Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wrong redirect if already authenticated with SSO #766

Open
robertmx opened this issue Jan 20, 2024 · 0 comments
Open

Wrong redirect if already authenticated with SSO #766

robertmx opened this issue Jan 20, 2024 · 0 comments

Comments

@robertmx
Copy link

Dear devs,

thank you very much for this app. I integrated Nextcloud with keycloak and see a redirect error if I am already authenticated with Keycloak.

Steps to reproduce:

  1. Get a valid session with keycloak by logging in to some other service on the same realm
  2. Access the nextcloud base url (https://xxx.tld/nextcloud/)
  3. Observe the following 302 redirects: (https://xxx.tld/nextcloud/login --> https://xxx.tld/nextcloud/apps/user_oidc/login/1 --> https://xxx.tld/nextcloud/index.php_oidc/login/1)
  4. The last redirect results in a 404 not found, because the URL does not exists. Note the index.php_oidc/login/1 part that looks wrong to me.

What I think is happening

user_oidc is checking with keycloak for authentication, realizes the session is already authenticated with keycloak, authenticates the user with nextcloud and immediately tries to redirect back to nextcloud. But somehow the redirect URL gets mangled.
This error does not occur when logging in directly with nextlcoud, e.g. with no prior authentication with keycloak.

Cheers
Robert
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@robertmx