search

zorn-v / nextcloud-social-login

GNU Affero General Public License v3.0
198 stars 137 forks source link

Unable to exchange code for API access token. #348

Closed bachns closed 1 year ago

bachns commented 2 years ago

I am doing login to Nextcloud using Keycloak user account. I did the configuration following the instructions here. But I get the following error: Unable to exchange code for API access token. HTTP client error: Connection timed out after 30000 milliseconds. Hope someone can help me.

riccardoroccaro commented 2 years ago

Hi, I have a similar issue following the same instructions. I get the following error: "Provider returned no access_token: <!DOCTYPE html><...>". I tried to retrieve by hands the token and the user information as explained in the "Test the login" section of the instructions mentioned above and it works. Just by using social login it doesn't work. Any ideas about why this is appening? Should I open a new issue or am I in the right place?

I am using the following software versions:

zorn-v commented 2 years ago

I tried to retrieve by hands the token and the user information as explained in the "Test the login" section of the instructions mentioned above and it works.

Did you tried it from the same server/container where nextcloud runs ?

Also, regarding to comments, seems urls is changed

As it might help somebody else, coming to this post – with a more recent Keycloak version (16+) I had to adjust the paths, basically remove ‘auth’.

E.g. «https://$KEYCLOAK_HOST/realms/$KEYCLOAK_REALM/protocol/openid-connect/token» and so on.

bachns commented 2 years ago

I solved the problem. The reason is that the Keycloak and Nextcloud containers are not in the same network. So I added --network when running the containers.

docker network create --driver bridge my-network
docker run -d -p 8080:8080 -e KEYCLOAK_USER=admin -e KEYCLOAK_PASSWORD=admin --network my-network  jboss/keycloak:latest
docker run -d -p 8081:80 --network my-network nextcloud
riccardoroccaro commented 1 year ago

Did you tried it from the same server/container where nextcloud runs ?

Actually, I was using a k3d environment with just one node and two pods (and correspondent ingress - one for each) one for keycloak and one for nextcloud. I'll try with a fresh k3s installation and I'll report here the complete configuration so that you can reproduce it.

Also, regarding to comments, seems urls is changed

As it might help somebody else, coming to this post – with a more recent Keycloak version (16+) I had to adjust the paths, basically remove ‘auth’. E.g. «https://$KEYCLOAK_HOST/realms/$KEYCLOAK_REALM/protocol/openid-connect/token» and so on.

Yes, I noticed that during the configuration and I used the URLs suggested by keycloak itself for the endpoints.