Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Google OAuth2 Login not redirecting properly during login flow #1779

Open
githubbbie opened this issue Sep 25, 2024 · 6 comments
Open

Google OAuth2 Login not redirecting properly during login flow #1779

githubbbie opened this issue Sep 25, 2024 · 6 comments
Labels
documentation Improvements or additions to documentation extensions (plugin)

Comments

@githubbbie
Copy link

Describe the bug

When trying a google workspace email with OAuth2 credentials setup according to Snappymail instructions, using my own custom nextcloud domain

To Reproduce
Steps to reproduce the behavior:
0. Setup my google workspace OAuth2 credentials

  1. Go to https://MYNEXTCLOUD.DOMAIN/apps/snappymail/
  2. Enter my google workspace email and no password
  3. Click on "Gmail" button
  4. Get error

Expected behavior

Google should offer its consent screen where I would normally enter my password for the requested email, then upon confirmation on Google side, get a redirect back to my authorized redirect URI.

Screenshots

2024-09-25_12-46-google-workspace-domain-not-working-main-login

From the google side, oauth2 authorized URI, NOTE there is only bare domain for serving nextcloud.

2024-09-25_13-26-google-side

Please complete the following information:

  • Browser: Version 129.0.6668.58 (Official Build, ungoogled-chromium) (64-bit)
  • PHP version: 8.2.22
  • SnappyMail Version: 2.38.0
  • Mode: nextcloud
  • Nextcloud version: 29.0.5

Debug/logging information

  • From Google:

2024-09-25_12-46-google-workspace-domain-not-working-main-login-error

Additional context
Add any other context about the problem here.

@githubbbie
Copy link
Author

githubbbie commented Sep 25, 2024

BTW, just setup this same gmail account with k9 android app and there is another flow there that safari and k9 used to authorize gmail accounts, that did not require all that oauth2 setup.

@githubbbie
Copy link
Author

The documentation for setting up gmail accounts is a bit sparse: https://github.com/the-djmaze/snappymail/wiki/FAQ#gmail

What is the appropriate redirect URI ?

Clearly not snappymail.eu for either authorized URI, but one's own custom URI.

Help?

@githubbbie
Copy link
Author

Related to #1663 #1580

On Issue #1520 there might be issue with bare gmail account (NOT google workspace gmail account) and 2auth being enabled. First, want to get to the bottom of working Google Workspace Gmail OAuth2 account + snappymail in nextcloud, then will move onto the next one.

@the-djmaze
Copy link
Owner

Plugin does not support flowname. It uses the basic OAuth2.
Check which permissions you've setup.

@the-djmaze the-djmaze added documentation Improvements or additions to documentation extensions (plugin) labels Sep 26, 2024
@githubbbie
Copy link
Author

Strange, looking at the error in the code: Request details:

redirect_uri=https://MY_NEXTCLOUD_DOMAIN/apps/snappymail/?LoginGMail flowName=GeneralOAuthFlow 

@githubbbie
Copy link
Author

Hmmm, not sure. Looks like google migrating to Out-Of-Band flows: https://developers.google.com/identity/protocols/oauth2/resources/oob-migration

By "permissions" are you referring to Google's consent screen "Scopes" ? I enabled ALL Gmail API scopes (14 of them).

Or, are you referring to the app OAuth consent screen publishing status:

image

I had set to Internal before and turned to External for testing and am getting same results on attempting to login to my google workspace account from logged out snappymail by clicking the gmail button.

Looking for howto setup debugging with nextcloud and snappymail as nextcloud app: https://github.com/the-djmaze/snappymail/wiki/FAQ#how-do-i-enable-logging (consider adding this to this FAQ item for howto enable logging: https://github.com/the-djmaze/snappymail/blob/master/integrations/nextcloud/snappymail/README.md#how-to-activate-snappymail-logging-and-then-find-logs)

Ok, I confirmed my nextcloud/snappymail logging is turned on.

And next, there is nothing in the logs pertaining to this, as when I click from snappymail the Gmail button, the next screen comes from google and nothing in my nextcloud/snappymail logs.

Help?

What google apis are needed to make this work?

Thanks and I hope that going thru this will help others and improve documentation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
documentation Improvements or additions to documentation extensions (plugin)
Projects
None yet
Development

No branches or pull requests

2 participants