search

pulsejet / nextcloud-oidc-login

Nextcloud login via a single OpenID Connect 1.0 provider
https://apps.nextcloud.com/apps/oidc_login
GNU Affero General Public License v3.0
219 stars 59 forks source link

Autoload path not allowed #264

Closed Aocro closed 4 months ago

Aocro commented 6 months ago

Description

In a newly installed Nextcloud with the OIDC Login application, when accessing https://nextcloud.my.com/apps/oidc_login/oidc, the app appears to be broken and shows error like Autoload path not allowed. But it worked fine in an earlier Nextcloud version.

Config

<?php
$CONFIG = array (
  'htaccess.RewriteBase' => '/',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'apps_paths' => 
  array (
    0 => 
    array (
      'path' => '/var/www/html/apps',
      'url' => '/apps',
      'writable' => false,
    ),
    1 => 
    array (
      'path' => '/var/www/html/custom_apps',
      'url' => '/custom_apps',
      'writable' => true,
    ),
  ),
  'overwritehost' => 'nextcloud.my.com',
  'upgrade.disable-web' => true,
  'instanceid' => '**************************',
  'passwordsalt' => '**************************',
  'secret' => '**************************',
  'trusted_domains' => 
  array (
    0 => 'nextcloud.my.com',
  ),
  'datadirectory' => '/var/www/html/data',
  'dbtype' => 'pgsql',
  'version' => '28.0.2.5',
  'overwrite.cli.url' => 'http://nextcloud.my.com',
  'dbname' => 'nextcloud',
  'dbhost' => 'nextcloud_postgres',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'dbuser' => '**************************',
  'dbpassword' => '**************************',
  'installed' => true,
  # OIDC
  'allow_user_to_change_display_name' => false,
  'lost_password_link' => 'disabled',
  'oidc_login_provider_url' => 'https://auth.my.com',
  'oidc_login_client_id' => 'nextcloud',
  'oidc_login_client_secret' => '**************************',
  'oidc_login_auto_redirect' => false,
  'oidc_login_end_session_redirect' => false,
  'oidc_login_button_text' => 'Log in with my Auth',
  'oidc_login_hide_password_form' => true,
  'oidc_login_use_id_token' => true,
  'oidc_login_attributes' => array (
      'id' => 'preferred_username',
      'name' => 'name',
      'mail' => 'email',
      'groups' => 'groups',
      'is_admin' => 'groups_nextcloud_admins',
  ),
  'oidc_login_default_group' => 'oidc',
  'oidc_login_allowed_groups' => array (
      0 => 'nextcloud_users',
      1 => 'nextcloud_admins',
  ),
  'oidc_login_use_external_storage' => false,
  'oidc_login_scope' => 'openid profile email groups',
  'oidc_login_proxy_ldap' => false,
  'oidc_login_disable_registration' => false,
  'oidc_login_redir_fallback' => false,
  'oidc_login_alt_login_page' => 'assets/login.php',
  'oidc_login_tls_verify' => true,
  'oidc_create_groups' => false,
  'oidc_login_webdav_enabled' => true,
  'oidc_login_password_authentication' => false,
  'oidc_login_public_key_caching_time' => 86400,
  'oidc_login_min_time_between_jwks_requests' => 10,
  'oidc_login_well_known_caching_time' => 86400,
  'oidc_login_update_avatar' => false,
);

Logs

Browser


Internal Server Error

The server was unable to complete your request.

If this happens again, please send the technical details below to the server administrator.

