Hello,

i have an issue with sociallogin with github. if i whant to logging in with sociallogin with github

this issue appears all the time

and in the Server protocol appears the error message

my Website is https://aw96.de/nextcloud

Hi,

I have installed your app fine and have setup both GitHub and google, github works a charm. but I get a 403 error for google.

Error page:
403 Forbidden
nginx/1.12.2

Nginx log:
212.159.117.222 - - [23/Apr/2018:11:42:40 +0000] "GET /apps/sociallogin/oauth/google HTTP/2.0" 403 185 "-" "owncloud.horwood.biz" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36" "-" "192.168.49.203:9000 : 192.168.49.203:9000"

Server configuration

Operating system:
cat /etc/debian_version
9.4

Web server:
nginx 1.12.2

Database:
mysql-server 5.5.59

PHP version:
PHP 7.0.27-0+deb9u1 (cli) (built: Jan 5 2018 13:51:52) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
with Zend OPcache v7.0.27-0+deb9u1, Copyright (c) 1999-2017, by Zend Technologies

Nextcloud version:
version: 13.0.1.1

Updated from an older Nextcloud/ownCloud or fresh install:
Updated from older version

Where did you install Nextcloud from:
https://download.nextcloud.com/server/releases/

Signing status:

No errors have been found.

List of activated apps:

Enabled:
  - activity: 2.6.1
  - admin_audit: 1.3.0
  - admin_notifications: 1.0.1
  - announcementcenter: 3.2.1
  - bookmarks: 0.11.0
  - bruteforcesettings: 1.0.3
  - calendar: 1.6.1
  - circles: 0.13.6
  - cms_pico: 0.9.7
  - comments: 1.3.0
  - contacts: 2.1.3
  - dashboard: 4.0.6
  - dav: 1.4.6
  - deck: 0.3.1
  - encryption: 2.0.0
  - external: 3.0.2
  - federatedfilesharing: 1.3.1
  - federation: 1.3.0
  - files: 1.8.0
  - files_accesscontrol: 1.3.0
  - files_automatedtagging: 1.3.0
  - files_external: 1.4.1
  - files_frommail: 0.1.0
  - files_markdown: 2.0.4
  - files_pdfviewer: 1.2.1
  - files_sharing: 1.5.0
  - files_texteditor: 2.5.1
  - files_trashbin: 1.3.0
  - files_versions: 1.6.0
  - files_videoplayer: 1.2.0
  - firstrunwizard: 2.2.1
  - gallery: 18.0.0
  - groupfolders: 1.2.0
  - logreader: 2.0.0
  - lookup_server_connector: 1.1.0
  - mail: 0.7.10
  - mindmaps: 0.1.0
  - nextcloud_announcements: 1.2.0
  - notes: 2.3.2
  - notifications: 2.1.2
  - oauth2: 1.1.0
  - ocsms: 1.12.2
  - password_policy: 1.3.0
  - polls: 0.8.1
  - previewgenerator: 1.0.9
  - provisioning_api: 1.3.0
  - quota_warning: 1.2.0
  - serverinfo: 1.3.0
  - sharebymail: 1.3.0
  - sociallogin: 1.3.4
  - socialsharing_diaspora: 1.0.2
  - socialsharing_email: 1.0.3
  - socialsharing_facebook: 1.0.2
  - socialsharing_googleplus: 1.0.2
  - socialsharing_twitter: 1.0.2
  - spreed: 3.1.0
  - survey_client: 1.1.0
  - systemtags: 1.3.0
  - tasks: 0.9.6
  - theming: 1.4.1
  - twofactor_backupcodes: 1.2.3
  - twofactor_totp: 1.4.1
  - updatenotification: 1.3.0
  - user_external: 0.4
  - workflowengine: 1.3.0
Disabled:
  - user_ldap

Nextcloud configuration:

