Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Navigation

    Cloudron Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular

    SOLVED Is there a way to make LDAP mandatory on the Cloudron App Store?

    App Packaging & Development
    3
    5
    42
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Lonkle
      Lonkle last edited by Lonkle

      You see, I finally finished both the front (login) and back end (Change Connected Server) of my VPN Client. Turns out, baking in LDAP login support wasn't just easier than building my own. It was necessary. Because the container has to do a soft-restart to switch VPN connections, it takes no more than a few seconds. But it needs a real access token. I get that via the LDAP integration (using /api/v1/login with the already POSTed data to grab one). So, in my VPN Client's case it's a requirement to get the access token for the app to even function. So, is there a way to require it on your store?

      Ignore the rant:
      And those tokens last a year; should they last a year? Not that a year's a bad amount of time, but I imagine there are use cases that don't need one lasting so long (for my use case it's perfect tho).

      By the way, do these special type of api tokens (collected from the /api/v1/login endpoint ever get revoked before their year expiration date? Since these are "logged in" tokens? Do they not work when the user is logged out - or do they act just like regular tokens for my purposes? I am just wondering about how a Cloudron admin revokes them since that would affect my app?

      Edit: Nevermind, I just found in my profile that I have 19 login tokens I can choose to revoke all at once. 😂 So I understand the login tokens now, that works for me. I would just need to test if a token is revoked on attempted soft-restart and have the user forcefully logged out to log back in if so.

      mehdi 1 Reply Last reply Reply Quote 0
      • mehdi
        mehdi App Dev @Lonkle last edited by mehdi

        @Lonk I'm not sure I understand the question.

        As long as your app has the LDAP addon, you're good. You just have to not include the optionalSSO entry in manifest https://docs.cloudron.io/custom-apps/manifest/#optionalsso

        Lonkle 1 Reply Last reply Reply Quote 0
        • nebulon
          nebulon Staff last edited by

          @mehdi pointed to the correct option and is spot on. So just use ldap addon and not set optionalSso in the manifest.

          Lonkle 1 Reply Last reply Reply Quote 0
          • Lonkle
            Lonkle @nebulon last edited by Lonkle

            @nebulon said in Is there a way to make LDAP mandatory on the Cloudron App Store?:

            @mehdi pointed to the correct option and is spot on. So just use ldap addon and not set optionalSso in the manifest.

            So that will force LDAP; perfect! I was hoping there was already a way to make it mandatory, and the best part is, it already is since I didn't even know about the optionalSso variable.

            Thanks guys!

            1 Reply Last reply Reply Quote 0
            • Lonkle
              Lonkle @mehdi last edited by

              @mehdi said in Is there a way to make LDAP mandatory on the Cloudron App Store?:

              @Lonk I'm not sure I understand the question.

              As long as your app has the LDAP addon, you're good. You just have to not include the optionalSSO entry in manifest https://docs.cloudron.io/custom-apps/manifest/#optionalsso

              You answered correctly! Thanks.

              1 Reply Last reply Reply Quote 1
              • First post
                Last post