Cant login - Githubissues

squalou / google-chat-linux

source of a fork of google-chat-linux unofficial client from robyf

50 stars 10 forks source link

Cant login #51

Closed druuhl closed 1 year ago

druuhl commented 2 years ago

After a while working well, i cant login anymore. We have a SSO environment and after giving the credetnials in the chat client, a tab opens in my default browser with this text (sry in german)

{code} Authentifizierung nicht möglich

Beim Verarbeiten Ihrer Anfrage ist ein Fehler aufgetreten (ref 20220601062152UID).

Keine SAML-Anfrage vorhanden! Dies kann passieren wenn die Applikation über einen falschen Bookmark (auf den SSO anstatt auf die Applikation) aufgerufen wird, oder der Browser eine fehlerhafte Cookiebehandlung nutzt (aktuellen Browser verwenden).

Bitte die Konfiguration innerhalb der Applikation bzw. im SSO überprüfen und nochmals versuchen! Wenn der Fehler weiterhin besteht bitte das SSO Betriebsteam informieren. {code}

When the last version was the very last, so i have to say thank you.

regards Stefan

SippieCup commented 2 years ago

This is probably a browser issue or SSO configuration issue, What browser are you using?

squalou commented 2 years ago

Reminds me something ... wasn't it with you @druuhl ? can't remember for sure.

you should try :

Hit "Alt" key -> menu appears Choose "Menu" Choose "use third party auth method (restart)"

You can do the same from "systray menu" if you have it (depends on your DE).

With luck it could work.

(sorry apparently I missed this issue, was moving in to a new house at the time)

vwbusguy commented 1 year ago

I use this for a higher ed as well. I found a workaround to keep it from breaking out for my company's SSO:

I added the SSO URL to the list here: https://github.com/squalou/google-chat-linux/blob/master/src/window.js#L18

So, in my case, I added "sso.ucsb.edu" and "passport.ucsb.edu" to the list.

I'm unfortunately not sure how to obviously make this work without hard-coding it like this in the source. Perhaps there might be a way to read these kind of values from a "config.json" somewhere and append them (it wouldn't be a const anymore).

squalou commented 1 year ago

interesting, maybe at least an environment variable would do the trick ? (would be faster to implement, quick and dirty for my limited time :) )

vwbusguy commented 1 year ago

Totally - with some delimiter in the value to allow multi-value. Many higher-eds use Shibboleth for SAML and offload auth to CAS, so there are a number of redirects that happen behind the scenes in the browser that the end-user normally doesn't have to think about, but those subdomains would need to be added to the list.