Explore OAuth?
-
LDAP has never worked, so let's remove it completely?
And perhaps explore getting OIDC to work with OAuth?
Context:
I was reading the latest https://selfh.st/ newsletter (which is excellent, recommended) and came across the Calibre Web Companion app.The only way I could get it to work was to edit the
Basic Configuration
settings at/admin/config
and in theFeature Configuration
change theseLogin type
setting fromUse LDAP Authentication
toUse Standard Authentication
and then it worked great! (but I presume it'll break again as soon as the app restarts and goes back to LDAP)But whilst changing that setting I spotted there is also a
Use OAuth
option - and I couldn't help wonder if unlike LDAP that might actually work with Cloudron? -
LDAP has never worked, so let's remove it completely?
And perhaps explore getting OIDC to work with OAuth?
Context:
I was reading the latest https://selfh.st/ newsletter (which is excellent, recommended) and came across the Calibre Web Companion app.The only way I could get it to work was to edit the
Basic Configuration
settings at/admin/config
and in theFeature Configuration
change theseLogin type
setting fromUse LDAP Authentication
toUse Standard Authentication
and then it worked great! (but I presume it'll break again as soon as the app restarts and goes back to LDAP)But whilst changing that setting I spotted there is also a
Use OAuth
option - and I couldn't help wonder if unlike LDAP that might actually work with Cloudron?@jdaviescoates said in Remove LDAP (and explore OAuth?):
LDAP has never worked, so let's remove it completely?
Oh it's already been removed!
@nebulon said in LDAP error when first logging in as admin (and LDAP doesn't seem to work):
We have removed LDAP, so will close this thread for now.
And hence
@jdaviescoates said in Remove LDAP (and explore OAuth?):
(but I presume it'll break again as soon as the app restarts and goes back to LDAP)
That wasn't true. I restarted the app and my setting there stayed the same. Happy days!
Still might be worth exploring the OAuth authentication? Could that be made to work with Cloudron OIDC?
-
We gave up on LDAP integration because of https://github.com/janeczku/calibre-web/issues/2652
As for OIDC, I think upstream author doesn't want it. See https://github.com/janeczku/calibre-web/issues/2965 and https://github.com/janeczku/calibre-web/pull/2211
-
We gave up on LDAP integration because of https://github.com/janeczku/calibre-web/issues/2652
As for OIDC, I think upstream author doesn't want it. See https://github.com/janeczku/calibre-web/issues/2965 and https://github.com/janeczku/calibre-web/pull/2211
@girish said in Explore OAuth?:
As for OIDC, I think upstream author doesn't want it. See https://github.com/janeczku/calibre-web/issues/2965 and https://github.com/janeczku/calibre-web/pull/2211
Although at this point the developer seemed potentially open to it https://github.com/janeczku/calibre-web/pull/2211#issuecomment-1133842946
-
Sorry if my question is already answered but are we talking about this OIDC setting ? I would need to automatically login Cloudron's registered users like I do with NextCloud and Moodle. Is it possible with Calibre and if yes how to proceed ? Thanks for your support !
-
@osobo where is that screenshot from? Calibre web? Reading upstream github, I cannot find any reference that it is implemented .
-
@joseph Yes, it's an option within Calibre-Web setting page. There is the choice between standard authentification, LDAP and OIDC.
@osobo said in Explore OAuth?:
There is the choice between standard authentification, LDAP and OIDC.
As your screenshot shows, it doesn't have any mention of OIDC it says OAuth.
There are no OIDC settings in Calibre Web.
It's confusing because OIDC is built on top of OAuth 2.0, but OAuth ≠ OIDC.
OAuth is about granting access to resources, whereas OIDC adds a standard way to verify and retrieve the user's identity using ID tokens. So while Calibre Web supports OAuth for things like logging in via Google, that doesn't mean it supports OpenID Connect or Cloudron’s SSO, which requires OIDC support.
@joseph this is in
/admin/config
under Feature Configuration. -
@osobo said in Explore OAuth?:
There is the choice between standard authentification, LDAP and OIDC.
As your screenshot shows, it doesn't have any mention of OIDC it says OAuth.
There are no OIDC settings in Calibre Web.
It's confusing because OIDC is built on top of OAuth 2.0, but OAuth ≠ OIDC.
OAuth is about granting access to resources, whereas OIDC adds a standard way to verify and retrieve the user's identity using ID tokens. So while Calibre Web supports OAuth for things like logging in via Google, that doesn't mean it supports OpenID Connect or Cloudron’s SSO, which requires OIDC support.
@joseph this is in
/admin/config
under Feature Configuration.@jdaviescoates thank you for the clarification. Indeed they’re not the same thing.