Enable openid-connect app

Server configuration

ownCloud version: (see ownCloud admin page)
10.4.0.4

Updated from an older ownCloud or fresh install:
Updated from 10.2

Where did you install ownCloud from:
Docker

Hello,
I’m looking to connect an OpenID provider to Owncloud. A connector seems released since 10.4.

I don’t understand how to enable openid-connect…
I followed the documentation by setting up a distributed memcache, by setting the config.php as indicated and edited the .htaccess.
See https://doc.owncloud.org/server/10.4/admin_manual/configuration/user/oidc/

However, nothing is happening. Nothing in logs. No login button or redirect when I force “autoRedirectOnLoginPage” to true.

What must be done to enable the openid-connect app ?

Thanks

Is the app really installed and enabled?
Run occ a:l and generate a configreport

I guess this is only in regards to memcache/redis.

Additionally to the steps you already described:

• memcache/redis
• redirect url for .well-known path

You will also have to do the following steps:

• Configure the openidconnect app, have a look for the docs here:
  https://github.com/owncloud/openidconnect#setup-configphp

• Register the redirect URLs at the IdP, according to the docs:
  https://doc.owncloud.org/server/10.4/admin_manual/configuration/user/oidc/#setup-within-the-openid-provider

Please note that this is still very new and therefore the docs are very rudimentary. However they will receive an overhaul in the next few weeks.

Another limitation you have to be aware of:
Users that don’t exist in the ownCloud backend can’t be authenticated with OIDC. This means that for example if you have LDAP enabled, new users will only be able to login via OIDC once the occ user:sync has imported them into ownCloud.

Thanks for your reply.

I didn’t find the openidconnect app in my configreport.

So, I think I need to download the app and move it to the apps/ folder. But, when I tried to enable it I’ve got this message : “Error: this app cannot be enabled because it makes the server unstable”

In the log file, I can see this (but I don’t know if it’s because of openidconnect) :

{“reqId”:“6gNsEIvMFjLFvue2XuY9”,“level”:3,“time”:“2020-03-13T07:35:02+00:00”,“remoteAddr”:"",“user”:"–",“app”:“core”,“method”:"–",“url”:"–",“message”:“Exception: {“Exception”:“OCP\\AppFramework\\QueryException”,“Message”:“Could not resolve OCA\\OAuth2\\BackgroundJob\\CleanUp! Class OCA\\OAuth2\\BackgroundJob\\CleanUp does not exist”,“Code”:0,“Trace”:”#0 \/var\/www\/owncloud\/lib\/private\/AppFramework\/Utility\/SimpleContainer.php(110): OC\\AppFramework\\Utility\\SimpleContainer->resolve(‘OCA\\\\OAuth2\\\\Back…’)\n#1 \/var\/www\/owncloud\/lib\/private\/ServerContainer.php(86): OC\\AppFramework\\Utility\\SimpleContainer->query(‘OCA\\\\OAuth2\\\\Back…’)\n#2 \/var\/www\/owncloud\/lib\/private\/BackgroundJob\/JobList.php(253): OC\\ServerContainer->query(‘OCA\\\\OAuth2\\\\Back…’)\n#3 \/var\/www\/owncloud\/lib\/private\/BackgroundJob\/JobList.php(209): OC\\BackgroundJob\\JobList->buildJob(Array)\n#4 \/var\/www\/owncloud\/core\/Command\/System\/Cron.php(114): OC\\BackgroundJob\\JobList->getNext()\n#5 \/var\/www\/owncloud\/lib\/composer\/symfony\/console\/Command\/Command.php(255): OC\\Core\\Command\\System\\Cron->execute(Object(Symfony\\Component\\Console\\Input\\ArgvInput), Object(Symfony\\Component\\Console\\Output\\ConsoleOutput))\n#6 \/var\/www\/owncloud\/lib\/composer\/symfony\/console\/Application.php(1012): Symfony\\Component\\Console\\Command\\Command->run(Object(Symfony\\Component\\Console\\Input\\ArgvInput), Object(Symfony\\Component\\Console\\Output\\ConsoleOutput))\n#7 \/var\/www\/owncloud\/lib\/composer\/symfony\/console\/Application.php(272): Symfony\\Component\\Console\\Application->doRunCommand(Object(OC\\Core\\Command\\System\\Cron), Object(Symfony\\Component\\Console\\Input\\ArgvInput), Object(Symfony\\Component\\Console\\Output\\ConsoleOutput))\n#8 \/var\/www\/owncloud\/lib\/composer\/symfony\/console\/Application.php(148): Symfony\\Component\\Console\\Application->doRun(Object(Symfony\\Component\\Console\\Input\\ArgvInput), Object(Symfony\\Component\\Console\\Output\\ConsoleOutput))\n#9 \/var\/www\/owncloud\/lib\/private\/Console\/Application.php(165): Symfony\\Component\\Console\\Application->run(Object(Symfony\\Component\\Console\\Input\\ArgvInput), Object(Symfony\\Component\\Console\\Output\\ConsoleOutput))\n#10 \/var\/www\/owncloud\/console.php(116): OC\\Console\\Application->run()\n#11 \/var\/www\/owncloud\/occ(11): require_once(’\/var\/www\/ownclo…’)\n#12 {main}",“File”:"\/var\/www\/owncloud\/lib\/private\/AppFramework\/Utility\/SimpleContainer.php",“Line”:96}"}

I do occ app:enable openidconnect

This broke my Owncloud, but show this in logs :

[PHP Fatal error: require_once(): Failed opening required '/var/www/owncloud/apps/openidconnect/lib/../vendor/autoload.php' (include_path='/var/www/owncloud/apps:/var/www/owncloud/custom') in /var/www/owncloud/apps/openidconnect/lib/Application.php on line 24

So, I run composer install in apps/openidconnect and that looks fine. But I don’t think it’s the good way to install openid connect…

Any success getting the openidconnect working? Had a stab at it today but didn’t get there.

Hey,

as opposed to other apps it seems this app isn’t published at https://marketplace.owncloud.com/. Maybe the app isn’t ready for productive use / end users yet and should be only used by developers familiar with ownCloud apps?

Given that it had sneaked into the docs I’d hoped it was at more of a “beta test” stage.

@eneubauer, do you know if, and when, the openidconnect app will be publish in the marketplace ?

Thanks all for your help

It is in github currently and is in the process of beeing productized. As usal “its ready when its ready” which means when its published in marketplace it will have gone through all QA steps.
However its running live at a couple of customers and it works there - so yes its more then a beta but there are still some tricks which we step by step document …