Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[QA] autoprovisioning fails with 'picture-claim' => 'picture' #138

Closed
jnweiger opened this issue Jan 26, 2021 · 3 comments
Closed

[QA] autoprovisioning fails with 'picture-claim' => 'picture' #138

jnweiger opened this issue Jan 26, 2021 · 3 comments

Comments

@jnweiger
Copy link
Contributor

Reference: https://github.com/owncloud/openidconnect#setup-auto-provisioning-mode
The documented config setting for the auto-provision feature of openid-connect

    'auto-provision' => [
        // defines the claim which holds the picture of the user - must be a URL
        'picture-claim' => 'picture',

Leads to an error.
The comment above indicates that the value should be a URL and is inconsistent with the value picture, which is not a URL.

Expected behaviour: documentation be consistent and explain if the shown value is a placeholder and how it should be used.

Internal Server Error

The server encountered an internal error and was unable to complete your request.

Please contact the server administrator if this error reappears multiple times and include the technical details below in your report.

More details can be found in the server log.

Technical details

    Remote Address: 2.247.254.XX
    Request ID: AaPGALnEDimqryOXXX
    Type: TypeError
    Code: 0
    Message: Argument 1 passed to OCA\OpenIdConnect\Service\AutoProvisioningService::downloadPicture() must be of the type string, null given, called in /mnt/data/apps/openidconnect/lib/Service/AutoProvisioningService.php on line 116
    File: /mnt/data/apps/openidconnect/lib/Service/AutoProvisioningService.php
    Line: 144


Trace

#0 /mnt/data/apps/openidconnect/lib/Service/AutoProvisioningService.php(116): OCA\OpenIdConnect\Service\AutoProvisioningService->downloadPicture()
#1 /mnt/data/apps/openidconnect/lib/Service/UserLookupService.php(77): OCA\OpenIdConnect\Service\AutoProvisioningService->createUser()
#2 /mnt/data/apps/openidconnect/lib/Controller/LoginFlowController.php(142): OCA\OpenIdConnect\Service\UserLookupService->lookupUser()
#3 /var/www/owncloud/lib/private/AppFramework/Http/Dispatcher.php(153): OCA\OpenIdConnect\Controller\LoginFlowController->login()
#4 /var/www/owncloud/lib/private/AppFramework/Http/Dispatcher.php(85): OC\AppFramework\Http\Dispatcher->executeController()
#5 /var/www/owncloud/lib/private/AppFramework/App.php(100): OC\AppFramework\Http\Dispatcher->dispatch()
#6 /var/www/owncloud/lib/private/AppFramework/Routing/RouteActionHandler.php(47): OC\AppFramework\App::main()
#7 /var/www/owncloud/lib/private/Route/Router.php(342): OC\AppFramework\Routing\RouteActionHandler->__invoke()
#8 /var/www/owncloud/lib/base.php(917): OC\Route\Router->match()
#9 /var/www/owncloud/index.php(54): OC::handleRequest()
#10 {main}
@jnweiger
Copy link
Contributor Author

Workaround: comment out // 'picture-claim' => 'picture', then the user gets autoprovisioned.

This was referenced Jan 26, 2021
Closed
Closed
@DeepDiver1975
Copy link
Member

The expectation is that the user info have a claim named 'picture' (or whatever it is .... that's why it can be configured)
The value in the claim has to be a url - see https://connect2id.com/products/server/docs/api/userinfo

So this is basically wrong usage .... nevertheless the code base shall not 💥

@DeepDiver1975
Copy link
Member

fixed with #222 - which introduced a check if the property holds a string

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@DeepDiver1975 @jnweiger