Closed jayfk closed 2 years ago
But user can change their passwords via "forget password" feature anyway, what's a point ?
You can't change the password because the user was authenticated by the identity provider, not nextcloud. So why present them with a password change dialogue that they can't use!?
But why EVERYONE can not change their passwords ?
To change their password they would have to login to the SSO IdP to change it. Not nextcloud. It is simply impossible to change the password from Nextcloud. Oauth2 doesn't even provide this function.
You are trying to bring everyone under your comb. Just imagine that not everyone under your hood ) Just in case - I have many people logged in via not controlled providers (google/muugle/huюгл)
So how do you change someone's google password for them? Magic?
If you're talking about creating them an additional Nextcloud password for them (at which point I would query why you even bother with SSO - but that's none of my business), then please understand that most of the world implements single-sign-on to have a single IdP and single password for all of the managed services, and managed services like Nextcloud do not get to know the actual password much less change it. The least you could do is acknowledge this and make it an option to disable the unusable and confusing password change form.
Please, don't take my app as PRIVATE SSO. You can use https://apps.nextcloud.com/apps/oidc_login instead.
It would be great if Social Login could be configured to disable the change password form, just like LDAP does.
For more info, see here: https://github.com/nextcloud/server/issues/12671