-
Notifications
You must be signed in to change notification settings - Fork 3.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Authentication based in token (OAuth2) #1724
Comments
My POV:
|
Taking as a reference owncloud/client#4798. The general idea would be:
The last step specially will require coordination with server side. |
Needs redefinition of scope. |
https://github.com/owncloud/oauth2 is avalable in 9.1, see owncloud/core#26742 |
Tested. POC mainly works, though we need to expand it to make it ready-to-production, and there are some point to improve also in backend (see https://github.com/owncloud/oauth2/issues) . Will update first comment to track tasks for the Android client. |
Sorry, but we need to drop issues from milestone 2.4.0 to get it out next to OC 10 server. This time we'll move topics to |
[IMPROVEMENT] [UI] Password field in OAuth webview is covered by the keyboardSteps
Current behaviour Password field is covered by the keyboard. Expected behaviour Webview is resized properly, staying completely above the keyboard or showing a clear scrollbar. Nexus 10 v5.0.2 |
[BUG] OAuth2 accounts are missing the
|
[Typo]Type correct URL of a OAuth2 server and tap on
The correct way is:
(O in capitals) |
[BUG] Deletion of the client in WebUISteps:
Current behaviour Error is shown in webview (this is correct). Tapping on Expected behaviour Webview is closed and login view is focused again. The user can input other URL. Tested with Samsung Galaxy S7, Samsung Galaxy Tab S2 |
[BUG] OAuth2 disabledSteps:
Current behaviour User is redirected to login view. Credentials are input, but user is redirected again in a loop to login view Expected behaviour Account becomes "basic auth" after input credentials. (maybe other solutions fit as well) Tested with Samsung Galaxy S7, Samsung Galaxy Tab S2 |
[BUG] Video streamingVideo streaming does not work in OAuth2 servers. Error is displayed: |
Duplicates #1724 (comment) |
@jesmrec , about the problem with basic upgrade: #1724 (comment) I accidentally changed the appId for debug builds, so you will not be able to upgrade the app from 2.4.0-debug to 2.4.0+OAuth-debug in no device. To test upgrades you will need to generate release APKs for both the previous version and the current one. Sorry for the inconvenience. |
@davigonz, @jesmrec , about the problem of wrong path to authorization endpoint: #1724 (comment) . There is nothing we can do to detect the error. We can't monitor all the information in the webview, and there is not way to check that the URL initially loaded really corresponds to an OAuth authorization endpoint. In any case, this is not something we should worry about. The only way to get a wrong authorization endpoint is with a mistake in build time. Any custom client that needs a custom endpoint should be tested after the build and the error should be detected before releasing it. IMHO, there is nothing to do here. |
Relaunch of log-in view after clicking BACK has nothing to do with OAuth2 -> out of scope. Softkeyboard hidding input fields in log-in view prevented with auto-resize of dialog on keyboard events. No more bugs pending of development. |
[BUG] Crash after deletion of the client in WebUISteps:
Current behaviour App crashes in login view. Expected behaviour No crash Stack trace: 08-29 10:48:20.646 29103-29103/com.owncloud.android.debug E/AndroidRuntime: FATAL EXCEPTION: main Tested with Samsung Galaxy S7, Samsung Galaxy Tab S2 |
Crash fixed. |
related with #1724 (comment) apk is generated with the following name: android_null-release.apk i guess it is not matter of OAuth2, but you said you change the id, and not sure it is affected. |
@jesmrec , that's a bug in the naming of the APK after the update of the package name, but has no impact on the installation. |
Approved. Great job team!! |
Created new PRs with bug fixing: Library: owncloud/android-library#174 |
#Login will be done via OAuth2 protocol when server version supports it.
AC:
[ ] Show always the embedded refresh button so that the user knows what to do next after having written down the url and connect button is disabled? Already implemented on iOS. NICE2HAVEForget the following description and comments about it. Jump after #1724 (comment)
Server version 9.1 will include this new feature that will make mobile apps adapt its login view to this new authentication mode.The user generates a token in the web admin console (personal section). That token identifies unequivocally the account, so using only the token the user can login in his/her account. He could use the usual method user/password as well.To do:Actually, if the token is input in the password field the authentication works, but as username is displayed the string that the user input in the correspondent field, whatever he/she inputs. With the same token we can add so many instances of the same accounts as we wish.Only one instance of each account, with the username/displayname of the user should be displayed.
Doubts:- How to take the authentication method to be used: from a branding variable (as, for example, saml), or asking the server for that.- Login view: what to do with username field. If the user input a token in password field, the username field is irrelevant, but must remain due to accounts in other servers that do not require tokens.- Edit credentials: for a new generated token? tokens are overrided, a new one invalidates the previous in spite of the accounts added with those tokens keeps on being valid. Changing the account password invalidate all the generated tokens.BUGS & IMPROVEMENTS
Authentication based in token (OAuth2) #1724 (comment)
Follow up: App is reopened from login view after double tap on "Back" button #2009 [OUTOFSCOPE]
Authentication based in token (OAuth2) #1724 (comment)
Authentication based in token (OAuth2) #1724 (comment) [WONTFIX]
display_name
on the account constructOauth2 support #2013 (comment)
Authentication based in token (OAuth2) #1724 (comment) [FIXED] @davigonz @jesmrec
Authentication based in token (OAuth2) #1724 (comment) [FIXED]
Authentication based in token (OAuth2) #1724 (comment) [FIXED] @davigonz @jesmrec
Authentication based in token (OAuth2) #1724 (comment) [FIXED] @davigonz @jesmrec
Authentication based in token (OAuth2) #1724 (comment) [WONTFIX]
The text was updated successfully, but these errors were encountered: