nextcloud_ynh
nextcloud_ynh copied to clipboard
YunoHost-Apps
404 when logging out from the nextcloud interface (when not installed on the main domain?)
from the nextcloud interface, when disconnecting we hit the url /yunohost/sso/?action=logout
this triggers a 404 error
clicking the disconnect button from the yunohost portal, we hit the same url, but we are redirected to the portal login page afterwards.
Strange : can not confirm loggued by https://maison.example.org/yunohost/sso/ , go on https://maison.example.org/nextcloud/ , log out , come back to https://maison.example.org/yunohost/sso/ without issue.
I can confirm this issue still exists with latest version 12.0
Here is my setup:
- I have default domain A
- Nextcloud is installed on domain B
- Yunohost SSO is configured on domain B
- When I logout the following url is requested returning a 404
https://A/yunohost/sso/?action=logout
Accessing https://B/yunohost/sso/?action=logout returns normal SSO login form.
Thanks for your input!
When looking at it, it seems due to this: we specifically look for the main domain where we should maybe point to the app domain.
You could try tuning this in /var/www/nextcloud/config/config.php to confirm your analysis.
@JimboJoe Thank you very much for your quick feedback and the great work!
To confirm your prosposal:
Manually changing the value of logout_url in /var/www/nextcloud/config/config.php to the application domain has fixed the issue.
Am I correct in the assumption that this issue is specific to my setup of having the yunohost portal run on a non-default domain? If I recall correctly this step required manual tinkering with the nginx config files. So this is probably not a bug then but rather a manual configuration requirement. Maybe this should be documented in the readme?
As I already mentioned, I can't reproduce this issue. Maybe it is linked with your modifications, so the first steps, if we want to capitalize on your experience, would be that you describe precisely here what you did ;-)
Ok, here is how I achieved non-default domain to be portal domain:
Given: default domain A, domain B (e.g. as configured in yunohost admin "domains" menu)
Configuration:
in /etc/ssowat/conf.json.persistent I set something like this:
...
{
"portal_domain": "B",
"redirected_urls": {},
"redirected_regex": {
"B/yunohost[\\/]?$": "https://B/yunohost/sso/"
},
...
}
Does this help to reproduce?
@mofoch This happens because your default domain is configured to A in /etc/ssowat/conf.josn i.e. "portal_domain": "a.tld" and you have overridden the default domain A to domain B for SSO by adding the domain B in /etc/ssowat/conf.json.persistent i.e. "portal_domain": "B". So the default domain is considered to be A by YunoHost but only for SSO its domain B. This happens to me as well. I had domain.tld as my default domain, later I wanted login.domain.tld as my SSO without changing the default domain domain.tld for postfix ,and other apps configured by YunoHost. You can try:
- Try adding
"redirected_urls": { "a.tld/yunohost/" : "b.tld/yunohost/"}in /etc/ssowat/conf.json.persistent and then doyunohost app ssowatconf. I don't know how YunoHost redirection work, so I am not sure about this method. Please acknowledge back if it works (so that I can implement this rather then method 2 which I am using right now). - Create a file redirect.conf in /etc/nginx/conf.d/a.tld.d/ and add the following lines in redirect.conf :
location /yunohost/sso {
return 301 $scheme://b.tld$request_uri;
}
then restart nginx service nginx restart . Or you can even use YunoHost redirect app for implementing method 2 which gives advantage of backup and restore.
It's not clear if this bug is still effective ... there's been a lot of movement in ssowat since then
