nextcloud-oidc-login icon indicating copy to clipboard operation
nextcloud-oidc-login copied to clipboard
verified publisher icon pulsejet

Issue : password create in nextcloud database for OpenId connect users

Open mathsyx69 opened this issue 3 years ago • 3 comments

Hello,

I have a nextcloud instance installed and I use your application to connect with AzureAD. I encourtered an error sometime when a new employee register on nextcloud (account create at first azureAd connection).

He got a error message which demand that the password contain special character. I don't understand how your app work with the password of accounts create with OpenID Connect.

I have two simple question: What happens to the field password in the nextcloud database ? It this a bug that you already met ?

Thank by advance for your help.

Have a good day.

mathsyx69 avatar Dec 08 '22 18:12 mathsyx69

A random password is generated for each user. We should be including a fixed string at the start containing some special characters so it satisfies the password policies.

https://github.com/pulsejet/nextcloud-oidc-login/blob/dc101a70029872c95b298ea8efb7daa7bb8e7764/lib/Service/LoginService.php#L271

pulsejet avatar Dec 09 '22 01:12 pulsejet

Thank for the response. To resolve this bug I delete this line (271) and replace it with :

$randomPassword = substr(base64_encode(random_bytes(64)), 0, 28); $userPassword = ":" . $randomPassword . "[";

It could be interesting to add a correction in a next update.

mathsyx69 avatar Dec 09 '22 22:12 mathsyx69

Please don't close this until it's fixed. If possible it'd be great if you could do a PR for this. Ideally we can just prepend the password with something like aA1$ which could cover all cases.

pulsejet avatar Dec 09 '22 23:12 pulsejet