Desktop Client Login OIDC

Expected behaviour

When I log in to the ownCloud server using the webbrowser (redirected from the desktop client), the desktop client should realize the successful login.

Actual behaviour

The desktop client remains at the Connection Wizard screen with the Next button grey and the Re-open in Browser link active.

Steps to reproduce

  1. Start owncloud client
  2. Enter server URL in client, log in successfully in web browser

Server configuration

Operating system: Ubuntu Server 22.04 LTS, ownCloud running in Docker (owncloud/server:latest)

Web server: Traefik reverse proxy, but I assume something else inside the Docker container

Database: mariadb (Docker)

PHP version: 7.4.3

ownCloud version: 10.11.0.6

Storage backend (external storage): Not sure what is being asked here. Data is stored on an encrypted ZFS pool.

Client configuration

Client version: 2.11.1

Operating system: Windows 10

OS language: English

Installation path of client: c:\Program Files\ownCloud

Logs

  1. Client logfile: I can’t get the Windows client to output any logs

  2. Web server error log: None

  3. Server logfile: ownCloud log (data/owncloud.log): None (loglevel 2)


More information

First of all, the web-based client works fine. I’m trying to get the desktop client to log in properly.

I am using OIDC for authentication with Keycloak as the IdP. I am using the client ID and secret from the documentation (I cannot include links in this post). I imported the Keycloak client from OCIS github (again, can’t include links). I added my server’s URI (https://<server>*) to the Valid Redirect URIs.

Output of docker-compose exec owncloud occ config:system:get openid-connect:

provider-url: <removed>
client-id: xdXOt13JKxym1B1QcEncf2XDkLAexMBFwiT9j6EfhhHFJhs2KM9jbjTmf8JBXE69
client-secret: UBntmLjC2yYCeHwsyj73Uwo9TAaecAetRwMw0xYcvNL9yRdLSUi0hUAHfvCHFeFh
mode: email
search-attribute: email
loginButtonName: Login via Keycloak
use-token-introspection-endpoint: false
autoRedirectOnLoginPage: true

When I try to log in using the desktop client, it redirects me to a browser where I successfully log in and am redirected to the base URL of my server. The client remains on the window pictured below:

Perhaps this has something to do with the Traefik reverse proxy in front of the server?