Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Loginflow SSO for Nextcloud #914

Open
sunjam opened this issue Feb 20, 2021 · 22 comments
Open

Loginflow SSO for Nextcloud #914

sunjam opened this issue Feb 20, 2021 · 22 comments
Labels
enhancement help wanted

Comments

@sunjam
Copy link

sunjam commented Feb 20, 2021

image

I know you are super busy and already handling plenty. I'd like to humbly request LoginFlow support for Nextcloud on Desktop as a way to ease setting up WebDAV #599 and CalDAV #626. Of course you already support these as a platform agnostic option.

Perhaps one day it will be possible to support this and smooth out integration to be as simple as clicking "Grant Access" for any user already logged into Nextcloud on their browser, desktop, or mobile app. Greatly simplifies the process in the manner we expect from Google Drive and Dropbox (fyi there is also Oauth support from Nextcloud). Thank you for considering either way!!!
@johannesjo
Copy link
Owner

Thanks for opening this up @sunjam ! Would this also solve the cross origin problem?

This was referenced Feb 24, 2021
Closed
Closed
@github-actions
Copy link

This issue has not received any updates in 90 days. Please comment, if this still relevant!

@github-actions github-actions bot added the Stale label Jun 22, 2021
@johannesjo johannesjo removed the Stale label Jun 22, 2021
@johannesjo
Copy link
Owner

Still relevant, I think.

@sunjam
Copy link
Author

sunjam commented Jun 22, 2021 via email

@steccas
Copy link

steccas commented Sep 19, 2021

This is important, and I'm willing to help

@johannesjo
Copy link
Owner

Glad to hear it @steccas ! Most of the relevant existing code can be found here:
https://github.com/johannesjo/super-productivity/tree/master/src/app/imex/sync/web-dav

What else do you need to get started?

@EngelPika32
Copy link

Would this also solve the cross-origin problem?

Yes, but to clarify this a bit more: Once the flow is completed your App has an access token. No domain or whatsoever needed.

As the docs mention, the flow is required for the following:
· A client never stores the password of the user
· The user can revoke access on a per-client basis from the web

The Login flow v2 is recommended.
As an alternative, the user can create an access token in nextcloud web.

Regarding the mentioned OAuth2: The OAuth2 is an admin setting, not a user setting. Hence it'd be for smth. like organization access (linking different systems), but not for a single client accessing a single user.

You are able to authenticate against the
Nextcloud app on a mobile device

Yes, but this is for mobile apps on the same device.
Basically, the Nextcloud Files App performs the flow with the server, and all the other apps perform a flow with the Files-App. Hence only one token per mobile device is needed. All of this requires the SingleSignOn Library of nextcloud. – Again, Mobile only.

To conclude for SP:

  • Handle login flow for Nextcloud (preferrable v2)
  • And/or let the user enter an access token (easy-mode activated ;))
  • Being able to login with multiple accounts (for different Projects/Organisations)
  • UI: Give the user a selection of his/her accs to use

This essentially adds Nextcloud as a provider, instead of just general "WebDav/CalDav".
Though, adding tokens as AuthType for WebDav/CalDav, in general, might enable the usage of other providers too.

Adding nextcloud as a separate provider would help to distinguish between issues with Nextcloud and other WebDav/CalDav Servers.
Lastly, using tokens is more secure and removes domain-related sync problems as well.

@johannesjo
Copy link
Owner

Thank you very much for digging into this @EngelPika32 !!

Adding nextcloud as a separate provider would help to distinguish between issues with Nextcloud and other WebDav/CalDav Servers.

I agree. It is important however that the distinction between issue provider and sync provider is something that should still be maintained (because otherwise things will get very complicated – also: I did not understand your comment in that way, but I still wanted to point this out explicitly to avoid misunderstandings).

Help with this is still very welcome! I personally don't use nextcloud and for now I am happy that there is nextcloud support via webdav, but improving this would be great!

@github-actions
Copy link

github-actions bot commented Mar 8, 2022

This issue has not received any updates in 90 days. Please comment, if this still relevant!

@github-actions github-actions bot added the Stale label Mar 8, 2022
@EngelPika32
Copy link

Still relevant^ (though, it's probably low priority).

@github-actions github-actions bot removed the Stale label Mar 10, 2022
@github-actions
Copy link

github-actions bot commented Jul 9, 2022

This issue has not received any updates in 90 days. Please comment, if this still relevant!

@github-actions github-actions bot added the Stale label Jul 9, 2022
@sunjam
Copy link
Author

sunjam commented Jul 9, 2022 via email

@github-actions github-actions bot removed the Stale label Jul 23, 2022
@github-actions
Copy link

This issue has not received any updates in 90 days. Please comment, if this still relevant!

@github-actions github-actions bot added the Stale label Nov 23, 2022
@github-actions github-actions bot closed this as not planned Won't fix, can't repro, duplicate, stale Dec 8, 2022
@RokeJulianLockhart
Copy link

RokeJulianLockhart commented Aug 12, 2023
edited
Loading

#914 (comment)

@GitHub-Actions, please reopen this issue. I literally can't use this application, because I use a non-self-hosted instance (https://wim.nl.tab.digital) where I don't possess permission to install the necessary Nextcloud https://apps.nextcloud.com/apps/webapppassword app.

https://github.com/tasks/tasks supports Nextcloud auth via Davx5, but that only works for Android – and SupProd doesn't even support that, per #2719 (comment) – whereas I'd like to use this on Linux.

@johannesjo johannesjo reopened this Aug 18, 2023
@github-actions github-actions bot removed the Stale label Aug 19, 2023
@github-actions GitHub Actions
Copy link

This issue has not received any updates in 90 days. Please comment, if this still relevant!

@github-actions github-actions bot added the Stale label Dec 19, 2023
@sunjam
Copy link
Author

sunjam commented Dec 19, 2023

open please

@github-actions github-actions bot removed the Stale label Dec 20, 2023
@github-actions GitHub Actions
Copy link

This issue has not received any updates in 90 days. Please comment, if this still relevant!

@github-actions github-actions bot added the Stale label Apr 18, 2024
@RokeJulianLockhart

This comment was marked as duplicate.

Sign in to view
@sunjam
Copy link
Author

sunjam commented Apr 18, 2024

Open please.

@johannesjo johannesjo removed the Stale label Apr 19, 2024
@github-actions GitHub Actions
Copy link

This issue has not received any updates in 90 days. Please comment, if this still relevant!

@github-actions github-actions bot added the Stale label Aug 19, 2024
@RokeJulianLockhart

This comment was marked as duplicate.

Sign in to view
@sunjam
Copy link
Author

sunjam commented Aug 19, 2024

CORS support is in development for 31.

@github-actions github-actions bot removed the Stale label Aug 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@johannesjo @sunjam @steccas @EngelPika32 @RokeJulianLockhart