Skip to content
This repository has been archived by the owner on Jan 14, 2021. It is now read-only.

rob1998/nextcloud-social-login

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

388 Commits

3rdparty

3rdparty

 
 

appinfo

appinfo

 
 

css

css

 
 

docs/sso

docs/sso

 
 

img

img

 
 

js

js

 
 

l10n

l10n

 
 

lib

lib

 
 

src

src

 
 

templates

templates

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

CHANGELOG.md

CHANGELOG.md

 
 

COPYING

COPYING

 
 

README.md

README.md

 
 

package-lock.json

package-lock.json

 
 

package.json

package.json

 
 

release.sh

release.sh

 
 

webpack.js

webpack.js

 
 

Repository files navigation

Social login

Make possible create users and login via Telegram, OAuth or OpenID

For OAuth you must create app for certain providers. Login button appear at login page if app id specified. Settings are in "Social login" section of settings page.

Installation

Login to your NextCloud installation as an administrator and under "Apps" click "Download and enable" next to the "Social Login" app.

See below for setup and configuration instructions.

Custom OAuth2/OIDC groups

You can use groups from your custom provider. For that you should specify "Groups claim" in custom OAuth2/OIDC provider settings. That claim should be returned from provider in id_token or at user info endpoint. Format should be array or comma separated string. Eg (with claim named roles)

{"roles": ["admin", "user"]}
or
{"roles": "admin,user"}

Also nested claims is supported. For example resource_access.client-id.roles for

"resource_access": {
   "client-id": {
     "roles": [
       "client-role-1",
       "client-role-2"
     ]
   }
}

You can use provider groups in two ways:

  1. Map provider groups to existing nextcloud groups
  2. Create provider groups in nextcloud and associate it to user (if appropriate option specified)

If you want sync groups on every login do not forget to check "Update user profile every login" setting

You can find example how to configure WSO2IS for return roles claim with OIDC at https://medium.com/@dewni.matheesha/claim-mapping-and-retrieving-end-user-information-in-wso2is-cffd5f3937ff

Built-in OAuth providers

You can copy link of certain login button to get proper "redirect url" for OAuth app setting.

Details about "Allow login only from specified domain" google setting you can find here #44 You can use comma separated list for multiple domains

Config

You can use 'social_login_auto_redirect' => true setting in config.php for auto redirect unauthorized users to social login if only one provider is configured. If you want to temporary disable this function (e.g. for login as local admin), you can add noredir=1 query parameter in url for login page. Something like https://cloud.domain.com/login?noredir=1

Hint

About Callback(Reply) Url

You can copy link from specific login button on login page and paste it on provider's website as callback url! Some users may get strange reply(Callback) url error from provider even if you pasted the right url, that's because your nextcloud server may generate http urls when you are actually using https. Please set 'overwriteprotocol' => 'https', in your config.php file.

About

No description, website, or topics provided.

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

103 tags

Packages

No packages published

Languages

  • PHP 66.1%
  • JavaScript 18.7%
  • Vue 10.6%
  • Shell 2.4%
  • SCSS 2.2%