Hi there,
I’m trying to set-up Nextcloud and DokuWiki so that NC is the OAuth2 Identity Provider for DokuWiki. DokuWiki offers plug-ins for this (this one supplemented by this one).
I have successfully created a client in NC Admin > Security and set-up the DokuWiki plug-ins accordingly (client secret, client id, mapping of the user field names, etc). The Log-in flow works like a charm and my user can grant access to DokuWiki. An entry for DokuWiki is created under “Settings” > “Security” > “Devices & sessions” successfully.
However, after granting access, Nextcloud is supposed to redirect the user’s browser to a DokuWiki URL to facilitate authentication.
Unfortunately this fails; DokuWiki complains that “OAuth: State not found in session, are you sure you stored it?”.
This does not seem to be a DokuWiki/plug-in problem, because NC indeed does not send a value for state at all. This is the URL that NC redirects after granting access:
https://<mycorrectdomain.tld>/wiki/index.php?state=&code=zL0Oq…[very long code]…wfrHvnDc
and as you can see, the ?state=-parameter is empty.
- When I peek into the file responsible for constructing this redirection URI (
/cloud/core/Controller/ClientFlowLoginController.phparound line 357) and try to debug-output the value of$this->session->get('oauth.state')it is empty as well. - When I retry from scratch, the “grant access” dialogue is starting over and a new session is added to the list in the user’s profile.
- I checked out the issue tracker on github, and while #28261 was close and interesting, it doesn’t seem to be exactly the cause.
I have Nextcloud 22.2.3 running on uberspace with Redis, APCu and PHP 7.4 (session.save_handler is set to files, not redis). NC is running under /cloud/ subfolder, DokuWiki under /wiki/, without problems so far.) Nothing of interest in nextcloud.log.
I’d be grateful for any hints on where to start digging.
If you need any more information, let me know.
regards
