Open jager012 opened 2 years ago
Seeing the same thing and there are no log entries in keycloak. Nextcloud logs show:
10.x.x.x - - [20/May/2022:07:31:56 +0000] "GET /apps/user_oidc/login/2 HTTP/1.1" 404 5708 "https://nextcloud.test.example.com/login" "Mozilla/5.0 (some user agent...) Gecko/xxx Firefox/xxx"
This seems to imply that the link provided on the front page is not implemented or it is incorrect.
I ended up enabling debug mode in nextcloud:
php occ config:system:set debug --type bool --value true
and found a message about local access restrictions in /var/www/html/data/nextcloud.log
:
{"reqId":"SEnExddueseem0lfadLY","level":2,"time":"2022-05-20T01:01:01+00:00","remoteAddr":"10.x.x.x","user":"--","app":"no app in context","method":"GET","url":"/apps/user_oidc/login/1","message":"Host 192.168.x.x was not connected to because it violates local access rules","userAgent":"Mozilla/5.0 (some user agent...) Gecko/xxx Firefox/xxx}
I ran php occ config:system:set allow_local_remote_servers --value true
Then after a couple attempts keycloak showed up and logins started working.
@jager012 I think this is the same issue you are seeing because you mention you are running Nextcloud on the same machine as your OpenID provider.
Sidenote: I am not sure why one true
is a boolean and the other is not... but it does work for me.
@nextcloud Could the failure message be improved to mention local access restrictions?
{"reqId":"dMZkIqaBx5nmseIY66t3","level":4,"time":"2022-08-12T11:39:24+00:00","remoteAddr":"192.168.80.7","user":"--","app":"user_oidc","method":"GET","url":"/apps/user_oidc/login/8","message":"Could not reach provider at URL https://auth.myprovider.com/auth/realms/myrealm/protocol/openid-connect/auth","userAgent":"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36","version":"24.0.3.2","data":{"app":"user_oidc"}}
Could not reach provider at URL https://auth.myprovider.com/auth/realms/myrealm/protocol/openid-connect/auth
For anyone facing this exact error (with the auth/realms/myrealm/protocol/openid-connect/auth
endpoint), see the more recent discussion here: https://github.com/nextcloud/user_oidc/issues/555
I keep getting 404 after I click the Login button. The endpoint url is reachable using curl on the same server which runs Nextcloud. If it helps, I'm running ory Hydra and I've configured OpenID on Gitea (running on the same machine as Nextcloud) without issues.
Similar to issue #355, but in his case the cause was Keycloak misconfiguration.