nextcloud as auth provider for postorius
Hello,
have anybody successful setup nextcloud auth provider for postorius? I have done configured the OAuth 2.0-Client in nextcloud/index.php/settings/admin/security. I have add the nexcloud as social application in mailman3/admin/socialaccount/socialapp/. If i try to login via nexcloud, postorius redirect me to the nextcloud, where i successful login, and redirected to postorius But i'm not logged in postorius.
what I'm missing? Have anybody a howto?
Thanks Falk
Hi Falk,
Social logins are mediated by django-allauth.
Have you configured this properly in your settings.py? (See https://docs.allauth.org/en/latest/socialaccount/providers/nextcloud.html)
Are there any errors in your mailman logs?
Regards, --Jered
----- On Dec 1, 2023, at 7:08 AM, mailman3--- via Mailman-users mailman-users@mailman3.org wrote:
Hello,
have anybody successful setup nextcloud auth provider for postorius? I have done configured the OAuth 2.0-Client in nextcloud/index.php/settings/admin/security. I have add the nexcloud as social application in mailman3/admin/socialaccount/socialapp/. If i try to login via nexcloud, postorius redirect me to the nextcloud, where i successful login, and redirected to postorius But i'm not logged in postorius.
what I'm missing? Have anybody a howto?
Thanks Falk
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ Archived at: https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/...
This message sent to jered@convivian.com
Hi Jerred,
the setting are:
INSTALLED_APPS = ( ... 'allauth.socialaccount.providers.nextcloud', ) SOCIALACCOUNT_PROVIDERS = {
... 'nextcloud': { 'SERVER': 'https://website/cloud/index.php', 'EMAIL_AUTHENTICATION': True, }, }
the OAuth 2.0-Clients settings in nextcloud are:
Name mailman redirection-URI https://website/mailman3/postorius/lists/ Client-Identitifier: XXX Secret ****
no errors in the log file.
any hints to debug this?
thanks Falk Am 01.12.23 um 21:25 schrieb Jered Floyd:
Hi Falk,
Social logins are mediated by django-allauth.
Have you configured this properly in your settings.py? (See https://docs.allauth.org/en/latest/socialaccount/providers/nextcloud.html)
Are there any errors in your mailman logs?
Regards, --Jered
----- On Dec 1, 2023, at 7:08 AM, mailman3--- via Mailman-users mailman-users@mailman3.org wrote:
Hello,
have anybody successful setup nextcloud auth provider for postorius? I have done configured the OAuth 2.0-Client in nextcloud/index.php/settings/admin/security. I have add the nexcloud as social application in mailman3/admin/socialaccount/socialapp/. If i try to login via nexcloud, postorius redirect me to the nextcloud, where i successful login, and redirected to postorius But i'm not logged in postorius.
what I'm missing? Have anybody a howto?
Thanks Falk
Mailman-users mailing list -- mailman-users@mailman3.org To unsubscribe send an email to mailman-users-leave@mailman3.org https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ Archived at: https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/...
This message sent to jered@convivian.com
-- Ochsenweberstr. 43a 22419 Hamburg +49 176 48183883
On 12/2/23 00:56, Falk Hackenberger via Mailman-users wrote:
Name mailman redirection-URI https://website/mailman3/postorius/lists/ Client-Identitifier: XXX Secret ****
The redirect URI should be something like https://website/accounts/nextcloud/login/callback/
-- Mark Sapiro <mark@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan
mailman3--- via Mailman-users writes:
If i try to login via nexcloud, postorius redirect me to the nextcloud, where i successful login, and redirected to postorius But i'm not logged in postorius.
I don't know of a howto for Mailman and socialauth.
The socialauth I've configured has been for corporate environments, so there was a ground source of truth for IDs that happened to also provide the ground source of truth for email addresses. So everything just worked and there was no debugging to do. :-(
First, you need to understand that there's no automatic connection between your socialauth identity and your Mailman identity, and that your email address is not your Mailman identity, although it is linked to your Mailman identity.[1]
Now, the traditional identity in email is an email address, and the authentication procedure is to make the user prove they can read the mailbox. That is still necessary, so email addresses are still very closely bound to the identity (Mailman User object). Then there are these questions:
- Does Nextcloud provide an email address as identifying information?
- Is it the right address (ie, one of the ones linked to your Postorius login)?
- Is that address verified in Postorius?
If none of those questions help you figure out the problem, you'll need to explain exactly what data Nextcloud is providing to Django socialauth, and how Django socialauth is supposed to connect that to a Postorius/Mailman User object.
Steve
Footnotes: [1] The identities in Mailman are quite complex. From Mailman's point of view, the identity is in a User object in Mailman core's database. That User is *not* exposed to world, instead, a separate application (Postorius in your case, and for most sites) provides a proxy object that automatically synchronizes with the core User object. Besides the proxy object, Postorius also provides authentication services. Those services are delegated to Django, which handles both traditional password authentication as well as "socialauth". Then the socialauth plugin receives some kind of identifier (not an identity!) from the identity provider.
participants (5)
-
Falk Hackenberger -
Jered Floyd -
mailman3@huckley.de
-
Mark Sapiro -
Stephen J. Turnbull