Cannot login after switch to OIDC
-
Does the OpenID login show up, if you install a second app instance fresh? If not, then maybe there is some routing issue on your Cloudron, since with OpenID the app needs to be able to connect via the dashboard domain, which in some situations caused issues on some setups. Also for this, might be worth checking if other apps using OpenID work for you.
-
@nebulon I just setup a clean install, and I get a different first login screen:
When I fill in Cloudron credentials and click login, I get the login error. When I do the same, but click the Log in with Cloudron button, I am presented with a second login screen:
This login works.
-
So the built-in login form (the one which does not work) is authenticating against the app's internal users. So it is by design that it won't work with the Cloudron credentials. One of the benefits with OpenID, and partly why we are moving apps to that, is that the app code itself now can't see the users password, which is
notgreat.So then for your initial issue, why the OpenID button is not shown, it appears to be an issue local to that app instance, so something is off with the configuration or indeed some of the mentioned plugins are causing that.
-
N nebulon marked this topic as a question on
-
@nebulon Something is definitely off/changed. In the old version of the app, the files config.php, env.sh and php.ini are quite large. In the new version, they are basically empty.
ie., some lines from the old env.sh (excerpt only):
#!/bin/bash # https://git.tt-rss.org/fox/tt-rss/src/branch/master/classes/config.php and https://tt-rss.org/wiki/GlobalConfig export TTRSS_DB_TYPE=mysql export TTRSS_DB_HOST=$CLOUDRON_MYSQL_HOST export TTRSS_DB_USER=$CLOUDRON_MYSQL_USERNAME export TTRSS_DB_NAME=$CLOUDRON_MYSQL_DATABASE export TTRSS_DB_PASS=$CLOUDRON_MYSQL_PASSWORD export TTRSS_DB_PORT=$CLOUDRON_MYSQL_PORT export TTRSS_MYSQL_CHARSET=UTF8 export TTRSS_SELF_URL_PATH=$CLOUDRON_APP_ORIGIN export TTRSS_SINGLE_USER_MODE= export TTRSS_SIMPLE_UPDATE_MODE= export TTRSS_ICONS_DIR=/app/data/feed-iconswhereas the new env.sh file looks like this (this is the entire file):
# Add custom env vars here. See https://tt-rss.org/wiki/GlobalConfig # add custom system plugins to this variable (comma separated) export TTRSS_PLUGINS="$CLOUDRON_BUILTIN_PLUGINS, note, api_newsplus" export TTRSS_SESSION_COOKIE_LIFETIME=604800In the new instance, I have added the fever and api_newsplus plugins and everything still works. I have also exported the old OPML and settings and imported them in the new instance. Everything is present, all feeds are updating and all filters work.
So for me, I think the best solution is to just retire the old instance and migrate the new.
Would it be acceptable to post a follow-up question and ask how I could setup OIDC on TTRSS? I could make a new topic if that is better.
-
@odie said in Cannot login after switch to OIDC:
@nebulonIn the new instance, I have added the fever and api_newsplus plugins and everything still works. I have also exported the old OPML and settings and imported them in the new instance. Everything is present, all feeds are updating and all filters work.
So for me, I think the best solution is to just retire the old instance and migrate the new.
Spoke too soon. In the new instance, everything seems to work. But login via the fever plugin no longer works. This is a must for me, since I use the Reeder app for iOS and MacOS.
-
@odie said in Cannot login after switch to OIDC:
Would it be acceptable to post a follow-up question and ask how I could setup OIDC on TTRSS?
You don't need to do anything manually. It's all set up automatically. When you install the app is pre-setup with OIDC.
-
@odie said in Cannot login after switch to OIDC:
But login via the fever plugin no longer works
Which plugin are you using ? It seems the one listed in our docs is outdated and https://github.com/DigitalDJ/tinytinyrss-fever-plugin#installation is the latest one. I see a fever emulation panel installing that but I don't know how to test this on android.... Seems all the apps are obsolete.
-
@girish said in Cannot login after switch to OIDC:
@odie said in Cannot login after switch to OIDC:
Would it be acceptable to post a follow-up question and ask how I could setup OIDC on TTRSS?
You don't need to do anything manually. It's all set up automatically. When you install the app is pre-setup with OIDC.
Strange. Single sign-on doesn't seem to work, I have to login like before. It was my understanding that OIDC would provide SSO.
-
@girish said in Cannot login after switch to OIDC:
@odie said in Cannot login after switch to OIDC:
But login via the fever plugin no longer works
Which plugin are you using ? It seems the one listed in our docs is outdated and https://github.com/DigitalDJ/tinytinyrss-fever-plugin#installation is the latest one. I see a fever emulation panel installing that but I don't know how to test this on android.... Seems all the apps are obsolete.
This is the one I am using. The latest version, pulled a few hours ago (v cc297d8, updated two days ago). I've tried it using Reeder on Mac and iPhone.
edit: just tried the Android app Focusreader (it also has fever). This gives http error 500.
This is the Cloudron log:
Oct 29 18:41:2185.252.85.54 - - [29/Oct/2023:17:41:21 +0000] "POST /plugins.local/fever/?api& HTTP/1.1" 500 - "-" "okhttp/4.9.2" Oct 29 18:41:21[Sun Oct 29 17:41:21.697344 2023] [php:error] [pid 61] [client 172.18.0.1:40230] PHP Fatal error: Uncaught Error: Failed opening required 'classes/Db.php' (include_path='/app/data/plugins.local/fever:/app/code:/app/code/include:.:/usr/share/php') in /app/data/plugins.local/fever/index.php:36\nStack trace:\n#0 {main}\n thrown in /app/data/plugins.local/fever/index.php on line 36 -
@odie said in Cannot login after switch to OIDC:
@girish said in Cannot login after switch to OIDC:
@odie said in Cannot login after switch to OIDC:
But login via the fever plugin no longer works
Which plugin are you using ? It seems the one listed in our docs is outdated and https://github.com/DigitalDJ/tinytinyrss-fever-plugin#installation is the latest one. I see a fever emulation panel installing that but I don't know how to test this on android.... Seems all the apps are obsolete.
This is the one I am using. The latest version, pulled a few hours ago (v cc297d8, updated two days ago). I've tried it using Reeder on Mac and iPhone.
edit: just tried the Android app Focusreader (it also has fever). This gives http error 500.
This is the Cloudron log:
Oct 29 18:41:2185.252.85.54 - - [29/Oct/2023:17:41:21 +0000] "POST /plugins.local/fever/?api& HTTP/1.1" 500 - "-" "okhttp/4.9.2" Oct 29 18:41:21[Sun Oct 29 17:41:21.697344 2023] [php:error] [pid 61] [client 172.18.0.1:40230] PHP Fatal error: Uncaught Error: Failed opening required 'classes/Db.php' (include_path='/app/data/plugins.local/fever:/app/code:/app/code/include:.:/usr/share/php') in /app/data/plugins.local/fever/index.php:36\nStack trace:\n#0 {main}\n thrown in /app/data/plugins.local/fever/index.php on line 36@odie said in Cannot login after switch to OIDC:
@girish said in Cannot login after switch to OIDC:
@odie said in Cannot login after switch to OIDC:
But login via the fever plugin no longer works
Which plugin are you using ? It seems the one listed in our docs is outdated and https://github.com/DigitalDJ/tinytinyrss-fever-plugin#installation is the latest one. I see a fever emulation panel installing that but I don't know how to test this on android.... Seems all the apps are obsolete.
This is the one I am using. The latest version, pulled a few hours ago (v cc297d8, updated two days ago). I've tried it using Reeder on Mac and iPhone.
edit: just tried the Android app Focusreader (it also has fever). This gives http error 500.
This is the Cloudron log:
Oct 29 18:41:2185.252.85.54 - - [29/Oct/2023:17:41:21 +0000] "POST /plugins.local/fever/?api& HTTP/1.1" 500 - "-" "okhttp/4.9.2" Oct 29 18:41:21[Sun Oct 29 17:41:21.697344 2023] [php:error] [pid 61] [client 172.18.0.1:40230] PHP Fatal error: Uncaught Error: Failed opening required 'classes/Db.php' (include_path='/app/data/plugins.local/fever:/app/code:/app/code/include:.:/usr/share/php') in /app/data/plugins.local/fever/index.php:36\nStack trace:\n#0 {main}\n thrown in /app/data/plugins.local/fever/index.php on line 36Quoting myself with a fix here, that works on both Reeder (MacOS and iOS) and Focusreader (Android).
On lines 36 and 37 in the Fever plugin file index.php, two classes are capitalized wrong:
Changed:
require_once "classes/Db.php"; require_once "classes/API.php";into:
require_once "classes/db.php"; require_once "classes/api.php";This fixes the Fever plugin...
-
@odie Ha, I arrived at the same fixes! I was investigating yesterday why the casing is all wrong. Initially, I thought maybe this was a Windows developer who didn't notice change in filenames. But then I found, https://gitlab.tt-rss.org/tt-rss/tt-rss/-/commit/865ecc87963dc3b26e66296616eef2a1cc41ac3f from 4 days ago. Upstream changed all the filenames . I will make an update now to ttrss latest and then we don't need changes to the plugin.
-
For future reference (since I couldn't find an android app to work with), one can test fever with curl like so:
$ curl https://ttrss.domain.com/plugins.local/fever/ {"api_version":3,"auth":0,"error":"NOT_LOGGED_IN"}Then,
$ api_key=`echo -n "username:password" | md5sum | cut -d' ' -f1` $ curl -F "api_key=$api_key" https://ttrss.domain.com/plugins.local/fever/ {"api_version":3,"auth":1,"last_refreshed_on_time":"0"} -
@girish said in Cannot login after switch to OIDC:
OK, with the latest package, I can use fever (with my curl commands) without any changes.
It works with Curl, and also with Reeder (iOS, MacOS) and with the Android app Focusreader. This app supports ttrss api, the reader api and FreshRSS, and also multiple accounts if you subscribe to pro.
Thanks again for looking into this.
-
@odie
FocusReader contains 9 trackers and 20 permissions, including the invasive GET_ACCOUNTS and READ_PHONE_STATE
https://reports.exodus-privacy.eu.org/en/reports/383074/ -
G girish has marked this topic as solved on
-
@RoundHouse1924 said in Cannot login after switch to OIDC:
@odie
FocusReader contains 9 trackers and 20 permissions, including the invasive GET_ACCOUNTS and READ_PHONE_STATE
https://reports.exodus-privacy.eu.org/en/reports/383074/Thank you. Uninstalled! Back to looking for a Reeder-like app for Android
-
@odie said in Cannot login after switch to OIDC:
Back to looking for a Reeder-like app for Android
There are loads!
Here are the open source ones listed in my (Murena) app store!
-
@jdaviescoates Thanks. Unfortunately, none of these even come close to Reeder on iOS with functionality that I need. Primarily; Multi account setup with different services that I use (I use several services for different "roles" in my life). Reeder is perfect, in that it supports self hosted services like TTRSS (via the Fever API, would love to see the TTRSS API introduced), FreshRSS and Minflux, plus hosted services I use (like Feedly).
On my Mac and iOS devices, I have 4 accounts with these services, using Reeder. On Android, I had finally found an app supporting this (via the Focusreader app, which I happily paid for, but only just uninstalled because of the privacy issues pointed out by @RoundHouse1924 above. On Windows and Linux, I have found no similar apps that can compare to Reeder either.
For me, I just cannot understand how I can be the only person looking for this. For me, the Reeder app is perhaps the single most important item keeping me stuck in Apple's universe. How I'd love to get some alternatives!
-
G girish referenced this topic on
-
J jadudm referenced this topic on
-
G girish forked this topic on
-
G girish locked this topic on
