search

pulsejet / nextcloud-oidc-login

Nextcloud login via a single OpenID Connect 1.0 provider
https://apps.nextcloud.com/apps/oidc_login
GNU Affero General Public License v3.0
219 stars 59 forks source link

Login filter error with webdav protocol #247

Open corentin-soriano opened 11 months ago

corentin-soriano commented 11 months ago

When using realm role filtering, it doesn't work with the WebDAV protocol.

My configuration is as follows, in accordance with the documentation:

  'oidc_login_filter_allowed_values' => array('nextcloud'),
  'login_filter' => 'realm_access_roles',

My workaround is implemented in the following code snippet found in apps/oidc_login/lib/Service/LoginService.php on line 425:

$profile = json_decode(json_encode($profile), true); // 
$profile['realm_access_roles'] = $profile['realm_access']['roles'];

This is due to two factors: 1) $profile['realm_access_roles'] is undefined. 2) $profile is of type Object(stdClass) and not Array(), as evident in apps/oidc_login/lib/Service/AttributeMap.php:

    public function hasLoginFilter(&$profile)
    {
        return \array_key_exists($this->_login_filter, $profile);
    }

Is it possible to correct it? Thanks !

pulsejet commented 11 months ago

Can you reproduce this in the current alpha version? https://github.com/pulsejet/nextcloud-oidc-login/releases/tag/v3.0.0-rc.2

corentin-soriano commented 11 months ago

Thank you for your response. I have just installed version 3.0.0-rc2. This time, I am receiving a 401 error even before reaching getLoginFilterValues(), just like in version 2.6.0. Web authentication works perfectly in both versions. The error is only reproduced in the WebDAV protocol.