Andreas/wekan
1
0
Fork 0
mirror of https://github.com/wekan/wekan.git synced 2025-12-24 03:10:12 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 5

Implemented Nextcloud OAuth2 Hack

Browse source 
Fixed: OAuth2 authentication via Nextcloud(tested Nextcloud 17.0.2-18.0.0)
Todo: actually use the profile data: Fullname and Email in Profile
This commit is contained in:
Bojan Hartmann 2020-01-22 22:28:03 +01:00
parent 70f5326099
commit 7bba07ccbf
2 changed files with 26 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

25
docker-compose.yml
View file

@ -342,6 +342,31 @@ services:
# Tthe claim name you want to map to the email field: # Tthe claim name you want to map to the email field:
#- OAUTH2_EMAIL_MAP=email #- OAUTH2_EMAIL_MAP=email
#----------------------------------------------------------------- #-----------------------------------------------------------------
# ==== OAUTH2 Nextcloud ====
# 1) Register the application with Nextcloud: https://your.nextcloud/settings/admin/security
# Make sure you capture the application ID as well as generate a secret key.
# 2) Configure the environment variables. This differs slightly
# by installation type, but make sure you have the following:
#- OAUTH2_ENABLED=true
# OAuth2 login style: popup or redirect.
#- OAUTH2_LOGIN_STYLE=redirect
# Application GUID captured during app registration:
#- OAUTH2_CLIENT_ID=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx
# Secret key generated during app registration:
#- OAUTH2_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
#- OAUTH2_SERVER_URL=https://your-nextcloud.tld
#- OAUTH2_AUTH_ENDPOINT=/index.php/apps/oauth2/authorize
#- OAUTH2_USERINFO_ENDPOINT=/ocs/v2.php/cloud/user?format=json
#- OAUTH2_TOKEN_ENDPOINT=/index.php/apps/oauth2/api/v1/token
# The claim name you want to map to the unique ID field:
#- OAUTH2_ID_MAP=id
# The claim name you want to map to the username field:
#- OAUTH2_USERNAME_MAP=id
# The claim name you want to map to the full name field:
#- OAUTH2_FULLNAME_MAP=display-name
# Tthe claim name you want to map to the email field:
#- OAUTH2_EMAIL_MAP=email
#-----------------------------------------------------------------
# ==== OAUTH2 KEYCLOAK ==== # ==== OAUTH2 KEYCLOAK ====
# https://github.com/wekan/wekan/wiki/Keycloak <== MAPPING INFO, REQUIRED # https://github.com/wekan/wekan/wiki/Keycloak <== MAPPING INFO, REQUIRED
#- OAUTH2_ENABLED=true #- OAUTH2_ENABLED=true

1
packages/wekan-oidc/oidc_server.js
View file

@ -10,6 +10,7 @@ OAuth.registerService('oidc', 2, null, function (query) {
var expiresAt = (+new Date) + (1000 * parseInt(token.expires_in, 10)); var expiresAt = (+new Date) + (1000 * parseInt(token.expires_in, 10));
var userinfo = getUserInfo(accessToken); var userinfo = getUserInfo(accessToken);
if (userinfo.ocs) userinfo = userinfo.ocs.data; // Nextcloud hack
if (debug) console.log('XXX: userinfo:', userinfo); if (debug) console.log('XXX: userinfo:', userinfo);
var serviceData = {}; var serviceData = {};