No ldap uid found in openid response LDAP Proxy Keycloak

ghorchem · May 15, 2023, 5:41am

Hello I’m trying to set up Keycloak 21 with Nextcloud using the Nextcloud-OIDC-Login app when I try to login I get “no uid found in openid response”

wwe · May 15, 2023, 7:38am

Please provide more technical information. I did some tests with openidlogin in the past and it worked for me.

ghorchem · May 15, 2023, 2:56pm

here’s my config file:

$CONFIG = array (
  'passwordsalt' => 'password_salt',
  'secret' => 'secret',
  'auth.bruteforce.protection.enabled' => false,
  'ratelimit.protection.enabled' => false,
  'auth.webauthn.enabled' => false,
  'allow_user_to_change_display_name' => false,
  'default_locale' => 'en_US',
  'trusted_domains' => 
  array (
    0 => 'localhost',
    1 => 'nextcloudportal.gary-springfield-mo.net',
  ),
  'datadirectory' => '/nextclouddata',
  'dbtype' => 'mysql',
  'version' => '26.0.1.1',
  'overwrite.cli.url' => 'http://localhost',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => 'oc_admin',
  'dbpassword' => 'db_password',
  'installed' => true,
  'instanceid' => 'oc44y4qqzgz5',
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
  'enforce_theme' => '',
  'loglevel' => 2,
  'maintenance' => false,
  'lost_password_link' => 'disabled',
  'oidc_login_provider_url' => 'https://server-1.gary-springfield-mo.net/auth/realms/sso/',
  'oidc_login_client_id' => 'nextcloud',
  'oidc_login_client_secret' => 'keycloak_secret',
  'oidc_login_auto_redirect' => false,
  'oidc_login_end_session_redirect' => false,
  'oidc_login_button_text' => 'Log in with Keycloak',
  'oidc_login_hide_password_form' => false,
  'oidc_login_use_id_token' => true,
  'id' => 'username',
  'mail' => 'email',
  'name' => 'name',
  'home' => 'homeDirectory',
  'ldap_uid' => 'username',
  'oidc_login_allowed_groups' => null,
  'oidc_login_filter_allowed_values' => null,
  'oidc_login_use_external_storage' => false,
  'oidc_login_scope' => 'openid profile Nextcloud_Client_Scope',
  'oidc_login_proxy_ldap' => true,
  'oidc_login_disable_registration' => true,
  'oidc_login_redir_fallback' => false,
  'oidc_login_tls_verify' => true,
  'oidc_create_groups' => false,
  'oidc_login_webdav_enabled' => true,
  'oidc_login_password_authentication' => false,
  'oidc_login_public_key_caching_time' => 86400,
  'oidc_login_min_time_between_jwks_requests' => 10,
  'oidc_login_well_known_caching_time' => 86400,
  'oidc_login_update_avatar' => false,
  'oidc_login_skip_proxy' => false,
  'oidc_login_code_challenge_method' => 'S256',
);

wwe · May 16, 2023, 6:16am

Please review Usage with Keycloak in your config multiple attributes differ from recommended config.

Please be aware of State of the maintainance · Issue #182 · pulsejet/nextcloud-oidc-login · GitHub

ghorchem · May 16, 2023, 5:20pm

I get it now. I would like to switch to the Social Login app. but when I have tried to configure it it would not save my settings. A screenshot of the log file is below: