syphon-org
Sso on custom home server with android does not work
When I try to log in via sso on my homeserver, the auth form opens in the browser and I can login. When I'm finished, the browser tries to redirect to syphon://... But this just opens the syphon app from a fresh state(even with the disclaimer popup) and not logging me in.
I can try to connect adb If you need more info :)
A similar behavior shows on my homeserver when I try to login via the iOS app. The Webbrowser redirects me to syphon://... and the app shows me the SSO login page again. (Attached screenshot shows the app status after logging in via the browser!)
This may have been fixed in 0.2.0. Were these only attempts from the multiaccount prompt or did anyone encounter this on the first, normal login screen?
I have the same Problem with a homeserver where I try to sign in via OpenID. My syphon version is 0.2.0.
It still does not work. Syphon says that he is unable to get "well known" from my synapse, which is obviously something wrong. Other clients as fluffy or element are logging in properly. Syphon in effect does not offer SSO at all.
Syphon says that he is unable to get "well known" from my synapse, which is obviously something wrong.
This is true but, it is probably not connected to the issue described here. The "faild well known check" message appears for homeservers which to not provide a /.well-known/matrix/client which is a json file the can be used to redirect to the actual server address. Accourding to the matrix spec this is optional and if the server returns 404 the client should ignore it. This is not how syphon does it, but the original issue is about being unable to login without error even when the "well known check" passes.
It's connected in some way as because of "well known" syphon does not show me SAML login option at all.
Like @frcl mentioned, I think it should allow a pass through if it fails but gets a response back from the domain on the tail end of the user ID as expected. I'll add a bit of context though
The well-known file is required if users intend on having a top level domain in their user ID that's different from where their server is hosted and authenticate with it (matrix.org -> matrix-client.matrix.org - https://matrix.org/.well-known/matrix/client).
In most cases, this has prevented users from attempting to login under their personal servers with the fully qualified address (username:matrix-client.matrix.org) when they shouldn't need to. However, looks like it's also failed at allowing some people to login. Will be in the next release.
The original issue is different though and haven't had time to understand why. I'll prioritize it for this weekend. Sorry for the latency here!
I am having a similar problem with a homeserver running without a proxy and TLS-enabled listeners on port 8448, i.e. ...
static const homeserverDefault = 'example.com:8448';
Does Syphon have any (SSO) issues with such a setup?
I still have the issue with version 2.8, but I have made an important observation: The problem is browser dependent.
With DuckDuckGo browser as default on my phone I experience the issue, but when I use a different Browser (e.g. EinkBro from F-Droid) the login process works without issues.
With DuckDuckGo it seems like the syphon://… link is not opened in the Syphon app window, but in the DuckDuckGo app window instead (see screenshort). I don't know if this is connected to the issue, but in EinkBro it is different.
@mqus to confirm, what is your default browser?
Its firefox on android, but the old one.
I haven't checked new syphon versions yet since I originally got it from fdroid where it disappeared soon after. But I'll try.
Yeah, quickndirty: I get the .well-known error on the current version and after that the sso-login-button disappeared in syphon. There are no discovery jsons there, so I'll ask the admins of my instance. I can pn you the domain if you are curious. But I think that those should not be necessary since the element desktop client connects just fine.