user_oidc icon indicating copy to clipboard operation
user_oidc copied to clipboard
verified publisher icon nextcloud

Auhentik and user_oidc: "Wrond number of segments" errors in the log

Open Ra72xx opened this issue 2 years ago • 2 comments

I switched Nextcloud from LDAP auth to OIDC according to this page: https://blog.cubieserver.de/2022/complete-guide-to-nextcloud-oidc-authentication-with-authentik/. I also shortened my token because this is mentioned in this guide. Though everything seems to work as expected, I get tons of messages like this in my Nextcloud log: {"reqId":"xxxxx","level":3,"time":"2023-05-21T04:31:00+00:00","remoteAddr":"46.142.186.191","user":"--","app":"user_oidc","method":"GET","url":"/nextcloud/index.php/apps/passwords/api/1.0/session/keepalive","message":"Impossible to decode OIDC token:Wrong number of segments","userAgent":"Offizielle Passwords Firefox Extension auf Linux","version":"26.0.1.1","data":{"app":"user_oidc"},"id":"xxxxxx"}

This also happens for other apps, not only the passwords extension. However, as I said, everything seems to work, but I dislike logfile entries like this ;-) ...

Ra72xx avatar May 21 '23 04:05 Ra72xx

Hello,

I have the same situation. From what I gathered, the log message comes when you're using a app password token instead of a SSO token to access the cloud from an external app.

That msg comes from this file: apps/user_oidc/lib/Vendor/Firebase/JWT/JWT.php

So, indeed, that shouldn't be a problem, but maybe the dev can check if it's an app passwrod token used and in that case, not show the msg.

quenenni avatar Aug 14 '23 13:08 quenenni

this is not restricted to Authentik but happens in keycloak as well.

joergmschulz avatar Nov 23 '23 18:11 joergmschulz