zorn-v
commented
2 years ago No idea. OAuth backends is THOUSANDS. And anyone have own features/fields. It can not done in general way. You can fork this app and adapt it for your needs.
Closed SaymonDzen closed 1 year ago
zorn-v
commented
2 years ago No idea. OAuth backends is THOUSANDS. And anyone have own features/fields. It can not done in general way. You can fork this app and adapt it for your needs.
Blackclaws
commented
2 years ago This is basically not doable. By definition the nextcloud app passwords are entirely separate from the normal login flow and exist as an access token for a specific device.
The only way you can do this is if you check the user against a separate backend store and then periodically disable users that are disabled there.
Even federated logout from the OIDC provider will not allow you to disable app passwords this way.
in nextcloud, the user can create a password for the application. This will allow users to webdav but if user authorization is disabled on the oauth backend, this does not cause the user to be marked disabled on the nextcloud and the app password remains valid, so on the nextcloud you need to somehow also disable the user created by oauth. Does anyone have any idea how this can be solved?