wekan
OAUTH2_LOGIN_STYLE=redirect Has No Effect
Issue
#3542 Issue mentioned here also, but I think it's not the focus of the conversation. Other Wekan issues can be added here.
Server Setup Information:wekan + keycloak
-
Note: Please anonymize info, and do not add to this public issue any of your Wekan board URLs, passwords, API tokens etc, do you understand?:Yes
-
Did you test in newest Wekan?: Yes
-
Wekan version: Latest
-
Operating System: Ubuntu
-
Deployment Method(snap/docker/sandstorm/mongodb bundle/source): Docker
-
Http frontend if any (Caddy, Nginx, Apache, see config examples from Wekan GitHub wiki first): nginx
-
Node Version:
-
MongoDB Version:
-
Wekan only works on newest desktop Firefox/Chromium/Chrome/Edge/Chromium Edge and mobile Chrome. What webbrowser version are you using?
Problem description: When setting "OAUTH2_LOGIN_STYLE=redirect" in the docker-compose.yml file it has no effect and a popup window is shown, even when you need a redirect instead.
- REQUIRED: Add recorded animated gif about how it works currently, and screenshot mockups how it should work. Use peek to record animgif in Linux https://github.com/phw/peek
- Explain steps how to reproduce Enable Oauth2 > set OAUTH2_LOGIN_STYLE=redirect > attampt to login and see popup instead of redirect.
I can confirm the wrong parameter is being passed to the oauth by looking at the pop up window url ".../protocol/openid-connect/auth?loginStyle=popup&client_id=webapp-wekan&response_type..."
The reason this is important is I'm automating the login steps with JavaScript. Unfortunately most browsers block popups initiated by JS so I need to use redirect instead! Thanks!
-
If using Snap, what does show command
sudo snap logs wekan.wekan? Please anonymize logs. -
If using Docker, what does show command
sudo docker logs wekan-app? Please anonymize logs. - If logs are very long, attach them in .zip file
@xet7 This will have to be reopened. v5.35 Still has the same behavior. Popup has url with "...auth?loginStyle=popup&clie..."
Had a look at the code. Seems like the else conditions aren't being. The popup is 320x449 so I assume the popup code is running.
width: options.popupOptions.width || 320,
height: options.popupOptions.height || 450
That previous trying to fix broke Google login, so I had to revert it in Wekan 5.34.
In reverting commit I tried to open this issue, but it seems GitHub did not open it:
https://github.com/wekan/wekan/commit/1e837dec11dc5cb266b83efcff4f462aa02d733d
thanks @xet7 I tested out 5.33. Seems some code has run as the popup screen has been altered, but it is still a popup. URL still contains "loginStyle=popup"
https://user-images.githubusercontent.com/17303371/122485854-3d88c500-d01b-11eb-8ba4-f75d3dc64c73.mp4
Is there anyone who is using wekan with google auth who could test / look into why https://github.com/wekan/wekan/commit/78324263c1c78e7e9e99f153e3158e39f564b67a broke it ?
@varac
Redirect has never worked. There could be some bug at wekan/packages/*oidc*/*
@flaviohrocha
Google login does work: https://github.com/wekan/wekan/wiki/Google-login
Also others should work.
It's just that when logging in, it's enough that popup login style works.
Having popup vs redirect is just about what is visible for some seconds, it's not any kind of critical.
The distinction is important to us though, because our testing framework (cypress) consciously doesn't support separate windows, so we can't properly test our wekan instance if it doesn't respect the "redirect" directive.
@ariep
Does this autologin feature help with that?
https://github.com/wekan/wekan/blob/master/CHANGELOG.md#v630-2022-07-11-wekan--release
It also breaks iPhone usage for me as Popup gets blocked in safari per default.
