nextcloud-oidc-login icon indicating copy to clipboard operation
nextcloud-oidc-login copied to clipboard
verified publisher icon pulsejet

Avoid mail modification notifications if the mail is the same

Open quenenni opened this issue 4 years ago • 2 comments

Every time I connect to Nc, I receive a notification about my email having being changed by an admin.

Here is my oidc config:

  'oidc_login_provider_url' => 'https://auth.mydomain.tld',
  'oidc_login_client_id' => 'rp-nextcloud',
  'oidc_login_client_secret' => 'xxxxxxxxxxxxxxxx',
  'oidc_login_auto_redirect' => true,
  'oidc_login_logout_url' => 'https://auth.mydomain.tld/',
  'oidc_login_hide_password_form' => true,
  'oidc_login_attributes' =>
  array (
    'id' => 'sub',
    'name' => 'name',
    'mail' => 'email',
    'quota' => 'nextCloudQuota',
    'groups' => 'groupsNc',
    'is_admin' => 'adminNc',
  ),
  'oidc_login_end_session_redirect' => true,
  'oidc_login_default_group' => '',
  'oidc_login_use_external_storage' => true,
  'oidc_login_scope' => 'email profile openid',
  'oidc_login_proxy_ldap' => false,
  'oidc_login_disable_registration' => false,
  'oidc_login_redir_fallback' => false,
  'oidc_login_tls_verify' => true,
  'oidc_login_default_quota' => '10737418240',
  'oidc_create_groups' => true,
  'oidc_login_webdav_enabled' => true,
  'oidc_login_public_key_caching_time' => 86400,
  'oidc_login_min_time_between_jwks_requests' => 10,
  'oidc_login_well_known_caching_time' => 86400,
);

I noticed in the code that the mail is always set. It doesn't check is an email already exists and if it's the same.

In order to do the check and only set the email if it's different, I changed in Service/LoginService.php (line 236):

this:
            if ($attr['mail'] !== null) { 
                $user->setEMailAddress((string)$profile[$attr['mail']]);
            }

by this:
            $userMailAddress = $user->getEMailAddress();
            if ($attr['mail'] !== null && $userMailAddress != (string)$profile[$attr['mail']]) {
                $user->setEMailAddress((string)$profile[$attr['mail']]);
            }

quenenni avatar Nov 25 '21 15:11 quenenni

Thank you for your bug report. Would you consider opening a pull-request with your patch?

azmeuk avatar Dec 24 '21 11:12 azmeuk

Thanks for the proposition, but but.. I don't use git, or barely, and don't know how to do a pull-request.

I personnally find that Git is too complicated if you don't use it everyday (except just using a git clone / push / pull / status). The docu is terrible, too many differents things you'll barely never use.

The best I can do is to give you the most precise infos to help you fix the problem.

Hope this will help. And sorry for the git situation.

quenenni avatar Dec 24 '21 15:12 quenenni