{
    "system": {
        "instanceid": "***REMOVED SENSITIVE VALUE***",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "owncloud.horwood.biz",
            "212.159.117.222",
            "192.168.49.203"
        ],
        "datadirectory": "***REMOVED SENSITIVE VALUE***",
        "overwrite.cli.url": "https:\/\/owncloud.horwood.biz",
        "dbtype": "mysql",
        "version": "13.0.1.1",
        "dbname": "***REMOVED SENSITIVE VALUE***",
        "dbhost": "***REMOVED SENSITIVE VALUE***",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "logtimezone": "UTC",
        "logfile": "\/var\/data\/owncloud\/owncloud.log",
        "logdateformat": "Y-m-d H:i:s",
        "installed": true,
        "mail_smtpmode": "smtp",
        "mail_from_address": "***REMOVED SENSITIVE VALUE***",
        "mail_domain": "***REMOVED SENSITIVE VALUE***",
        "mail_smtphost": "***REMOVED SENSITIVE VALUE***",
        "mail_smtpport": "25",
        "theme": "",
        "filelocking.enabled": "true",
        "memcache.local": "\\OC\\Memcache\\APCu",
        "memcache.distributed": "\\OC\\Memcache\\Redis",
        "memcache.locking": "\\OC\\Memcache\\Redis",
        "redis": {
            "host": "***REMOVED SENSITIVE VALUE***",
            "port": 6379,
            "timeout": 0
        },
        "asset-pipeline.enabled": false,
        "filesystem_check_changes": "0",
        "trashbin_retention_obligation": "auto",
        "preview_max_scale_factor": 1,
        "preview_max_x": 1024,
        "preview_max_y": 1024,
        "maintenance": false,
        "loglevel": 0,
        "htaccess.RewriteBase": "\/",
        "has_internet_connection": true,
        "data-fingerprint": "a40dea991a946a4d82e4a3702c8f1fcc",
        "updater.secret": "***REMOVED SENSITIVE VALUE***",
        "log_rotate_size": 52428800
    }
}

Would it be possible to login to a user already created by the LDAP from a custom OIDC provider?
Let me explain: There is a user created "username", when you configure the custom OIDC provider and login, it receives the userID "username" but it creates a new user "provider-username".
Could it be configured in the provider to use existing users in the system?
Thank you.

Hello,
If I set

'social_login_auto_redirect' => true

Neither cron.php nor occ run correctly anymore. cron.php just fails silently. occ produces the output below. Pleas let me know if you need any further information.

An unhandled exception has been thrown:
Exception: The requested uri() cannot be processed by the script './occ') in /nextcloud/public/lib/private/AppFramework/Http/Request.php:742
Stack trace:
#0 /nextcloud/public/lib/private/AppFramework/Http/Request.php(768): OC\AppFramework\Http\Request->getRawPathInfo()
#1 /nextcloud/public/apps/sociallogin/lib/AppInfo/Application.php(79): OC\AppFramework\Http\Request->getPathInfo()
#2 /nextcloud/public/apps/sociallogin/appinfo/app.php(6): OCA\SocialLogin\AppInfo\Application->register()
#3 /nextcloud/public/lib/private/legacy/app.php(261): require_once('/nextcloud...')
#4 /nextcloud/public/lib/private/legacy/app.php(154): OC_App::requireAppFile(Object(OCA\SocialLogin\AppInfo\Application))
#5 /nextcloud/public/lib/private/legacy/app.php(127): OC_App::loadApp('sociallogin')
#6 /nextcloud/public/lib/private/Console/Application.php(108): OC_App::loadApps()
#7 /nextcloud/public/console.php(89): OC\Console\Application->loadCommands(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
#8 /nextcloud/public/occ(11): require_once('/nextcloud...')
#9 {main}

I want to use nextcloud-social-login with WP OAuth Server

I tried many different settings but the result ist allways this:

OAuth-Server Setting

Any help?

OpenId logins fails for existing users as the API creates its own UID instead of using the OpenId provided "nickname" or the configured "Internal name" of the social login plugin.

Hey,

i'm trying to get gitlab provider working. For now only gitlab.com as this seems to be supported by hybridauth.
The goal is to use my own gitlab instance for authentication.

The issue

After login i get redirected to /login?code=XXXXX which seems correct to me but i'm not logged in at all.

Any idea how to get login working?

3rd party (hybridauth)

There is a typo here at the end of the line " :
https://github.com/zorn-v/nextcloud-social-login/blob/master/3rdparty/hybridauth/hybridauth/src/Provider/GitLab.php#L33

Login works when adding this code after this line https://github.com/zorn-v/nextcloud-social-login/blob/master/3rdparty/hybridauth/hybridauth/src/Provider/GitLab.php#L44

    /**
    * {@inheritdoc}
    */
    protected function initialize()
    {
        parent::initialize();
        $this->AuthorizeUrlParameters = [
	        'type'			=> "web_server",
            'client_id'     => $this->clientId,
            'response_type'	=> "code",
            'redirect_uri'  => "https://cloud.knallimall.org/login",
            'scope'         => "api",
        ];
        $this->tokenExchangeParameters = [
            'client_id'    => $this->clientId,
            'client_secret' => $this->clientSecret, 
           'grant_type'   => 'authorization_code',
            'redirect_uri' => $this->callback
        ];
    }

See these commits:
https://github.com/ochorocho/nextcloud-social-login/commit/3855e44766e1b692bb105ee4fc1f2e1bd81410ee

https://github.com/ochorocho/nextcloud-social-login/commit/248b5e8c27f682b4387f7f2eb1444eb0d03e625f

Thanks

Hi,
I want to connect to Azure Active Directory with the OAuth2 provider. An application with necessary redirect_url... has been created.
When I try to log in, I get the error
Unable to exchange code for API access token. HTTP error 400. Raw Provider API response: {"error":"invalid_request","error_description":"AADSTS90014: The request body must contain the following parameter: 'grant_type'.\r\nTrace ID: 1ae94aaf-e1d9-4678-9892-3b5bcd091d00\r\nCorrelation ID: 9f2c1f67-2961-490f-a330-13399888fdb5\r\nTimestamp: 2018-07-22 20:31:10Z","error_codes":[90014],"timestamp":"2018-07-22 20:31:10Z","trace_id":"1ae94aaf-e1d9-4678-9892-3b5bcd091d00","correlation_id":"9f2c1f67-2961-490f-a330-13399888fdb5"}.

From my understanding the grant_type should be passed within the body as POST parameter.
Did anybody successfully connect via OAuth2 to an AAD?

This looks awesome!

The used hybridauth library brings ready made plugins for the industry giants. Additional providers need to be coded, which is quite simple (3 urls + 1 scope).
Now let's suppose we want to add a custom provider, but either can't code or don't have access to the server (managed service). What would help is a parametrizable provider where the site admin fills their info (3 urls + 1 scope).

A useful addition to the oauth providers would be ORCID: https://members.orcid.org/api/integrate/orcid-sign-in

ORCID is the de-facto standard identity provider for the academic community, and having ORCID based auth would certainly contribute to the adoption of nextcloud by university & research centers.

Hi,

you are releasing new versions so quick, that I always need to go to GitHub to see what is new. (I am using RSS reader for the updates from the apps.nextcloud.com.)

Would it be possible to add the changes to the release? (To see it here like for example mail app.)

Nothing important but nice-to-have..;-)

Thanks!

Hi, I've done a little changes on Custom OAuth2 in order to read API from kayako.com and I would to keep it saved even if in the future the app will be updated.
I've simply replaced $response->id in $response->data->id in /lib/Provider/CustomOAuth2.php
if (!isset($response->identifier) && isset($response->data->id)) {
$response->identifier = $response->data->id;
}
How can I make it permanent?
Thank you for this useful app

I can't type chinese in OpenID Title. Please fix this Bug. thank you!

Hi,

as you may have already seen, we have entered the beta phase for the release of Nextcloud 14. We usually try to keep up compatibility with previous app versions, but in some cases apps need some adjustments to properly work on new Nextcloud releases. With Nextcloud 14 there have been quite some changes in that regard:

You can find a list of all critical changes for app developers and admins at nextcloud/server#7827. You can run occ app:check-code to validate that there are no issues with deprecated or private message calls.

One critical change is the overall restructuring of the main template (nextcloud/server#9982) that might require some adjustments in your app.

We would be very pleased if you can make your app compatible with Nextcloud 14 and release a new version to the app store, so that users can properly test it and the upgrade experience to Nextcloud 14 will be even better than before.

Feel free to ask, if you have any questions regarding making your app compatible with Nextcloud 14.

