual situation the warning is being logged about?

[m-i-k-e-y]

This is not restricted to calendar, seems to be a general issue accessing nextcloud throu dav. I'm using dav2fs on linux and it causes this warning, but seems to work fine otherwise:

[core] Warnung: OC\Authentication\Exceptions\InvalidTokenException: Token is too short for a generated token, should be the password during basic auth at <<closure>>

 0. /var/www/nextcloud/lib/private/Authentication/Token/Manager.php line 133
    OC\Authentication\Token\PublicKeyTokenProvider->getToken("*** sensitive parameters replaced ***")
 1. /var/www/nextcloud/lib/private/User/Session.php line 782
    OC\Authentication\Token\Manager->getToken("*** sensitive parameters replaced ***")
 2. /var/www/nextcloud/lib/private/User/Session.php line 352
    OC\User\Session->validateToken("*** sensitive parameters replaced ***")
 3. /var/www/nextcloud/lib/private/User/Session.php line 452
    OC\User\Session->login("*** sensitive parameters replaced ***")
 4. /var/www/nextcloud/apps/dav/lib/Connector/Sabre/Auth.php line 114
    OC\User\Session->logClientIn("*** sensitive parameters replaced ***")
 5. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Auth/Backend/AbstractBasic.php line 103
    OCA\DAV\Connector\Sabre\Auth->validateUserPass("*** sensitive parameters replaced ***")
 6. /var/www/nextcloud/apps/dav/lib/Connector/Sabre/Auth.php line 232
    Sabre\DAV\Auth\Backend\AbstractBasic->check()
 7. /var/www/nextcloud/apps/dav/lib/Connector/Sabre/Auth.php line 139
    OCA\DAV\Connector\Sabre\Auth->auth()
 8. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Auth/Plugin.php line 179
    OCA\DAV\Connector\Sabre\Auth->check()
 9. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Auth/Plugin.php line 135
    Sabre\DAV\Auth\Plugin->check()
10. /var/www/nextcloud/3rdparty/sabre/event/lib/WildcardEmitterTrait.php line 89
    Sabre\DAV\Auth\Plugin->beforeMethod()
11. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php line 456
    Sabre\DAV\Server->emit()
12. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php line 253
    Sabre\DAV\Server->invokeMethod()
13. /var/www/nextcloud/3rdparty/sabre/dav/lib/DAV/Server.php line 321
    Sabre\DAV\Server->start()
14. /var/www/nextcloud/apps/dav/lib/Server.php line 365
    Sabre\DAV\Server->exec()
15. /var/www/nextcloud/apps/dav/appinfo/v2/remote.php line 35
    OCA\DAV\Server->exec()
16. /var/www/nextcloud/remote.php line 172
    require_once("/var/www/nextcl ... p")

PROPFIND /remote.php/dav/files/nc_user/
from [IPv6] at 2023-10-30T10:01:01+00:00

[ChristophWurst]

The log level can be lowered to debug 👍

Anyone up for a simple PR to address that?

[brianjmurrell]

The log level can be lowered to debug 👍

Or we could correct the situation that the WARNING is warning us about. What is that situation? How do we correct it?

Surely a warning is there to warn you about something you need to fix right? If it's not something that needs fixing then it should not be a warning.

[MPTopper]

Hi Christoph. I adjusted loglevel from 2 to 0 (Debug) and noticed that my initial log entry comes as a pair together with that one:

[no app in context] Fehlersuche: OC\Authentication\Exceptions\InvalidTokenException: Token is too short for a generated token, should be the password during basic auth at <>

0. /var/www/html/nextcloud/lib/private/Authentication/Token/Manager.php line 133
   OC\Authentication\Token\PublicKeyTokenProvider->getToken("*** sensitive parameters replaced ***")
1. /var/www/html/nextcloud/lib/private/User/Session.php line 528
   OC\Authentication\Token\Manager->getToken("*** sensitive parameters replaced ***")
2. /var/www/html/nextcloud/lib/private/User/Session.php line 438
   OC\User\Session->isTokenPassword("*** sensitive parameters replaced ***")
3. /var/www/html/nextcloud/lib/private/User/Session.php line 580
   OC\User\Session->logClientIn("*** sensitive parameters replaced ***")
4. /var/www/html/nextcloud/lib/base.php line 1150
   OC\User\Session->tryBasicAuthLogin()
5. /var/www/html/nextcloud/ocs/v1.php line 61
   OC::handleLogin()
6. /var/www/html/nextcloud/ocs/v2.php line 23
   require_once("/var/www/html/nextcloud/ocs/v1.php")

Nothing else noticed. Is this what you wanted?

[ChristophWurst]

Token is too short for a generated token, should be the password during basic auth

is the topic of this ticket. What other log entry does it come as a pair with?

[MPTopper]

This pair comes together:

[core] Warnung: OC\Authentication\Exceptions\InvalidTokenException: Token is too short for a generated token, should be the password during basic auth at <>

0. /var/www/html/nextcloud/lib/private/Authentication/Token/Manager.php line 133
   OC\Authentication\Token\PublicKeyTokenProvider->getToken("*** sensitive parameters replaced ***")
1. /var/www/html/nextcloud/lib/private/User/Session.php line 782
   OC\Authentication\Token\Manager->getToken("*** sensitive parameters replaced ***")
2. /var/www/html/nextcloud/lib/private/User/Session.php line 352
   OC\User\Session->validateToken("*** sensitive parameters replaced ***")
3. /var/www/html/nextcloud/lib/private/User/Session.php line 452
   OC\User\Session->login("*** sensitive parameters replaced ***")
4. /var/www/html/nextcloud/lib/private/User/Session.php line 580
   OC\User\Session->logClientIn("*** sensitive parameters replaced ***")
5. /var/www/html/nextcloud/lib/base.php line 1150
   OC\User\Session->tryBasicAuthLogin()
6. /var/www/html/nextcloud/ocs/v1.php line 61
   OC::handleLogin()
7. /var/www/html/nextcloud/ocs/v2.php line 23
   require_once("/var/www/html/nextcloud/ocs/v1.php")

[no app in context] Fehlersuche: OC\Authentication\Exceptions\InvalidTokenException: Token is too short for a generated token, should be the password during basic auth at <>

/var/www/html/nextcloud/lib/private/Authentication/Token/Manager.php line 133
OC\Authentication\Token\PublicKeyTokenProvider->getToken("*** sensitive parameters replaced ***")
/var/www/html/nextcloud/lib/private/User/Session.php line 528
OC\Authentication\Token\Manager->getToken("*** sensitive parameters replaced ***")
/var/www/html/nextcloud/lib/private/User/Session.php line 438
OC\User\Session->isTokenPassword("*** sensitive parameters replaced ***")
/var/www/html/nextcloud/lib/private/User/Session.php line 580
OC\User\Session->logClientIn("*** sensitive parameters replaced ***")
/var/www/html/nextcloud/lib/base.php line 1150
OC\User\Session->tryBasicAuthLogin()
/var/www/html/nextcloud/ocs/v1.php line 61
OC::handleLogin()
/var/www/html/nextcloud/ocs/v2.php line 23
require_once("/var/www/html/nextcloud/ocs/v1.php")

[ChristophWurst]

Fehlersuche: O..

That must be the Denglisch translation for Debug: O..

Could you please post the raw versions of the two entries?

[MPTopper]

First:

{"reqId":"I5Mfg3Dh6t45vq3PhbHo","level":2,"time":"2023-10-30T15:30:28+01:00","remoteAddr":"172.20.20.20","user":"--","app":"core","method":"GET","url":"/ocs/v2.php/apps/serverinfo/api/v1/info","message":"Session token is invalid because it does not exist","userAgent":"Mozilla/5.0 (Windows NT; Windows NT 10.0; de-DE) WindowsPowerShell/5.1.20348.2031","version":"27.1.3.2","exception":{"Exception":"OC\\Authentication\\Exceptions\\InvalidTokenException","Message":"Token is too short for a generated token, should be the password during basic auth","Code":0,"Trace":[{"file":"/var/www/html/nextcloud/lib/private/Authentication/Token/Manager.php","line":133,"function":"getToken","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/nextcloud/lib/private/User/Session.php","line":782,"function":"getToken","class":"OC\\Authentication\\Token\\Manager","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/nextcloud/lib/private/User/Session.php","line":352,"function":"validateToken","class":"OC\\User\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/nextcloud/lib/private/User/Session.php","line":452,"function":"login","class":"OC\\User\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/nextcloud/lib/private/User/Session.php","line":580,"function":"logClientIn","class":"OC\\User\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/nextcloud/lib/base.php","line":1150,"function":"tryBasicAuthLogin","class":"OC\\User\\Session","type":"->"},{"file":"/var/www/html/nextcloud/ocs/v1.php","line":61,"function":"handleLogin","class":"OC","type":"::"},{"file":"/var/www/html/nextcloud/ocs/v2.php","line":23,"args":["/var/www/html/nextcloud/ocs/v1.php"],"function":"require_once"}],"File":"/var/www/html/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","Line":155,"message":"Session token is invalid because it does not exist","user":"PRTGMonitor","exception":[],"CustomMessage":"Session token is invalid because it does not exist"},"id":"653fbe0560943"}

