Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[QA] admin cannot login, when basic_auth_guest_only is true #261

Closed
jnweiger opened this issue Oct 4, 2022 · 8 comments
Closed

[QA] admin cannot login, when basic_auth_guest_only is true #261

jnweiger opened this issue Oct 4, 2022 · 8 comments
Assignees
@DeepDiver1975

Comments

@jnweiger
Copy link
Contributor

jnweiger commented Oct 4, 2022

Seen while testing openidconnect 2.2.0-rc.6 with core 10.11.0

  • Restrict basic auth to guests only: occ config:system:set openid-connect.basic_auth_guest_only --value true --type boolean
  • Try to log in the admin user with basic auth.
  • An error occurs. BAD
    image

Expected behaviour:

  • admin can always log in.
@jnweiger jnweiger mentioned this issue Oct 4, 2022
Closed
3 tasks
@DeepDiver1975
Copy link
Member

Works as designed. Only guests 🤷

@jnweiger jnweiger mentioned this issue Oct 5, 2022
Closed
42 tasks
@DeepDiver1975
Copy link
Member

I suggest to revert #253 and get this release rolling.

We have customers waiting for other features of this release.

@jvillafanez @hodyroff @jnweiger objections

@jvillafanez
Copy link
Member

#265 would fix this, but we need to decide what to do with the feature as a whole

@DeepDiver1975
Copy link
Member

Absolutly

@DeepDiver1975
Copy link
Member

revert pr created ...... so that we are prepares once the decision is there ..... #268

@jnweiger
Copy link
Contributor Author

I agree with the revert and move everything to work with groups. #265 could carry guests and admin group to fix my case.
The naming of the key in #265 is weird then and should be simplified.

@jnweiger jnweiger reopened this Jan 24, 2023
@jnweiger
Copy link
Contributor Author

jnweiger commented Jan 24, 2023
edited
Loading

@DeepDiver1975
I cannot confirm that the code is working with 2.2.0-rc.7

  • occ config:system:set openid-connect.basic_auth_guest_only --value true --type boolean
  • Now only admin and guests should be able to log in via basic auth.
  • user einstein is neither admin group nor guests group, and can log in. BAD.

With 10.11.0 and openidconnect-2.2.0-rc.7 installed:

/var/www/owncloud# find . -name \*.php | xargs grep basic_auth_guest_only
/var/www/owncloud#

With daily master and openidconnect-2.2.0-rc.7 installed:

/var/www/owncloud# find . -name \*.php | xargs grep basic_auth_guest_only
/var/www/owncloud#

/var/www/owncloud# find . -name *.php | xargs grep basic_auth_guest_only
./config/config.apps.sample.php: * Possible keys: openid-connect.basic_auth_guest_only BOOL
./config/config.apps.sample.php:'openid-connect.basic_auth_guest_only' => false,
./config/config.php: 'openid-connect.basic_auth_guest_only' => true,
/var/www/owncloud#

@DeepDiver1975
Copy link
Member

We removed this feature. It will be implemented in core. Out of scope

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@DeepDiver1975 DeepDiver1975

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@DeepDiver1975 @jnweiger @jvillafanez