You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After being idle for a while, making changes to the settings in the admin site require password confirmation: "This action requires you to confirm your password".
Obviously this is impossible for users on this backend as there is no way to confirm their SSO password.
It seems they have a hardwired list of backends to exclude from this confirmation, of which nextcloud-social-login is not one. The solution may be to implement IPasswordConfirmationBackend and have canConfirmPassword() always return false, but I don't know what other effects this may have.
The text was updated successfully, but these errors were encountered:
I can understand "what you don't like" )
Users that created via social login doesn not know their passwords.
They should be to have opportunity to change it.
The entire point of SSO is that they have one password at the IdP - single sign on.
Making them create a Nextcloud password as well defeats the object. Why even bother with SSO then? We might as well just create users and have them do password resets. And then they have to maintain another password. So why did we implement SSO?
After being idle for a while, making changes to the settings in the admin site require password confirmation: "This action requires you to confirm your password".
Obviously this is impossible for users on this backend as there is no way to confirm their SSO password.
The relevant code appears to be here: https://github.com/nextcloud/server/blob/0d0fcd316a6b556cabf656cd7bdca63da26aab2d/lib/private/Template/JSConfigHelper.php#L123
It seems they have a hardwired list of backends to exclude from this confirmation, of which nextcloud-social-login is not one. The solution may be to implement IPasswordConfirmationBackend and have canConfirmPassword() always return false, but I don't know what other effects this may have.
The text was updated successfully, but these errors were encountered: