search

9p4 / jellyfin-plugin-sso

This plugin allows users to sign in through an SSO provider (such as Google, Microsoft, or your own provider). This enables one-click signin.
GNU General Public License v3.0
590 stars 27 forks source link

Cannot login with LDAP with SSO enabled #195

Closed GeneBO98 closed 3 months ago

GeneBO98 commented 3 months ago

Describe the bug Cannot login with LDAP with SSO enabled. Password incorrect.

To Reproduce Steps to reproduce the behavior:

  1. Go to 'Sign in page'
  2. Enter normal LDAP username and password
  3. Sign in
  4. See error "Invalid username or password"

Expected behavior I should be authenticated through LDAP provider

Screenshots 2024-06-16 09_48_19-

Configuration

<?xml version="1.0" encoding="utf-8"?>
<PluginConfiguration xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <SamlConfigs />
  <OidConfigs>
    <item>
      <key>
        <string>Authentik</string>
      </key>
      <value>
        <PluginConfiguration>
          <OidEndpoint>https://auth.domain.com/application/o/jellyfin/</OidEndpoint>
          <OidClientId>id</OidClientId>
          <OidSecret>secret</OidSecret>
          <Enabled>true</Enabled>
          <EnableAuthorization>true</EnableAuthorization>
          <EnableAllFolders>true</EnableAllFolders>
          <EnabledFolders>
            <string>c0c1444b416777d3fa55d5f13da1ce58</string>
            <string>9d7ad6afe9afa2dab1a2f6e00ad28fa6</string>
            <string>f137a2dd21bbc1b99aa5c0f6bf02a805</string>
            <string>7e64e319657a9516ec78490da03edccb</string>
            <string>a656b907eb3a73532e40e44b968d0225</string>
          </EnabledFolders>
          <AdminRoles>
            <string>sysadmin</string>
          </AdminRoles>
          <Roles>
            <string>Media</string>
          </Roles>
          <EnableFolderRoles>false</EnableFolderRoles>
          <EnableLiveTvRoles>false</EnableLiveTvRoles>
          <EnableLiveTv>true</EnableLiveTv>
          <EnableLiveTvManagement>false</EnableLiveTvManagement>
          <LiveTvRoles />
          <LiveTvManagementRoles />
          <FolderRoleMappings />
          <RoleClaim>groups</RoleClaim>
          <OidScopes />
          <DefaultProvider>Jellyfin.Plugin.LDAP_Auth.LdapAuthenticationProviderPlugin</DefaultProvider>
          <NewPath>true</NewPath>
          <CanonicalLinks>
            <item>
              <key>
                <string>boverton</string>
              </key>
              <value>
                <guid>fef0f083-b885-4284-8221-c02d1b5e3d7a</guid>
              </value>
            </item>
          </CanonicalLinks>
          <DisableHttps>false</DisableHttps>
          <DoNotValidateEndpoints>false</DoNotValidateEndpoints>
          <DoNotValidateIssuerName>false</DoNotValidateIssuerName>
        </PluginConfiguration>
      </value>
    </item>
  </OidConfigs>
</PluginConfiguration>

Versions (please complete the following information):

GeneBO98 commented 3 months ago

I apologize. This was a Jellyfin issue. Update 10.9 didn't work with LDAP Auth plugin before version v19. Updating the plugin resolved this.