Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FEATURE REQUEST] [OIDC] Branding option to remove login_hint and user parameter from re-login URL #4288

Closed
10 tasks done
michaelstingl opened this issue Jan 19, 2024 · 3 comments · Fixed by #4291
Closed
10 tasks done

[FEATURE REQUEST] [OIDC] Branding option to remove login_hint and user parameter from re-login URL #4288

michaelstingl opened this issue Jan 19, 2024 · 3 comments · Fixed by #4291
Assignees
@JuancaG05
Labels
Estimation - 3 (M) Feature request p2-high Escalation, on top of current planning, release blocker
Milestone
4.2 - Current

Comments

@michaelstingl
Copy link
Contributor

michaelstingl commented Jan 19, 2024
edited by JuancaG05

Is your feature request related to a problem? Please describe.

The ownCloud-internal username not always works fine on the OpenID Connect IdP. When ownCloud clients append &login_hint=test&user=test to the re-login URL, in some cases the IdP has no way to let the user log in again.

Describe the solution you'd like

I'd need a branding option to remove "login_hint" and "user" parameter from re-login URL.

Describe alternatives you've considered

We discussed requesting other user attributes from the /ocs/v1.php/cloud/user endpoint, and using those for the "login_hint" and "user", but it sounds like a nightmare to maintain and test.

Additional context

Re-login URL:

https://demo.owncloud.com/index.php/apps/oauth2/authorize?response_type=code
&client_id=xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69
&redirect_uri=http://localhost:61901
&code_challenge=DSdzUn4on0L_NTAXYQ-_Iwk8y2KGsn9bzatz0roYy5I
&code_challenge_method=S256
&scope=openid offline_access email profile
&prompt=select_account consent
&state=ifvvlCpuaSiQxC7UhvjyHoXWFFDgvaltQmkr7wLiQPM%3D
&login_hint=test
&user=test

TASKS

  • Research (if needed)
  • Create branch feature/login_hint_and_user_brandables
  • Development tasks
    • Add login_hint parameter in the login URL
    • Create new brandable parameter in setup.xml to indicate whether sending or not these 2 parameters in login
    • Create new MDM parameter to indicate whether sending or not these 2 parameters in login
  • Code review and apply changes requested
  • Design test plan
  • QA
  • Merge branch feature/login_hint_and_user_brandables into master

@JuancaG05 @Aitorbp @jesmrec any chance we can get this in the upcoming 4.2 release?

/cc @steelcuts
@michaelstingl michaelstingl added p2-high Escalation, on top of current planning, release blocker Feature request labels Jan 19, 2024
@michaelstingl michaelstingl added this to the 4.2 - Current milestone Jan 19, 2024
This was referenced Jan 19, 2024
Open
Closed
@michaelstingl
Copy link
Contributor Author

Related:

@Aitorbp
Copy link
Contributor

Aitorbp commented Jan 19, 2024

We will take a look, I think it could be in the upcoming 4.2 release. 👍 @michaelstingl

@JuancaG05 JuancaG05 self-assigned this Jan 19, 2024
@jesmrec jesmrec added the Sprint label Jan 19, 2024
@jesmrec
Copy link
Collaborator

jesmrec commented Jan 19, 2024

  1. Add login_hint
  2. Add branding / MDM parameter

Default: true ¿?

@JuancaG05 JuancaG05 changed the title [FEATURE REQUEST] [OIDC] Branding option to remove "login_hint" and "user" parameter from re-login URL [FEATURE REQUEST] [OIDC] Branding option to remove login_hint and user parameter from re-login URL Jan 22, 2024
@JuancaG05 JuancaG05 mentioned this issue Jan 22, 2024
Merged
1 task
@JuancaG05 JuancaG05 linked a pull request Jan 22, 2024 that will close this issue
[FEATURE REQUEST] [OIDC] Branding option to remove login_hint and user parameter from re-login URL #4291
Merged
1 task
@jesmrec jesmrec removed the Sprint label Feb 9, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@JuancaG05 JuancaG05

Labels
Estimation - 3 (M) Feature request p2-high Escalation, on top of current planning, release blocker
Projects
None yet
Milestone
4.2 - Current
4 participants
@michaelstingl @jesmrec @Aitorbp @JuancaG05