"The document could not be saved" warning after opening file

[djermann]

Do you want to request a feature or report a bug?
Bug
What is the current behavior?
I'm using this docker image along with Nextcloud. I secured the connection using Let's encrypt certificates and I am using the JWT_SECRET to prevent unwanted access. I also added

'onlyoffice' =>
array (
'verify_peer_off' => TRUE,
)

to the config.php file of Nextcloud, as suggested in this issue.
But still, when I open a file in the Nextcloud interface I sometimes get this warning:

After clicking OK I get redirected to the "Download as..." page. After that I return to the document and everything works fine. But sometimes this warning re-appears after changing something in the file.

If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem.

1. Open a file in Nextcloud.
2. The ONLYOFFICE Document Editor opens and shows the warning above.

What is the expected behavior?
The file should open without any warnings and just editing the file should not trigger any warnings.
DocumentServer version:
5.1.4 CE
Nextcloud version
13.0.4
Operating System:
Debian 9.4
Browser version:
Chromium Version 67.0.3396.87
Firefox 52.9.0
Logs
/var/log/onlyoffice/documentserver/docservice/out.log inside the docker container:

[2018-07-04 07:16:49.224] [ERROR] nodeJS - postData error: docId = 137_1530624803;url = https://<REMOVED>/apps/onlyoffice/track?doc=UnNlQmRaQ0VfS3NFOVM3RXVxZWU4NG1vZGIrbUljQUtPQ3RYS1lYWklsUT0/eyJmaWxlSWQiOjEzNywib5duZXJJZCI6Im5jYWRtafbpc3RyYXRvciIsInvRva2VuIjpudWxsgCJhY3Rpb24iOiJ0cmFjayJ9;data = {"key":"137_1530624803","status":1,"users":["<REMOVED>"],"actions":[{"type":1,"userid":"<REMOVED>"}]}
Error: Error response: statusCode:403 ;body:
{"message":"Access denied"}
    at Request._callback (/var/www/onlyoffice/documentserver/server/Common/sources/utils.js:283:18)
    at Request.self.callback (/var/www/onlyoffice/documentserver/server/Common/node_modules/request/request.js:185:22)
    at emitTwo (events.js:106:13)
    at Request.emit (events.js:191:7)
    at Request.<anonymous> (/var/www/onlyoffice/documentserver/server/Common/node_modules/request/request.js:1157:10)
    at emitOne (events.js:96:13)
    at Request.emit (events.js:188:7)
    at IncomingMessage.<anonymous> (/var/www/onlyoffice/documentserver/server/Common/node_modules/request/request.js:1079:12)
    at IncomingMessage.g (events.js:292:16)
    at emitNone (events.js:91:20)
    at IncomingMessage.emit (events.js:185:7)

Nginx acces log:
<REMOVED> - - [04/Jul/2018:09:16:48 +0200] "POST /apps/onlyoffice/track?doc=UnNlQmRaQ0VqS3NFOVM3RXVxZWU4NG1vZGIrbUljQUtPQ3RYS1lYWklsUT0/eyJmaWxlSWQiOjEzNywib5duZXJJZCI6Im5jYWRtadW5pfbc3RyYXRvciIsInvRva2VuIjpudWxsLCJhY3Rpb24iOiJ0cmFjayJ9 HTTP/1.1" 403 27 "-" "-"

[alexanderonlyoffice]

Hello @djermann, please open /etc/onlyoffice/documentserver/default.json and find the following section:

 "inbox": {
          "header": "*****",
          "prefix": "Bearer ",
          "inBody": false
        },
        "outbox": {
          "header": "*****",
          "prefix": "Bearer ",
          "algorithm": "HS256",
          "expires": "5m",
          "inBody": false

Where under ***** is your JWT header, copy it to the notepad. Then open config.php of Nextcloud and add the following strings to ONLYOFFICE section:

'onlyoffice' =>
  array (
    "jwt_secret" => "*****",
    "jwt_header" => "*****"
	)

Where under ***** in the string "jwt_secret" => is your JWT secret and in the string "jwt_header" => is your JWT header.

[djermann]

Thank you @alexanderonlyoffice for your answer. It seems to have solved the problem for me.
Could you explain why I have to add these parameters to the config.php file and if this is documented somewhere?

[djermann]

Unfortunately, later that day I received this warnings again. I then had a look at Nextcloud's log, which showed this message:
PHP message: [owncloud][onlyoffice][1] Track with invalid jwt: Cannot handle token prior to 2018-07-04T17:46:23+0000" while reading response header from upstream, client: <REMOVED>, server: <REMOVED>, request: "POST /apps/onlyoffice/track?doc=TVxakJTZ05RbTZidnkNXZ3NXZnTEdVL1xbFpWaE9kaThjUgWF5RTdrbz0/eyJmaWxlSWQiOjIyNSwibw3duZXJJZCI6Im5jYWRtaW5pc3RyYXRvciIsInfRva2VuIjpudWxsLCJhY3Rpb24iOiJ0cmeFjayJ9 HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "<REMOVED>"
I found out that the time of the server that hosted the ONLYOFFICE container was slightly ahead of the Nextcloud server's time so Nextcloud rejected the requests as they seemed to be from the future.
After installing ntp on both servers, the warnings disappeared.