Open Doug411 opened 1 month ago
Did you add the mobile-redirect
mentioned at the end of the docs?
No I missed that. I just made that change to add the mobile redirect, but kept getting a 400 error.
Then I uninstalled the app and reinstalled it. When I reinstall it, it launches straight away into my audiobookshelf server with my account. It didnt even direct me to authentik to get my login info.
However when I delete my audiobookshelf cache and app data, and try to set it up manually by entering my external audibookshelf url and clicking SSO login, I get a 400 error. Then I uninstall the app, reinstall and it launches right back into my server.
How does it know my server URL and ID from a fresh install. Is my database connection cached somewhere and somehow not fully deleted when i clear data/cache and uninstall the app, and therefore its not really doing a fresh install... Will new users will get the 400 error? Or is it just vudu magic and I can accept that it will work for new users (hopefully it routes them to authentik and they can login successfully)
FYI it was late last night... but I do think it was doing this before I added the mobile redirect... I seem to recall that I deleted the app and when I reinstalled it launched right into my server. I assumed it was still broken because I couldn't manually delete the server and readd it manually.
Make sure to restart the server after making changes to the OIDC settings. Updating that after it is initialized is a work in progress.
After a successful login the users api token is used for authentication for all future auth attempts. The api token is cached but uninstalling and clearing data will remove it.
Is this still an issue?
@advplyr for me yes, with the latest docker version and the latest android app i get the same behaviour as described by @Doug411
What happened?
I'm unable to use oath in the mobile app. When I set my redirects in Authentik as you listed (on separate lines).... I get a redirect uri error. I'm using Nginx Proxy Manager. Not sure how to fix it. If I set my redirect URI to it works, but I don't really want to do that. It has always worked in browser, just not in mobile app unless I set the redirect to .
Reference...(tried setting redirect in authentik as stated in thread below. Not sure how to check x-forwarded-proto, but i've never had that issue on other OIDC apps.
for Authentik:
To add to this, in Authentik or other SSO software the redirect uri has to be set to:
https://youraudiobookdomain/auth/openid/callback audiobookshelf://oauth Don't use wildcards like .*, they are not required. (In Authentik its seperated by new line, in Keycloak by comma afaik).
Also make sure your reverse proxy creates a X-Forwarded-Proto header correctly, otherwise you might receive a redirect_uri mismatch, because the redirect_uri is set to http even when the request was made using https.
What did you expect to happen?
Successful login in mobile app
Steps to reproduce the issue
Audiobookshelf version
v2.10.1
How are you running audiobookshelf?
Docker
What OS is your Audiobookshelf server hosted from?
Linux
If the issue is being seen in the UI, what browsers are you seeing the problem on?
None
Logs
Additional Notes
No response