OIDC for Nextcloud?
-
I feel like this might've been discussed somewhere already, but I couldn't find anything...
Are we going to get OIDC for Nextcloud?
Or is it deemed too risky as it's not properly baked into Nextcloud itself?
This seems pretty well maintained
https://github.com/pulsejet/nextcloud-oidc-login/releasesBut it would be better if it were part of Nextcloud itself like it seems the LDAP app is (looking in my app on my Nextcloud I can see it's called
LDAP user and group backendbut there is no app called that in their app store and the report a bug link just to https://github.com/nextcloud/server/issues )Edit: ah, but there is also this from Nextcloud themselves: https://github.com/nextcloud/user_oidc but I can't work out if that's what we'd actually need or not?
-
This was implemented a while ago - https://git.cloudron.io/packages/nextcloud-app/-/tree/oidc . We have to bite the bullet and push the migration . Nextcloud updates like this always worry me, it's so much work (mostly support)
100% sure something breaks -
I tried looking up which oidc plugin for Nextcloud I last gave a try, but I was unable to find which one it was.
In the end I needed to disable the plugin as Nextcloud kept constantly logging me out of all my sessions. So before you roll the update out I would recommend to make a long term test with all the apps that are part of the Nextcloud eco system (Desktop apps, apps on mobile for Nextcloud itself, but also Talk, etc).
-
This was implemented a while ago - https://git.cloudron.io/packages/nextcloud-app/-/tree/oidc . We have to bite the bullet and push the migration . Nextcloud updates like this always worry me, it's so much work (mostly support)
100% sure something breaks -
@fbartels I think we use https://github.com/nextcloud/user_oidc . You are right about the testing, this is why it's not merged yet . There's too many things to test ...
@andreasdueren the work has been done but it's not integrated yet.
-
@fbartels I think we use https://github.com/nextcloud/user_oidc . You are right about the testing, this is why it's not merged yet . There's too many things to test ...
@andreasdueren the work has been done but it's not integrated yet.
@girish said in OIDC for Nextcloud?:
@fbartels I think we use https://github.com/nextcloud/user_oidc . You are right about the testing, this is why it's not merged yet . There's too many things to test ...
@andreasdueren the work has been done but it's not integrated yet.
Perhaps create a new unstable experimental Nexcloud-OIDC package that has OIDC baked in and let us all do the testing?
-
@girish said in OIDC for Nextcloud?:
@fbartels I think we use https://github.com/nextcloud/user_oidc . You are right about the testing, this is why it's not merged yet . There's too many things to test ...
@andreasdueren the work has been done but it's not integrated yet.
Perhaps create a new unstable experimental Nexcloud-OIDC package that has OIDC baked in and let us all do the testing?
@jdaviescoates yes, absolutely, that is the plan . To enable both OIDC and LDAP in the same package and allow willing users to test OIDC by setting some flag somewhere.
-
@jdaviescoates yes, absolutely, that is the plan . To enable both OIDC and LDAP in the same package and allow willing users to test OIDC by setting some flag somewhere.
-
@jdaviescoates yes, absolutely, that is the plan . To enable both OIDC and LDAP in the same package and allow willing users to test OIDC by setting some flag somewhere.
-
@girish is there maybe a way to enable OIDC in the package but leave it disabled for people to enable it manually?
@andreasdueren the work is there in this branch - https://git.cloudron.io/packages/nextcloud-app/-/tree/oidc but we haven't tested it. It will take some time to test and publish it. Will try to get it out next week.
-
@andreasdueren the work is there in this branch - https://git.cloudron.io/packages/nextcloud-app/-/tree/oidc but we haven't tested it. It will take some time to test and publish it. Will try to get it out next week.
-
@andreasdueren unfortunately, the oidc plugin broke - https://github.com/nextcloud/user_oidc/issues/1024
-
@andreasdueren this is pushed as unstable now.
It will be in unstable for a while since I am on/off because am traveling for FOSDEM.
-
@andreasdueren it's picked up for me by default.
-
Currently getting this. It's a pretty fresh installation so not sure what's going on yet.
-
Currently getting this. It's a pretty fresh installation so not sure what's going on yet.
@andreasdueren if we take that error at face value, it's unable to connect to my.domain.com . Can you check from web terminal of nextcloud, if you are able to
curl https://my.domain.com/.well-known/openid-configuration?Also, do other oidc apps work?
-
@andreasdueren if we take that error at face value, it's unable to connect to my.domain.com . Can you check from web terminal of nextcloud, if you are able to
curl https://my.domain.com/.well-known/openid-configuration?Also, do other oidc apps work?
Hello! It looks like you're interested in this conversation, but you don't have an account yet.
Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.
With your input, this post could be even better 💗
Register Login