Thanks for being part of the Nextcloud community and for all the effort you put into providing this app 🚀 .

What features do I need to apply to use facebook?
USER_LINK ?

Thank You!

Is it necessary to reauthorise during every login? Is this normal behaviours for Oauth2 logins? Cant an authorisation not being reused until Token Expiration?

Looks like the URI that is being passed to facebook is the internal IP of my nextcloud instance. I'm not sure how to change that. I have nextcloud running in a container behind a reverse proxy. I do have the nextcloud URL set as the public domain URL.

redirect_uri=https%3A%2F%2F192.168.1.10%3A7443%2Findex.php%2Fapps%2Fsociallogin%2Foauth%2Ffacebook&scope=email%2C%20public_profile&state=HA

Hello,

First of all, thank you for this awesome app which will be a great help for nextcloud admins.
This issue is probably related to issue #2 , but not entirely.
I tried to configure the app with google (which is the one I need more) and tried to login with my google account, it finally worked and I was happy. But then I realized it created a new account on my nextcloud without verifying anything (I had a user with this email). This point is issue #2 .

But my other problem is that it allows anyone to create an account on my private nextcloud instance just using a google account and that is a huge security / privacy issue for me. OK my instance is private (as much as it can be), but this was merely a sandbox for a bigger project.

I am managing a nextcloud instance for a small community (about 40 users in the end) which is not so private: public links will be available. What if suddenly this becomes a target for spammers (or whatever ill intending people) and they create lots of accounts?

What I would expect in the future

• Admin creates users
• Existing users can login using their social login
• Non existing users are not created and are not logged in

I hope you can understand my concerns and provide an appropriate answer.

Once again, thanks for this great promising app!

At the moment sub is used for the uid and sometimes it is not preferable if we want to use LDAP backend at the same time for example. It would be great if one could map the uid field to another field from userinfo endpoint (preferred_username for example).

I'm trying to setup a custom OAuth2 with Invision Community v4.3.5 as an identity provider. But I'm stuck at "Error Provider API returned an unexpected response." with no further feedback. How do I fix this?

Invision Community v4.3.5


*redirection uri: https://pyroforum.nl/nextcloud/index.php/apps/sociallogin/custom_oauth2/PyroForum.nl

Nextcloud

Steps

It would be very nice if there is the option for establishing that selfcreated users are disabled by default.

I have added Discord to the AdminSettings.php
And have configured the correct Client ID, Client Secret, and Redirect URL
https://example.com/index.php/apps/sociallogin/oauth/Discord

example.com is not the real domain obviously

Login works as expected until you click continue on the discord permissions page
Or if you try a second time it skips the permissions page and goes straight to the error
The error I get is below:

Error
Signed API request has returned an error. HTTP error 401. Raw Provider API response: {"code": 0, "message": "401: Unauthorized"}.

Nextcloud 13.0.3
Social App 1.8.0
Using Google login option only (authorized url https://mydomain.com/apps/sociallogin/oauth/google)

The Nextcloud instance is being accessed through a web browser (computer) and Android app. Everything works great on the web browser (both computer and Android devices). The Google button is pressed and the user is redirected to the Nextcloud instance.

The problems start with the Android app. The button to login using Google is there as expected. When pressed, it shows a login screen (I would have expected it to use the credentials of the account on the Android device). Once the user logs in, the web page version of Nextcloud is displayed and not the Android frontend. It's like the web page that is being displayed for login is never closed and the user is never really logged in. After about 30 seconds, at the bottom of the screen, the "go back to old login method" message shows up. Clicking on it brings the user back to the login page. (An example of this problem here although the cause of the problem is different). If I disable the Google login, the problem disappears.

Is there anybody else having problems login in with the Social app on the Android app? I haven't tested with the iOS version.

Thank you for this great addition to Nextcloud! You are making Nextcloud much more accessible!

Just saw update to 1.8.0 but what is update ?

When I try to connect for the first time ( so it's an account creaton ) with my external id oidc provider I got an error 500. If I go back to nextcloud I have my account created and I can use nextcloud.

I don't know if it can be solve here or of it's dependent of the nextcloud/server project

Technical details
Remote Address: 127.0.0.1
Request ID: WirC3TlaQxz3oe9SlscW
Type: Error
Code: 0
Message: Call to undefined function OC\imagettfbbox()
File: /Users/myuser/Dev/nextcloud/lib/private/Avatar.php
Line: 260

Trace
#0 /Users/myuser/Dev/nextcloud/lib/private/Avatar.php(176): OC\Avatar->generateAvatar('openid-connect-...', 1024)
#1 /Users/myuser/Dev/nextcloud/lib/private/Avatar.php(86): OC\Avatar->getFile(-1)
#2 /Users/myuser/Dev/nextcloud/lib/private/User/User.php(419): OC\Avatar->get(-1)
#3 /Users/myuser/Dev/nextcloud/apps/dav/lib/CardDAV/Converter.php(146): OC\User\User->getAvatarImage(-1)
#4 /Users/myuser/Dev/nextcloud/apps/dav/lib/CardDAV/Converter.php(56): OCA\DAV\CardDAV\Converter->getAvatarImage(Object(OC\User\User))
#5 /Users/myuser/Dev/nextcloud/apps/dav/lib/CardDAV/SyncService.php(276): OCA\DAV\CardDAV\Converter->createCardFromUser(Object(OC\User\User))
#6 /Users/myuser/Dev/nextcloud/apps/dav/lib/HookManager.php(96): OCA\DAV\CardDAV\SyncService->updateUser(Object(OC\User\User))
#7 /Users/myuser/Dev/nextcloud/lib/private/legacy/hook.php(106): OCA\DAV\HookManager->postCreateUser(Array)
#8 /Users/myuser/Dev/nextcloud/lib/private/Server.php(374): OC_Hook::emit('OC_User', 'post_createUser', Array)
#9 [internal function]: OC\Server->OC\{closure}(Object(OC\User\User), 'v05J7Xwv90XfJDA...')
#10 /Users/myuser/Dev/nextcloud/lib/private/Hooks/EmitterTrait.php(99): call_user_func_array(Object(Closure), Array)
#11 /Users/myuser/Dev/nextcloud/lib/private/Hooks/PublicEmitter.php(36): OC\Hooks\BasicEmitter->emit('\\OC\\User', 'postCreateUser', Array)
#12 /Users/myuser/Dev/nextcloud/lib/private/User/Manager.php(346): OC\Hooks\PublicEmitter->emit('\\OC\\User', 'postCreateUser', Array)
#13 /Users/myuser/Dev/nextcloud/lib/private/User/Manager.php(294): OC\User\Manager->createUserFromBackend('openid-connect-...', 'v05J7Xwv90XfJDA...', Object(OC\User\Database))
#14 /Users/myuser/Dev/nextcloud/apps/sociallogin/lib/Controller/LoginController.php(207): OC\User\Manager->createUser('openid-connect-...', 'v05J7Xwv90XfJDA...')
#15 /Users/myuser/Dev/nextcloud/apps/sociallogin/lib/Controller/LoginController.php(181): OCA\SocialLogin\Controller\LoginController->login('openid-connect-...', Object(Hybridauth\User\Profile))
#16 /Users/myuser/Dev/nextcloud/apps/sociallogin/lib/Controller/LoginController.php(161): OCA\SocialLogin\Controller\LoginController->auth('OCA\\SocialLogin...', Array, 'openid-connect', 'OpenID Connect')
#17 [internal function]: OCA\SocialLogin\Controller\LoginController->customOidc('openid-connect')
#18 /Users/myuser/Dev/nextcloud/lib/private/AppFramework/Http/Dispatcher.php(161): call_user_func_array(Array, Array)
#19 /Users/myuser/Dev/nextcloud/lib/private/AppFramework/Http/Dispatcher.php(91): OC\AppFramework\Http\Dispatcher->executeController(Object(OCA\SocialLogin\Controller\LoginController), 'customOidc')
#20 /Users/myuser/Dev/nextcloud/lib/private/AppFramework/App.php(115): OC\AppFramework\Http\Dispatcher->dispatch(Object(OCA\SocialLogin\Controller\LoginController), 'customOidc')
#21 /Users/myuser/Dev/nextcloud/lib/private/AppFramework/Routing/RouteActionHandler.php(47): OC\AppFramework\App::main('OCA\\SocialLogin...', 'customOidc', Object(OC\AppFramework\DependencyInjection\DIContainer), Array)
#22 [internal function]: OC\AppFramework\Routing\RouteActionHandler->__invoke(Array)
#23 /Users/myuser/Dev/nextcloud/lib/private/Route/Router.php(297): call_user_func(Object(OC\AppFramework\Routing\RouteActionHandler), Array)
#24 /Users/myuser/Dev/nextcloud/lib/base.php(999): OC\Route\Router->match('/apps/sociallog...')
#25 /Users/myuser/Dev/nextcloud/index.php(42): OC::handleRequest()
#26 {main}

