[SOLVED] Nextcloud as oauth provider for other instance


I’m currently trying to use a Nextcloud instance provided by mail-in-a-box to authenticate my personal instance. This is to avoid having to make user accounts (although it would be much easier). Running only one instance is not an option as my VPS has little storage (~20GB).

On my mail-in-a-box server (runs on https://box.example1.com/cloud/) I’ve added an Oauth2 client in the Security Admin settings (docs):

Redirection URI 	https://cloud.example2.com/index.php/apps/sociallogin/custom_oauth2/nc
Client Identifier 	<CLIENT_ID>
Secret 	<SECRET>

On my personal server (the aforementioned https://cloud.example2.com/) I’ve got the Social Login plugin and the following configuration (based on this, this and this):

Internal name: nc
Title: nc
API Base URL: https://box.example1.com/cloud/index.php
Authorize url: https://box.example1.com/cloud/index.php/apps/oauth2/authorize
Token url: https://box.example1.com/cloud/index.php/apps/oauth2/api/v1/token
Profile url: https://box.example1.com/cloud/index.php/ocs/v2.php/cloud/user?format=json
Client Id: <CLIENT_ID>
Client Secret: <SECRET>

The omitted options are unset.

It seems to work, and asks for a login up until it gets redirected back to https://cloud.example2.com where it just says: Error Can not get identifier from provider

I feel that I’m most of the way to a working setup, but I either fudged the Social Login settings or mail-in-a-box’s default nginx config, for some reason, blocks oauth.

I’ve checked all the logs and it’s just normal web traffic and not very meaningful in terms of Oauth2 errors. I feel like this is an issue with the personal server rather than mail-in-a-box’s.

Thanks in advance.

Anyone got a solution?

Solved. See https://github.com/zorn-v/nextcloud-social-login/issues/335