Nextcloud on UCS - Logout

[RSchlaeger]

Nextcloud version: 14 Operating system and version (eg, Ubuntu 17.04): Univenction Corporate Server is running a UNIX-Flavour…

The issue you are facing:

We are developing a Web-Application running on docker, being hosted on UCS. We can use the Login-flow with ease.

-> App Password and Token in combination with username/Password and the Nextcloud Login page

But There is no API-Call to logout and all my attempts at calling the nextclout logout-function

/logout?requesttoken...

failed, due to me not being able to figure out what the token should consist of or how to obtain it…

Can anyone please point me in the right direction? What am I doing wrong? Is there a better approach?

Many thanks for your help in advance!

[kesselb]

failed, due to me not being able to figure out what the token should consist of or how to obtain it…

I'm not sure but requesttoken could be a csrf token. You can obtain one from GET /csrftoken.

cc @rullzer for a better approach ;)

[RSchlaeger]

But how can I call that API? I seem not to be able to find this anywhere... What am I doing wrong?

[rullzer]

Could you explain to me what you are exactly trying to do? (The whole lifecycle) Because the login-flow token is not meant to login via the web.

[RSchlaeger]

Hey sorry if my initial description wasn't clear enough!

We are developing an app for Univention Corporate Server (UCS) It consists of a webapplication and a middleware (Angular + Asp.net) both running inside docker containers. We use Nextclouds implicit-auth flow to log our user in (User is comming to Nextcloud via LDAP). For this we redirect the user on startup to the nextcloud login page and login, afterwards the user gets redirected to our application. For this we needed to create an app-registration with cliendId & secret. Works quite nicely and our application does not have to worry about the login-details. Only I am unable to logout. When I clear session- and local-storage and refresh the page I get redirected to Nextcloud authentication page again. (Which in any case is fine!) Only thing is: Nextcloud still saved the app-session and I cannot login as a different user. I am promted to grant the application access and upon continuing am being redirected to our application again. Therefore I would like to end the app-session or "log"-out from nextcloud. I know Nextclouds webApp uses the call to /logout along with the requesttoken which is used to prefent cross site forgery.

How can I achieve this, or are we going at this the wrong way?

Many thanks for your support and reply!

[RSchlaeger]

@rullzer Did my Explanation help you in understanding the issue? :)

[rullzer]

So if I understand correctly you get an apptoken via the login flow. And you want a way to destory that apptoken right?

Or do you get a real login session and thus authenticate via cookies?

[RSchlaeger]

Yes, we get an App Token and want to destroy it. :)

[rullzer]

Ah. Ok right now that is not possible. But adding that should not be that hard and would indeed make sense. Let me try to tackle this alter this week.

[RSchlaeger]

Ahh okay fair enough! :) Thank you very much!