Michael Barz
Michael Barz
No, full disagreement.
Works as designed. Any Wopi app can download.
We have that. Combination of the wopi token together with the wopi proof keys.
I am just pushing back on the classification as bug. we were discussing this broadly during the implementation phase. feels like a waste of energy to discuss that again.
> Why on earth would we do that if any app provider app can be used in secure view shares? it cannot. The flag works fine for the UI. @ScharfViktor...
I think we are aware of the different implications of that. @tbsbdr please decide if that needs more effort. At least we need to document that proofkeys need to be...
Please disable dynamic client registration on your keycloak if you want to use the public client id and secret. Do you know how to do it? I did it on...
Some background https://www.keycloak.org/securing-apps/client-registration
I think I achieved my goal by blocking the redirect url of the client in „client policies“.
I do it like https://github.com/owncloud/client/issues/11940#issuecomment-2423778806