Open jacotec opened 1 year ago
Hmm this is extremely tough to debug. What's happening is that there is some sort of failure happening during the process, but that error gets overwritten because of either a bug in the omniauth
gem or an issue with Nextcloud not sending a required parameter.
The result is basically the internal error overwriting the real error causing all of this to occur
I'm going to do some more research to see if I can find out what's triggering this issue
I guess when you try to authenticate against the Nextcloud OIDC you should face the same stuff.
Let me know if I can help with something, logs etc.
I don't have access to a NextCloud OIDC so it's tough for me to debug on my end - any chance you configure a test client for me and email me the credentials?
@farhatahmad Yeah, I think I can give you a test user and credentials to test this against my Nextcloud. I'll email you the access once I did it.
@farhatahmad eMail sent. I need your redirect URI via mail to configure the OIDC provider correctly.
@farhatahmad Just want to ask if there is any news in this issue?
@jacotec Do you mind sharing your nextcloud - greenlight configs (sensitive data cleared of course)? I'm struggling setting this up. Keep getting 404. The greenlight logs state just:
D, [2024-07-26T14:29:47.777511 #1] DEBUG -- omniauth: (openid_connect) Request phase initiated. E, [2024-07-26T14:29:47.963790 #1] ERROR -- omniauth: (openid_connect) Authentication failure! Not Found: OpenIDConnect::Discovery::DiscoveryFailed, Not Found
Nextcloud OIDC Provider Settings: Redirect URI: Greenlight URL Client Identifier: xxx -> Copied to Greenlight .env OPENID_CONNECT_CLIENT_ID Secret: xxx -> Copied to Greenlight .env OPENID_CONNECT_CLIENT_SECRET Signing Algorithm: RS256 Type: confidential Flows: Code Authorization Flow Dynamic Client Registration: disabled
When I do curl the OPENID_CONNECT_ISSUER=https://mydomain/.well-known/openid-configuration I see all the fancy stuff.
That's basically it. Any help really appreciated. cheers!
While OpenID connect from Greenlight to Keycloak works fine, unfortunately it does not work using Nextcloud as OIDC provider.
When hitting the "Login" button, it's correctly redirected to the Nextcloud authentication, but after auth Greenlight throws a 404 error "Page not found".
In the container logs I see the following omniauth issue:
Any idea what's wrong is highly appreciated.