how to setting ?

URL Blocked: This redirect failed because the redirect URI is not whitelisted in the app’s Client OAuth Settings. Make sure Client and Web OAuth Login are on and add all your app domains as Valid OAuth Redirect URIs.

is my setting wrong ？
the Valid OAuth Redirect URIs actual setting is ?

my website is

https://skshop.com.my/nextcloud

Any one has tried this with aws-cognito user pools ? I am trying to get it done using cognito as OAUTH provider, but i think cognito adds a little bot more complexity to the whole process. My hunch is the client should work if the is a way to pass redirect_uri, that aws-cognito requires in an openID request.

Let me try to be more specific here and explain (newbie enthusiasm).

so I have aws-cognito user-pool, and for one of my JS-applications I am using the cognito-auth-(https://github.com/aws/amazon-cognito-auth-js).

I am wondering in the nextcloud-social-login - how can I call this - and use it .

Any help would great.

Hi, I am trying to login to nextcloud with wordpress users but I get "invalid_scope An unsupported scope was requested" error.
I configured wordpress with miniOrange Oauth Server plugin and nextcloud-social-login in this way:

Wordpress miniOrange indicates to use these parameters:

Client ID and client secret are provided by miniOrange.
Which error did I commit?
Thanks

Hi,
I can not figure out which url should be entered as redirect address in the OAuth server configuration.
I tried with:
[nextcloud_url]/index.php/apps/sociallogin/custom_oauth2/[internal_name]
[nextcloud_url]/index.php/apps/sociallogin/oauth2/[internal_name]
[nextcloud_url]/index.php/apps/sociallogin/oauth/[internal_name]
but every time I had an error.
What is the correct url?
Thanks

It would be very nice the chance to define whether or not sending email notification to admin group on user selfcreation event.

I cannot understand the aim of 'social_login_auto_redirect' option in config.php.
The behaviour is the same as if it is true / false / absent. And, well, it works like a charm always.

Thanks

Requesting the user_friends permission should be removed or turned into an option that can be disabled. The user_friends permission is not one of the basic permissions, and requires submitting your Nextcloud instance to Facebook for review per their terms of use. If the instance is not reviewed and the user is not associated with a developer identity for this app, Facebook simply ignores the request, returns an empty friend list and lets the authentication continue. If the user is associated as a developer of the app, Facebook currently goes to a loop displaying an error message about permissions and the authentication never completes.

The publish_actions permission should be removed because it has been deprecated. New apps that request it will no longer be approved in the Facebook review process. Requesting this permission with a developer account on an unreviewed app also puts the authentication in the above mentioned loop. (https://developers.facebook.com/blog/post/2018/04/24/new-facebook-platform-product-changes-policy-updates/)

Hello,
I have connect nextcloud with google+. Now, I want just user account in my domains mail ( google suite) access to Login?How do this?
Thanks you !

Hi,
This module do a good job for OAuth2 login.

However, I don't want my username become 'internal-name' + 'id', which is written in
https://github.com/zorn-v/nextcloud-social-login/blob/master/lib/Controller/LoginController.php#L222
because I start to use this module after some users are already added in NextCloud.

My solusion is replacing $uid = $provider.'-'.$profileId; to this one $uid = $profileId;.
Yet, can this name prefixing rule be optional?

Hi,

thanks for the nice app. Would it be possible to add also support for adding the social login to the existing user? (e.g. in settings I can add a social login like I am adding TOTP/u2f)

Reasons:

• There are people who want to use this but already has their nextcloud account.
• There is not so nice cloud ID made on the registration (probably another issue).

