Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Nextcloud AIO authentication schema #6

Open
gregjohnsonsaltaire opened this issue Jun 17, 2024 · 7 comments
Open

Nextcloud AIO authentication schema #6

gregjohnsonsaltaire opened this issue Jun 17, 2024 · 7 comments
Labels
enhancement New feature or request

Comments

@gregjohnsonsaltaire
Copy link

Hi, any reason not to add an authentication schema based on "oc_accounts" etc? Tx
@docjyJ docjyJ added the enhancement New feature or request label Jul 10, 2024
@docjyJ
Copy link
Owner

docjyJ commented Jul 10, 2024

Hi,

I forgot to activate the notification on this repository 😅

I am updated to the V8. Do you use Stalwart?

To use a unique authentication scheme, you must use LDAP. Stalwart is still in development, other solution could happen.

To use a unique authentication scheme, you must use LDAP. Stalwart is still in development, other solution could happen. See https://stalw.art/compare/.

I should be faster to answer now.

@MrRinkana
Copy link

With stalwart enterprise you could use nextcloud as an OIDC provider (users log in with nextcloud accounts).

@docjyJ
Copy link
Owner

docjyJ commented Feb 3, 2025

Yes, too bad it has to be paid for...

@MrRinkana
Copy link

MrRinkana commented Feb 12, 2025
edited
Loading

Wellwellwell, the legend(s) at stalwart at it again: https://stalw.art/blog/oidc-open-source/
(Can use external oidc without enterprise now)

@docjyJ
Copy link
Owner

docjyJ commented Feb 14, 2025

I don't have time to look into this at the moment. As soon as I can, I'll see what can be done.

@MrRinkana
Copy link

I looked into it and unfortunately its a bit limited, as my understanding is that its only for accessing the mailboxes, and very few email clients support oidc (specifically the OAUTHBEARER SASL mechanism).

In short, its not a quick solution to merging stalwart and nc users, the use will need quite some work first.

To merge nextcloud users and stalwart an dedicated nc app is probably the way to go, using the nc apis to update stalwart trough its api - which would allow some logic around which users/groups get which roles on the stalwart server, and maybe most importantly how the mailbox address is chosen. There is no such app yet, and its not trivial to create as it requires good knowledge of both stalwart and the nc app framework.. I am in the very early stages of writing a app that can synchronise stalwart mail-lists (principal type list; external emails) with nc users own email (to be able to send emails to all members/different groups of the nextcloud instance), but unfortunately I am both learning how to write nc apps and busy with other stuff so that might be some months of an early beta..

@docjyJ
Copy link
Owner

docjyJ commented Feb 16, 2025

I work on it https://github.com/docjyJ/nextmail

but yes it's realy complicated, and I'm not sure to use the best way.

The goal is to synchronize username, display name and password.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gregjohnsonsaltaire @docjyJ @MrRinkana