Nextcloud as auth source

[poVoq]

Description

Would be cool if your own Nextcloud instance would work with Oauth2/OIDC like requested by someone else here:
https://discourse.gitea.io/t/nextcloud-as-an-oauth2-authentication-source/1119

When trying to do it with the generic OIDC it results in a 500 error as apparentl the .well-known stuff is not working.

Details on the Nextcloud sinde of things can be found here:
https://docs.nextcloud.com/server/16/admin_manual/configuration_server/oauth2.html
Its a quite new feature and might not work quite like expected.

Thanks for looking into it!

[lafriks]

It should be easy to add as library we use (https://github.com/markbates/goth) does already support nextcloud

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs during the next 2 weeks. Thank you for your contributions.

[poVoq]

any chance this might still make it into 1.9.0?

[lunny]

1.9.0 has been freezed and currently there is no PR for this.

[Turakar]

I would also be interested in this :)

[fazlerabbi37]

@Turakar did you start working on this?

[Turakar]

Nope, chronic lack of free time ^^ With my small user base, creating separate accounts on both services was ok.

[wioxjk]

I am also very interested in this feature

[githubkoma]

Some more Info:

I already tried to use the GitLab-OAuth2-Template, but that fails because of the following:

1. This is the first not-working step when getting the user object, as the token is sent as URL-Parameter instead of Bearer-Token in Header:

Gitea Log:
2020/02/29 12:13:52 routers/user/auth.go:590:handleOAuth2SignIn() [E] UserSignIn: Nextcloud responded with a 401 trying to fetch user information

1.1 In Comparison how it looks like for Rocket.Chat as OAuth client, where it works:

2. This is the JSON String that the user-endpoint of nextcloud sends back if authenticated successfuly (i am not sure if the escapes in storageLocation are because of extracting this from wireshark..):

{"ocs":{"meta":{"status":"ok","statuscode":200,"message":"OK"},"data":{"storageLocation":"\/var\/www\/html\/data\/dummy","id":"dummy","lastLogin":1583084839000,"backend":"LDAP","subadmin":["self-registered"],"quota":{"free":2832472,"used":12896168,"total":15728640,"relative":81.99,"quota":15728640},"email":"dummy@gmail.com","phone":"","address":"","website":"","twitter":"","groups":["paid-users"],"language":"en","locale":"","backendCapabilities":{"setDisplayName":false,"setPassword":true},"display-name":"dummy"}}}

[githubkoma]

<3 @lafriks @techknowlogick