Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

nextcloud as an single-sign-on (SSO) Backend #716

Closed
inos-github opened this issue Aug 3, 2016 · 9 comments
Closed

nextcloud as an single-sign-on (SSO) Backend #716

inos-github opened this issue Aug 3, 2016 · 9 comments
Labels
1. to develop Accepted and waiting to be taken care of enhancement

Comments

@inos-github
Copy link

inos-github commented Aug 3, 2016
edited
Loading

What I am looking for is a way to use nextcloud as a SSO-Backend (little bit like github SSO) to authenticate users for another web-app. There are a lot of installations on hosted servers without the opportunity to install ldap or a similar service for SSO - authentication.

First of all, I am NOT a programmer so I might be totally wrong with my thoughts...

  • there should be Settings for admins (optionally group-admins) containing:
    • appURL (the URL to be called after authentication)
    • appKey
    • appSecret
    • option for setting a cookie if user is logged in already
  • there should be a nextcloud URL to be called with the hashed appKey as parameter
    • eg: https://my.cloud.com/auth?<hashed appKey salted with appSecret>
    • then the app should verify the calling domain and the appKey against the settings
    • a login screen should be provided
    • after successful login, the app sends back all information available for the user, loging in:
      • eg: ID, DisplayName, all Groups user is member, Mail, Language, TimeZone, ...
      • the answer should be hashed again using appSecret as salt
  • optionally: if the user is logged-in to nextcloud already, a cookie should be set and all the information passed without another authentication.

If all this (or a similar solution) exists already and I did not found it, please give me some hints how I can proceed.

Thank you for your great work!
Martin
@inos-github inos-github mentioned this issue Aug 4, 2016
Closed
@eppfel eppfel mentioned this issue Nov 22, 2016
Open
@coderkun
Copy link
Contributor

For OpenID Connect this would be an identity provider, right? Having an app in Nextcloud for this would be great!

@coderkun coderkun mentioned this issue May 14, 2017
Closed
@poVoq
Copy link

poVoq commented Jul 29, 2017

A bit of a workaround, but this this you can use your Nextcloud db as a auth backend for SimpleSAMLphp (not really tested and experimental):
https://github.com/poVoq/simplesamlphp-module-sqlauthphppassword

@nextcloud-bot nextcloud-bot added the stale Ticket or PR with no recent activity label Jun 20, 2018
@hex-m
Copy link

hex-m commented Feb 11, 2019

OpenID Connect (OIDC) is being worked on.

@nextcloud-bot nextcloud-bot removed the stale Ticket or PR with no recent activity label Feb 11, 2019
@inos-github
Copy link
Author

OpenID Connect (OIDC) is being worked on.

sounds great - Thanks!

@yrammos
Copy link

yrammos commented May 10, 2020

OpenID Connect (OIDC) is being worked on.

Is it really? Am afraid not.

@WoodpeckerBaby
Copy link

keep alive

@tekhnee
Copy link
Member

tekhnee commented Jul 1, 2020

Apparently it is being worked on indeed: https://apps.nextcloud.com/apps/user_oidc

@skjnldsv skjnldsv added 0. Needs triage Pending check for reproducibility or if it fits our roadmap 1. to develop Accepted and waiting to be taken care of and removed 0. Needs triage Pending check for reproducibility or if it fits our roadmap labels Aug 20, 2020
@LorbusChris
Copy link
Contributor

user_oidc is to use an OIDC server as user backend for nextcloud, not to use nextcloud as an OIDC backend.

However, as @Thesola10 mentioned in #8846 (comment),
https://apps.nextcloud.com/apps/solid looks like it could serve as an OIDC provider

@fschrempf
Copy link

I think this is out-of-scope for the Nextcloud server core, but it's already available as third-party app (https://github.com/H2CK/oidc).

@fschrempf fschrempf closed this as not planned Won't fix, can't repro, duplicate, stale Nov 15, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
1. to develop Accepted and waiting to be taken care of enhancement
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests