ferdium-app icon indicating copy to clipboard operation
ferdium-app copied to clipboard
verified publisher icon ferdium

Rocket.Chat oAuth window opens in browser

Open betterphp opened this issue 2 years ago • 12 comments

Avoid duplicates

  • [X] I agree to follow the Code of Conduct that this project adheres to.
  • [X] I have searched the issues tracker for a bug report similar to mine, in vain

Ferdium Version

6.5.2 (AppImage)

What Operating System are you using?

Ubuntu

Operating System Version

Ubuntu 23.04

What arch are you using?

x64

Last Known Working Ferdium version

No response

Expected Behavior

The login window should open in the app and the oAuth process should complete

Actual Behavior

The login window opens in Firefox (even with the open URLs in Ferdium setting enabled) which means there's no way to sign in.

Steps to reproduce

  1. Set up a self-hosted Rocket.Chat instance and configure SSO using GitLab
  2. Try and login

Debug link

No response

Screenshots

https://github.com/ferdium/ferdium-app/assets/788007/8ffec657-69f9-485d-a4f6-b717b0acfea9

Additional information

No response

betterphp avatar Oct 26 '23 10:10 betterphp

Also applies to 6.6.0 on windows and 6.5.2 on macOS. Here login is also not possible with custom oAuth provider configured in Rocket.Chat and with die pre-configured Nextcloud-oAuth settings.

ddomhoff avatar Nov 01 '23 12:11 ddomhoff

The same thing happens on 6.6.0 for me too (AppImage on Linux)

betterphp avatar Nov 02 '23 17:11 betterphp

I am getting the same behavior with my setup on Windows with 6.6.0

KalebVargo avatar Nov 13 '23 23:11 KalebVargo

Same issue here, on Mac:

  • Version: 6.6.0
  • Server: Ferdium Server
  • Electron: 27.0.1
  • Chrome: 118.0.5993.89
  • Node.js: 18.17.1
  • Platform: macOS 14.1.1
  • Arch: x64
  • Build date: Fri Oct 27 2023 02:32:01 GMT+0200

davidlafon avatar Dec 04 '23 14:12 davidlafon

you can right-click on the link and choose "Open link in Ferdium" - this is different from the setting.

vraravam avatar Jan 15 '24 05:01 vraravam

you can right-click on the link and choose "Open link in Ferdium" - this is different from the setting.

Sorry to say, but that does not help here.

I analyzed Rocket.Chat's login page when using CAS:

  • the login button is not an <a>, but a <button type="button">
  • neither the button nor the containing <form> have an action. The button seems to be bubbling to the <body> element.
  • In Rocket.Chat's source, I found in openCASLoginPopup.ts the function openCenteredPopup, which opens the login window: 
    const newwindow = window.open(url, 'Login', features);

if (!newwindow) {
	throw new Error('Could not open popup');
}

newwindow.focus();

return newwindow;

Would it be feasible to use user.js to replace the button with a real link? Or does this need another approach?

JochenLutz avatar Jan 15 '24 19:01 JochenLutz

  1. I dont use Rocket chat and so i can't comment on what it shows.
  2. you can try the user.js method, but again, i can't comment whether it would work or not.
  3. In Ferdium, we usually dont do such hacks that can change the page being rendered. Its left upto the user to decide and code such behavior

Also, please upgrade to the latest version before trying - so that we are all on the same page when referring to inconsistent behavior of the app

vraravam avatar Jan 16 '24 02:01 vraravam

I've found this hacky workaround waiting for issue to be resolved (I sadly have not time to give and almost no knowledge in Ferdium recipes baking...) :

  1. Login on your daily browser
  2. Open DevTools console, retrieve Meteor.loginToken from Local Storage : localStorage.getItem("Meteor.loginToken")
  3. Open Service Developer Tools console in Ferdium and insert the token in Local Storage: localStorage.setItem("Meteor.loginToken", "token")

Hope it helps !

remche avatar Jan 17 '24 20:01 remche

Great workaround @remche ! Thank you !

If you want to have autologin when you open Ferdium, you can edit Rocket.Chat service, then at bottom "Open user.js" and put this code :

module.exports = (config, Ferdium) => {
  // Write your scripts here
  console.log("Hello, World!", config);
  
  if (config.url.includes("your.rocket.chat.host.net")) {
    localStorage.setItem("Meteor.loginToken", "your-token");
  }
};

You can also create a personal access token that don't expire (on your Rocket.Chat host at /account/tokens path) instead of retrieving it on your browser :)

darylounet avatar Mar 12 '24 10:03 darylounet

Hello,

I would like to add my confirmation that this SSO bug is still present and reproducible in Ferdium v7.1.0 on Linux (Ubuntu).

The broken SSO flow led me to attempt the workaround provided by @remche / @darylounet , which uses a user.js script to inject a login token. This solution no longer works for our instance because it seems that our server has been updated to use secure sessions with HttpOnly cookies. As this is a standard security practice, it means this workaround is becoming obsolete, reinforcing the need for a another fix.

jmbiaudis avatar Sep 04 '25 08:09 jmbiaudis

Hi @jmbiaudis , the workaround was no longer working for us, i've just added a timer and now it works again :

module.exports = (config, Ferdium) => {
  if (config.url.includes("your.rocket.chat.host.net")) {
    setTimeout(function() {
      localStorage.setItem("Meteor.loginToken", "your-token");
    }, 4000);
  }
};

I hope it'll work for you too !

darylounet avatar Sep 04 '25 09:09 darylounet

Thanks @darylounet , i confirm it works again for us .

jmbiaudis avatar Sep 04 '25 10:09 jmbiaudis