Wrong redirect if already authenticated with SSO

[robertmx]

Dear devs,

thank you very much for this app. I integrated Nextcloud with keycloak and see a redirect error if I am already authenticated with Keycloak.

Steps to reproduce:

1. Get a valid session with keycloak by logging in to some other service on the same realm
2. Access the nextcloud base url (https://xxx.tld/nextcloud/)
3. Observe the following 302 redirects: (https://xxx.tld/nextcloud/login --> https://xxx.tld/nextcloud/apps/user_oidc/login/1 --> https://xxx.tld/nextcloud/index.php_oidc/login/1)
4. The last redirect results in a 404 not found, because the URL does not exists. Note the index.php_oidc/login/1 part that looks wrong to me.

What I think is happening

user_oidc is checking with keycloak for authentication, realizes the session is already authenticated with keycloak, authenticates the user with nextcloud and immediately tries to redirect back to nextcloud. But somehow the redirect URL gets mangled. This error does not occur when logging in directly with nextlcoud, e.g. with no prior authentication with keycloak.

Cheers Robert

[edward-ly]

Hi, can you confirm if this issue still persists on the latest versions of Keycloak/Nextcloud/user_oidc? If so, we can perhaps investigate the issue further.

Also, please note that running Nextcloud inside a domain subdirectory is not officially supported (if the example links you provided suggest that you are doing so).