More details can be found in the server log.
Technical details

    Remote Address: 192.168.97.5
    Request ID: kf9x1J65TCwIkg32bGbs

Nextcloud

{
    "app": "index",
    "exception": {
        "Code": 0,
        "CustomMessage": "Autoload path not allowed: /var/www/html/apps/files_external/lib/service/globalstoragesservice.php",
        "exception": {},
        "Exception": "OCP\\AutoloadNotAllowedException",
        "File": "/var/www/html/lib/autoloader.php",
        "Line": 141,
        "message": "Autoload path not allowed: /var/www/html/apps/files_external/lib/service/globalstoragesservice.php",
        "Message": "Autoload path not allowed: /var/www/html/apps/files_external/lib/service/globalstoragesservice.php",
        "Trace": [
            {
                "args": [
                    "/var/www/html/apps/files_external/lib/service/globalstoragesservice.php"
                ],
                "class": "OC\\Autoloader",
                "file": "/var/www/html/lib/autoloader.php",
                "function": "isValidPath",
                "line": 166,
                "type": "->"
            },
            {
                "args": [
                    "OCA\\Files_External\\Service\\GlobalStoragesService"
                ],
                "class": "OC\\Autoloader",
                "function": "load",
                "type": "->"
            },
            {
                "args": [
                    "\\OCA\\Files_External\\Service\\GlobalStoragesService"
                ],
                "file": "/var/www/html/custom_apps/oidc_login/lib/Service/LoginService.php",
                "function": "class_exists",
                "line": 57
            },
            {
                "args": [
                    [
                        "OC\\AllConfig"
                    ],
                    [
                        "OC\\AppFramework\\Http\\Request"
                    ],
                    [
                        "OC\\User\\Manager"
                    ],
                    [
                        "OC\\Avatar\\AvatarManager"
                    ],
                    [
                        "OC\\Group\\Manager"
                    ],
                    [
                        "OC\\L10N\\LazyL10N"
                    ],
                    [
                        "OC\\Authentication\\Token\\Manager"
                    ],
                    [
                        "OC\\AppFramework\\ScopedPsrLogger"
                    ],
                    [
                        "OCA\\OIDCLogin\\Service\\AttributeMap"
                    ]
                ],
                "class": "OCA\\OIDCLogin\\Service\\LoginService",
                "function": "__construct",
                "type": "->"
            },
            {
                "args": [
                    [
                        [
                            "OC\\AllConfig"
                        ],
                        [
                            "OC\\AppFramework\\Http\\Request"
                        ],
                        [
                            "OC\\User\\Manager"
                        ],
                        [
                            "OC\\Avatar\\AvatarManager"
                        ],
                        [
                            "OC\\Group\\Manager"
                        ],
                        "And 4 more entries, set log level to debug to see all entries"
                    ]
                ],
                "class": "ReflectionClass",
                "file": "/var/www/html/lib/private/AppFramework/Utility/SimpleContainer.php",
                "function": "newInstanceArgs",
                "line": 83,
                "type": "->"
            },
            {
                "args": [
                    [
                        "ReflectionClass",
                        "OCA\\OIDCLogin\\Service\\LoginService"
                    ]
                ],
                "class": "OC\\AppFramework\\Utility\\SimpleContainer",
                "file": "/var/www/html/lib/private/AppFramework/Utility/SimpleContainer.php",
                "function": "buildClass",
                "line": 128,
                "type": "->"
            },
            {
                "args": [
                    "OCA\\OIDCLogin\\Service\\LoginService"
                ],
                "class": "OC\\AppFramework\\Utility\\SimpleContainer",
                "file": "/var/www/html/lib/private/AppFramework/Utility/SimpleContainer.php",
                "function": "resolve",
                "line": 146,
                "type": "->"
            },
            {
                "args": [
                    "OCA\\OIDCLogin\\Service\\LoginService"
                ],
                "class": "OC\\AppFramework\\Utility\\SimpleContainer",
                "file": "/var/www/html/lib/private/AppFramework/DependencyInjection/DIContainer.php",
                "function": "query",
                "line": 468,
                "type": "->"
            },
            {
                "args": [
                    "OCA\\OIDCLogin\\Service\\LoginService"
                ],
                "class": "OC\\AppFramework\\DependencyInjection\\DIContainer",
                "file": "/var/www/html/lib/private/AppFramework/DependencyInjection/DIContainer.php",
                "function": "queryNoFallback",
                "line": 440,
                "type": "->"
            },
            {
                "args": [
                    "OCA\\OIDCLogin\\Service\\LoginService",
                    true
                ],
                "class": "OC\\AppFramework\\DependencyInjection\\DIContainer",
                "file": "/var/www/html/lib/private/AppFramework/Utility/SimpleContainer.php",
                "function": "query",
                "line": 96,
                "type": "->"
            },
            {
                "args": [
                    "*** sensitive parameters replaced ***"
                ],
                "class": "OC\\AppFramework\\Utility\\SimpleContainer",
                "function": "OC\\AppFramework\\Utility\\{closure}",
                "type": "->"
            },
            {
                "args": [
                    [
                        "Closure"
                    ],
                    [
                        [
                            "ReflectionParameter",
                            "appName"
                        ],
                        [
                            "ReflectionParameter",
                            "request"
                        ],
                        [
                            "ReflectionParameter",
                            "config"
                        ],
                        [
                            "ReflectionParameter",
                            "urlGenerator"
                        ],
                        [
                            "ReflectionParameter",
                            "userSession"
                        ],
                        "And 2 more entries, set log level to debug to see all entries"
                    ]
                ],
                "file": "/var/www/html/lib/private/AppFramework/Utility/SimpleContainer.php",
                "function": "array_map",
                "line": 83
            },
            {
                "args": [
                    [
                        "ReflectionClass",
                        "OCA\\OIDCLogin\\Controller\\LoginController"
                    ]
                ],
                "class": "OC\\AppFramework\\Utility\\SimpleContainer",
                "file": "/var/www/html/lib/private/AppFramework/Utility/SimpleContainer.php",
                "function": "buildClass",
                "line": 128,
                "type": "->"
            },
            {
                "args": [
                    "OCA\\OIDCLogin\\Controller\\LoginController"
                ],
                "class": "OC\\AppFramework\\Utility\\SimpleContainer",
                "file": "/var/www/html/lib/private/AppFramework/Utility/SimpleContainer.php",
                "function": "resolve",
                "line": 146,
                "type": "->"
            },
            {
                "args": [
                    "OCA\\OIDCLogin\\Controller\\LoginController"
                ],
                "class": "OC\\AppFramework\\Utility\\SimpleContainer",
                "file": "/var/www/html/lib/private/AppFramework/DependencyInjection/DIContainer.php",
                "function": "query",
                "line": 468,
                "type": "->"
            },
            {
                "args": [
                    "OCA\\OIDCLogin\\Controller\\LoginController"
                ],
                "class": "OC\\AppFramework\\DependencyInjection\\DIContainer",
                "file": "/var/www/html/lib/private/AppFramework/DependencyInjection/DIContainer.php",
                "function": "queryNoFallback",
                "line": 440,
                "type": "->"
            },
            {
                "args": [
                    "OCA\\OIDCLogin\\Controller\\LoginController"
                ],
                "class": "OC\\AppFramework\\DependencyInjection\\DIContainer",
                "file": "/var/www/html/lib/private/AppFramework/App.php",
                "function": "query",
                "line": 163,
                "type": "->"
            },
            {
                "args": [
                    "OCA\\OIDCLogin\\Controller\\LoginController",
                    "oidc",
                    [
                        "OC\\AppFramework\\DependencyInjection\\DIContainer"
                    ],
                    [
                        "oidc_login.login.oidc"
                    ]
                ],
                "class": "OC\\AppFramework\\App",
                "file": "/var/www/html/lib/private/Route/Router.php",
                "function": "main",
                "line": 315,
                "type": "::"
            },
            {
                "args": [
                    "/apps/oidc_login/oidc"
                ],
                "class": "OC\\Route\\Router",
                "file": "/var/www/html/lib/base.php",
                "function": "match",
                "line": 1069,
                "type": "->"
            },
            {
                "args": [],
                "class": "OC",
                "file": "/var/www/html/index.php",
                "function": "handleRequest",
                "line": 39,
                "type": "::"
            }
        ]
    },
    "level": 3,
    "message": "Autoload path not allowed: /var/www/html/apps/files_external/lib/service/globalstoragesservice.php",
    "method": "GET",
    "remoteAddr": "192.168.97.5",
    "reqId": "kf9x1J65TCwIkg32bGbs",
    "time": "2024-03-01T03:37:41+00:00",
    "url": "/apps/oidc_login/oidc",
    "user": "--",
    "userAgent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0",
    "version": "28.0.2.5"
}

Version

marcos-ybarra-iazi commented 4 months ago

Hi Aocro, In my case, I had to enable files_external plugin and then started to work, enable logs in config.php in case doesn´t work to be able to see exactly which class/path returns that error. Kind regards

Aocro commented 4 months ago

Hi Marcos Ybarra, thank you for your reply. However I no longer use Nextcloud, so I won't be able to test that. Thanks again!