Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Accept ToS during login flow v2 #989

Open
tobiasKaminsky opened this issue Oct 10, 2024 · 5 comments
Open

Accept ToS during login flow v2 #989

tobiasKaminsky opened this issue Oct 10, 2024 · 5 comments
Assignees
@max-nextcloud
Labels
1. to develop enhancement

Comments

@tobiasKaminsky
Copy link
Member

tobiasKaminsky commented Oct 10, 2024
edited by nickvergessen
Loading

Instead it would be best to let user accept ToS before grant access
@max-nextcloud
Copy link
Collaborator

Docs for login flow v2

...we have come up with a second login flow that uses the users default webbrowser to authenticate. Thus ensuring that if they can login via the web they can also login in the client.

To initiate a login do an anonymous POST request

curl -X POST https://cloud.example.com/index.php/login/v2

This will return a json object like

{
   "poll":{
        "token":"mQUYQdffOSAMJYtm8pVpkOsVqXt5hglnuSpO5EMbgJMNEPFGaiDe8OUjvrJ2WcYcBSLgqynu9jaPFvZHMl83ybMvp6aDIDARjTFIBpRWod6p32fL9LIpIStvc6k8Wrs1",
        "endpoint":"https:\/\/cloud.example.com\/login\/v2\/poll"
   },
   "login":"https:\/\/cloud.example.com\/login\/v2\/flow\/guyjGtcKPTKCi4epIRIupIexgJ8wNInMFSfHabACRPZUkmEaWZSM54bFkFuzWksbps7jmTFQjeskLpyJXyhpHlgK8sZBn9HXLXjohIx5iXgJKdOkkZTYCzUWHlsg3YFg"
}

The url in login should be opened in the default browser, this is where the user will follow the login procedure.

So I assume the behavior of that url is what needs to be changed to include the terms of services modal.

@max-nextcloud
Copy link
Collaborator

Looks like this is in core/Controller/ClientFlowLoginV2Controller.php
landing will redirect to showAuthPickerPage.
Which renders the loginflowv2/authpicker template.

@max-nextcloud
Copy link
Collaborator

My understanding is that normally terms of service are shown after the login. That does not seem easy in this case as after the login the server will already approve the desktop client.

So we would need to hook into that somewhere to delay it until the TOS has been accepted.

@max-nextcloud
Copy link
Collaborator

@nickvergessen what's your take on this? Any idea where we could hook into the server code?

@nickvergessen
Copy link
Member

nextcloud/registration#293 could be used as inspiration.
Basically server needs to provide an option to "add JS" and then this app here would listen to it,
add some frontend into the page and otherwise block "continuing":
https://github.com/nextcloud/terms_of_service/blob/master/lib/Listener/RegistrationIntegration.php

@max-nextcloud max-nextcloud moved this to 🏗️ In progress in 📝 Office team Nov 14, 2024
@max-nextcloud max-nextcloud self-assigned this Nov 14, 2024
@max-nextcloud max-nextcloud moved this from 🏗️ In progress to 📄 To do (~10 entries) in 📝 Office team Dec 18, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@max-nextcloud max-nextcloud

Labels
1. to develop enhancement
Projects
📝 Office team
Status: 📄 To do (~10 entries)
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nickvergessen @tobiasKaminsky @max-nextcloud