user_external icon indicating copy to clipboard operation
user_external copied to clipboard

Published 20 hours ago • verified publisher icon nextcloud

External auth via POST

Open sebastiansterk opened this issue 5 years ago • 7 comments

Is your feature request related to a problem? Please describe. I have an external system to manage and authenticate users. I can't give nextcloud to this system, but I want to give users, managed by that system access to nextcloud.

Describe the solution you'd like Calling an API would be a solution to perform authentication. Nextcloud is just doing the communication to the API and provides a token, a username and a password. The system checks the provided data and sends a response if the authentication was successful or not. My idea: Nextcloud ---- POST DATA (token, user, pass) ----> domain.tld/auth.php ----> perform some checks ------ auth successful or not ---> Nextcloud

Additional context I would love to implement this feature, but before starting with the implementation, we should discuss whether we want to have this feature or not.

sebastiansterk avatar Aug 25 '19 20:08 sebastiansterk

In general there is nothing that would speak against this... What kind of external system to manage users/authentication would this be? The auth.php, is it custom made by you? Would you provide an example somewhere for others to adapt?

violoncelloCH avatar Aug 31 '19 08:08 violoncelloCH

What kind of external system to manage users/authentication would this be?

That's the point. I want to implement something that supports a self-developed authentication solution. So this authentication part is handled by something else, we're just checking if the external authentication endpoint says the user can access the cloud instance or not. Of course I can provide an example of this auth.php, but I don't want to establish a new authentication standard, I just want to allow very flexible external user access to the cloud without doing the authentication on nextcloud level. Just simply relying on a third-party authenticator/authentication.

sebastiansterk avatar Sep 12 '19 17:09 sebastiansterk

okay, I see... yes I think it makes sense to have this in user_external... :)

violoncelloCH avatar Oct 05 '19 15:10 violoncelloCH

Nice. I try to refine my code and will share it here to do a review.

sebastiansterk avatar Oct 27 '19 17:10 sebastiansterk

Sorry for the delay. Will start working on it in the next few days.

sebastiansterk avatar Jan 19 '21 21:01 sebastiansterk

@violoncelloCH please check the linked PR.

sebastiansterk avatar Jan 20 '21 19:01 sebastiansterk

Hi, i also need this functionality to nextcloud but i can see the issue was not closed and this development is not in master branch. Do you know when the issue is scheduled to close and merged to master?

Thank you!!

dceldran avatar Apr 28 '22 06:04 dceldran