-
Notifications
You must be signed in to change notification settings - Fork 61
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
WebDAV authentication not working with Nextcloud 27 #255
Comments
Can you try removing the return type of |
I had to remove:
Then the basic authentication for WebDAV started to work. After removing the same type check at |
Thanks for helping debug this. Can you revert your changes (just uninstall / re-install the app maybe) and test this patch? |
Hi, I re-created the docker container and applied your patch. Basic authorization works fine, but bearer token does not work - I always get error 401. |
Does removing the type check in bearerauthbackend fix this? Maybe the event is something else... |
No, it does not help. Perhaps there is some issue in the token validation... |
That's .. weird. That commit changed nothing related to tokens |
After the next round of testing, I finally got it working. Your patch was OK, but my access token was not. The |
+1, do you think this fix will be turned into a release soon ? |
3.0.2 is up |
I have just made a test with 3.0.2 sitting on Nextcloud 28.0.4 and Authentik 2024.2.3 along with app password - tested with Joplin. I can confirm it works, although the app password for now is limited in duration to 30 minutes until the next release of Authentik 2024.4 |
Hello,
I am trying to configure Nextcloud 27 to authenticate against Keycloak 23 for development purposes. I run both applications inside docker containers, the Nextcloud is a clean
nextcloud:latest
docker image withnextcloud-oidc-login
app installed. Web authentication works as expected, but I am not able to get the WebDAV authentication working.I enabled the WebDAV authentication in the
config.php
:And now I am trying to use the basic WebDAV authentication via
curl
:I am getting error 401 for my Keycloak user, but the request succeeds for the
admin
user, which has a native Nextcloud account.To investigate further, I checked if the
BasicAuthBackend::handle()
method correctly registers the OIDC backend, but I found out that the initial event check fails because the event is of classOCP\SabrePluginEvent
and not the\OCA\DAV\Events\SabrePluginAuthInitEvent
in my case. Therefore, the OIDC backend is not registered at all and authentication, of course, fails.Then I tried to comment out the type check, but I finished with the following exception:
OCA\OIDCLogin\Provider\OpenIDConnectClient::getTokenProfile(): Return value must be of type array, stdClass returned
.I checked the JWT passed to the
getTokenProfile()
method, and it is valid according to jwt.io. Since the exception is thrown by thedecodeJWT()
method which comes from the 3rd party library, it seems like some kind of interface incompatibility...Could you help me to troubleshoot the WebDAV authentication?
The text was updated successfully, but these errors were encountered: