Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Authentication issue with BasicAuth and external URL #239

Open
ludovicsclain opened this issue Oct 16, 2023 · 0 comments
Open

Authentication issue with BasicAuth and external URL #239

ludovicsclain opened this issue Oct 16, 2023 · 0 comments
Labels
0. Needs triage bug Something isn't working

Comments

@ludovicsclain
Copy link

ludovicsclain commented Oct 16, 2023
edited

Hey there,

I'm trying to use user_external plugin with BasicAuth authentication to authenticate users of my NextCloud instance via external API (Flask). However, I encounter an issue where NextCloud returns the error: "ERROR: Mis-configured BasicAuth Url: [my_url], provided URL does not do authentication!".

Here's what I've done so far:

I have configured my Flask API to return a WWW-Authenticate header when credentials are not provided.
When valid credentials are provided, my Flask API queries my WordPress site to verify those credentials.
If the credentials are valid, the API returns an HTTP status code 200. Otherwise, it returns a 403 code.
I've verified that my Flask API works as expected using Postman and other tools. However, when I try to log in via NextCloud, I get the error mentioned above.

I also looked at the plugin code and found that the error is triggered when the WWW-Authenticate header is not found in my API response. However, my logs clearly show that this header is present.

Has anyone encountered this problem before or could help me debug this situation? Any help would be greatly appreciated.

Thanks in advance.

Steps to reproduce

  1. Set up the user_external app with BasicAuth pointing to an external Flask API for authentication.
  2. The Flask API checks credentials against a WordPress site.
  3. Try to log in to Nextcloud using valid WordPress credentials.

Expected behaviour

Successful authentication and access to Nextcloud.

Actual behaviour

Receiving error: "ERROR: Mis-configured BasicAuth Url: [my_url], provided URL does not do authentication!".

Affected Authentication backend

BasicAuth with an external Flask API.

Server configuration

User External App version: 3.2.0

Operating system: Linux

Web server: (Your web server type, e.g., Apache, Nginx)

Database: Type: mysql, Version: 8.0.31

PHP version: Version: 7.4.32

Nextcloud version: 25.0.10

Logs

Nextcloud log (data/nextcloud.log)

Nextcloud log 
{"reqId":"ZS1CV7EPZtBue9XU-1eGoAAAADw","level":3,"time":"2023-10-16T14:01:59+00:00","remoteAddr":"111.11.11.111","user":"--","app":"user_external","method":"POST","url":"/login","message":"ERROR: Mis-configured BasicAuth Url: https://monapi/nextcloud-auth, provided URL does not do authentication!","userAgent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36","version":"25.0.10.1","data":{"app":"user_external"}}
{"reqId":"ZS1CV7EPZtBue9XU-1eGoAAAADw","level":2,"time":"2023-10-16T14:01:59+00:00","remoteAddr":"111.11.11.111","user":"--","app":"no app in context","method":"POST","url":"/login","message":"Login failed: xxxxxxx.xxxxx@gmail.com (Remote IP: xxx.xx.xx.xxx)","userAgent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36","version":"25.0.10.1","data":[]}
@ludovicsclain ludovicsclain added 0. Needs triage bug Something isn't working labels Oct 16, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
0. Needs triage bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ludovicsclain