Thanks for your work!

It would be very nice the chance to define default groups selfcreated users belong to.

https://www.drupal.org/project/oauth2_server

I tried to setup it with custom openid connect, but got errors

Signed API request has returned an error. HTTP error 403. Raw Provider API response: {"error":"insufficient_scope","error_description":"The request requires higher privileges than provided by the access token"}.

the endpoints are like

https://exmample.com/oauth2/authorize
https://exmample.com/oauth2/token
https://exmample.com/oauth2/userinfo

which are the default for open connect supplied by the module oauth2 server.

I can login to another drupal instance with drupal's openid connect module using te generic client setting:

https://www.drupal.org/docs/8/modules/openid-connect/client-configuration#toc-5

but need help to add a customized openid connect on nextcloud with social login app

thanks very much for help.

And github login works very well

Hello,

New users get error when trying to connect using a keycloak provider V4.3.0 Final.
Can not get identifier from provider
I think this is due to scope data or something to configure but cannot find help.
Everythings woked fine until i update keycloak and social login to last version.

What does social login expect as user data ?

In nextcloud the uid in the users table should actually be a username.

Witth your app - great app by the way - after a users log in from an openid provider, he gets registered with an uid in the user table. Well it does make sense, but not in nextcloud world.

That uid is used for sharing, so it makes it difficult if its not the username, here you have to type the uid of the user to share a document.

I guess this should be a quick fix... I wish I could help but I don't know much about php...

thanks

https://domain/index.php/apps/sociallogin/oauth/discord?state=[state]&code=[code]

Hello,
It's not really an issue of social login, but it might be an issue for the users of social login.

When you want to connect an account in the desktop app, it's asking for login / password. Whereas the nextcloud app (at least the android one) redirects you to the login page to authorize the app and the social login is there.

Honestly, it's the last blocker for me, I want my users to be able to sync files on their desktop computers (or laptop) and this may not be easy.
It's probably more an issue with the desktop app, but I believe that you would know better than me...

Thanks again for the app and your dedication to it

Will this work with Nextcloud 15, or will changes be required?

Hello,
thank you for providing a app for nextcloud to allow to login with openid.
I tried it now successfully with selfhosted simpleid v1. This work really well.
Only Im facing the problem, that the account created from the openid, seems to use the "internal name" from the social login settings and the identity name. But due the identity is in the settings made as URL, like user.domain.com, with the internal name it looks in-user.domain.com.
This look really mess.

First, which configuration is necessary, that the social login app get the name of the user from openid identity file?

Second, is it possible to remove the requirement, that a internal name has to be set?

Thank you for your help

Edit: maybe something like Friendica it does, after the login with OpenID, to ask for a Full name and than use this for the profile

I don't know if I made a mistake or if it's Social Login, but it doesn't work.

The way I did it:

1. Go on: https://discordapp.com/developers/applications/
2. Create new Application
3. Set Custom Name
4. Copy Client ID + Client Secret and paste it in App id and Secret
5. Save

The Error: https://i.imgur.com/USOTX9o.png

Error in log (debug level)

I specified an openid configuration. If I remove it (none left), save the updated configuration and reload the "social logins" settings page, the configuration is still present.

How do I use this setting in Custom OAuth2?

I would use the name string from the profile response as 'Full name' in Nextcloud when a new account is created. Currently the 'Full name' is the Custom OAuth2 Internal Name + identifier. And that looks a bit weird. --> https://invisioncommunity.com/developers/rest-api?endpoint=core/me/GETindex

I have used 'name' as Profile Field, but I dont see it going anywere. Cant find any documentation about this either.

Would be nice if you configure a matching table of Nextcloud profile settings with the profile field from any custom oauth2 profile response.

Nextcloud -> Invision Community or any custom Oauth2
Profile picture -> photoUrl
Full name -> name
Email -> email
Phone number ->
Address ->
Website -> profileUrl
Twitter

see nextcloud/server#9816 as i dont want to post everywhere.

Thanks.

Would it be feasable or make sense to have "readable names" ?

Initially the users name is something like OIDC-GitLab-13c45d4c253d5dad3541d3d1.
Is it possible to use Gitlabs store details?