Second:

{"reqId":"I5Mfg3Dh6t45vq3PhbHo","level":0,"time":"2023-10-30T15:30:28+01:00","remoteAddr":"172.20.20.20","user":"--","app":"no app in context","method":"GET","url":"/ocs/v2.php/apps/serverinfo/api/v1/info","message":"Token is not valid: Token is too short for a generated token, should be the password during basic auth","userAgent":"Mozilla/5.0 (Windows NT; Windows NT 10.0; de-DE) WindowsPowerShell/5.1.20348.2031","version":"27.1.3.2","exception":{"Exception":"OC\\Authentication\\Exceptions\\InvalidTokenException","Message":"Token is too short for a generated token, should be the password during basic auth","Code":0,"Trace":[{"file":"/var/www/html/nextcloud/lib/private/Authentication/Token/Manager.php","line":133,"function":"getToken","class":"OC\\Authentication\\Token\\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/nextcloud/lib/private/User/Session.php","line":528,"function":"getToken","class":"OC\\Authentication\\Token\\Manager","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/nextcloud/lib/private/User/Session.php","line":438,"function":"isTokenPassword","class":"OC\\User\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/nextcloud/lib/private/User/Session.php","line":580,"function":"logClientIn","class":"OC\\User\\Session","type":"->","args":["*** sensitive parameters replaced ***"]},{"file":"/var/www/html/nextcloud/lib/base.php","line":1150,"function":"tryBasicAuthLogin","class":"OC\\User\\Session","type":"->"},{"file":"/var/www/html/nextcloud/ocs/v1.php","line":61,"function":"handleLogin","class":"OC","type":"::"},{"file":"/var/www/html/nextcloud/ocs/v2.php","line":23,"args":["/var/www/html/nextcloud/ocs/v1.php"],"function":"require_once"}],"File":"/var/www/html/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","Line":155,"message":"Token is not valid: Token is too short for a generated token, should be the password during basic auth","exception":[],"CustomMessage":"Token is not valid: Token is too short for a generated token, should be the password during basic auth"},"id":"653fbe056096c"}

[brianjmurrell]

Still no hint on what the situation is that this is warning about and how we rectify it rather than just burying the warning message?

[MPTopper]

Just for the sake of completeness: Today I found out that (in my individual case) the warning is throwed when a custom PRTG sensor (powershell) is pulling a web request towards my Nextcloud instance - when I am stopping this sensor no more warnings appear. I am not sure what exactly is causing this, therefore I am linking the GitHub repository where it comes from:

https://github.com/dwydler/Powershell-Skripte/blob/master/Paessler/PRTG/paessler-prtg_monitor-nextcloud-instance.ps1

[zero0cool0]

Not an explanation as to what this warning is exactly about, but if it helps anyone:

I have a user that belongs to a group that is not enforcing two factor authentication. The user is using rclone (v1.65.0-beta) to upload / delete files in an automated way and was using username / password login. After changing the user to use 2FA and helping to create an app-specific password, the log entries were gone.

[ChristophWurst]

One can authenticate against Nextcloud with a login password or an app password. App passwords are checked first. To prevent useless lookups of passwords that can't semantically be an app password an exception for an unknown app password is thrown. This is absolutely nothing to worry about. The request is simply using a login password.

Therefore, the logging level can be dropped to debug safely.

[andreaskernke]

I don't know if it helps. After I uninstalled the Caldav sync app from my Android devices, no more alerts appeared in the log.

[IPolarisI]

@andreaskernke Well if you don't use the function that triggers the warning, the warning doesn't get triggered of course x)

[i-B4se]

Hello,
is there any solution for this bug?
We don't have Android in our household.

Thank you in advance.

[andreaskernke]

@andreaskernke Well if you don't use the function that triggers the warning, the warning doesn't get triggered of course x)

Of course. I use DavX5 instaed. What I mean ist, when you know what triggers the warning, then you might be able to replace it.

[IPolarisI]

Oh, I use DavX5 and still have the message :/

@i-B4se : This gets trigger when you access your server vie Cladav or Webdav, not necessarily on Android. It's on Nextcloud's side, the next release should fix it.

[AndyXheli]

Issues back on NC 28.0.1

[ChristophWurst]

At which error level?

[AndyXheli]

Error

{"reqId":"TKNfkzrrfzsdmFzwgstq","level":3,"time":"2023-12-21T16:09:48-06:00","remoteAddr":"10.241.202.37","user":"--","app":"core","method":"GET","url":"/","message":"Renewing session token failed: Token does not exist: token does not exist","userAgent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36","version":"28.0.1.1","exception":{"Exception":"OC\Authentication\Exceptions\InvalidTokenException","Message":"Token does not exist: token does not exist","Code":0,"Trace":[{"file":"/var/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","line":225,"function":"getToken","class":"OC\Authentication\Token\PublicKeyTokenProvider","type":"->","args":["*** sensitive parameters replaced "]},{"file":"/var/www/nextcloud/lib/public/AppFramework/Db/TTransactional.php","line":63,"function":"OC\Authentication\Token\{closure}","class":"OC\Authentication\Token\PublicKeyTokenProvider","type":"->","args":[" sensitive parameters replaced "]},{"file":"/var/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","line":224,"function":"atomic","class":"OC\Authentication\Token\PublicKeyTokenProvider","type":"->"},{"file":"/var/www/nextcloud/lib/private/Authentication/Token/Manager.php","line":170,"function":"renewSessionToken","class":"OC\Authentication\Token\PublicKeyTokenProvider","type":"->"},{"file":"/var/www/nextcloud/lib/private/User/Session.php","line":906,"function":"renewSessionToken","class":"OC\Authentication\Token\Manager","type":"->"},{"file":"/var/www/nextcloud/lib/base.php","line":1151,"function":"loginWithCookie","class":"OC\User\Session","type":"->","args":[" sensitive parameters replaced "]},{"file":"/var/www/nextcloud/lib/base.php","line":1058,"function":"handleLogin","class":"OC","type":"::"},{"file":"/var/www/nextcloud/index.php","line":39,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","Line":177,"Previous":{"Exception":"OCP\AppFramework\Db\DoesNotExistException","Message":"token does not exist","Code":0,"Trace":[{"file":"/var/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","line":168,"function":"getToken","class":"OC\Authentication\Token\PublicKeyTokenMapper","type":"->","args":[" sensitive parameters replaced "]},{"file":"/var/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","line":225,"function":"getToken","class":"OC\Authentication\Token\PublicKeyTokenProvider","type":"->","args":[" sensitive parameters replaced "]},{"file":"/var/www/nextcloud/lib/public/AppFramework/Db/TTransactional.php","line":63,"function":"OC\Authentication\Token\{closure}","class":"OC\Authentication\Token\PublicKeyTokenProvider","type":"->","args":[" sensitive parameters replaced "]},{"file":"/var/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenProvider.php","line":224,"function":"atomic","class":"OC\Authentication\Token\PublicKeyTokenProvider","type":"->"},{"file":"/var/www/nextcloud/lib/private/Authentication/Token/Manager.php","line":170,"function":"renewSessionToken","class":"OC\Authentication\Token\PublicKeyTokenProvider","type":"->"},{"file":"/var/www/nextcloud/lib/private/User/Session.php","line":906,"function":"renewSessionToken","class":"OC\Authentication\Token\Manager","type":"->"},{"file":"/var/www/nextcloud/lib/base.php","line":1151,"function":"loginWithCookie","class":"OC\User\Session","type":"->","args":[" sensitive parameters replaced ***"]},{"file":"/var/www/nextcloud/lib/base.php","line":1058,"function":"handleLogin","class":"OC","type":"::"},{"file":"/var/www/nextcloud/index.php","line":39,"function":"handleRequest","class":"OC","type":"::"}],"File":"/var/www/nextcloud/lib/private/Authentication/Token/PublicKeyTokenMapper.php","Line":98},"message":"Renewing session token failed: Token does not exist: token does not exist","user":"axheli","exception":[],"CustomMessage":"Renewing session token failed: Token does not exist: token does not exist"},"id":"65858318ad4d8"}

[ChristophWurst]

Renewing session token failed: Token does not exist: token does not exist

This ticket was about Token is too short for a generated token, which has been addressed.

[AndyXheli]

Sorry I'm not understanding this is a different error? Or should I just ignore it ?

[ChristophWurst]

It's different and probably worth a ticket. That condition can happen when two requests race for the same token. The request with the error lost the race.

[AndyXheli]

Ahh okay! Thank you very much sir.

[brianjmurrell]

@AndyXheli Can you please post the ticket number for the ticket you filed here so that people that come across this ticket see that there is a new ticket and don't keep piling on this one for the wrong issue? Thanks in advance.

[AndyXheli]

You got it!! Give me a little I'll create a new issue and link it 😃

[brianjmurrell]

@AndyXheli Did you ever create that new issue? If so, could you post the link here please?

[t0rb3n]

Maybe useful for someone else.
In my case this log entry was triggered by my hassio instance via the Nextcloud integration. Deleting and re-adding it with an app password seems to not trigger the log entry anymore.

[AndyXheli]

@brianjmurrell sorry for the late response heres the ticket on that #43214