nextcloud
Added Auth fields
Hi,
I added autentication fields to nextcloud/external.
These authentication fields allow opening external sites protected by a login/password form.
It uses an ajax post request made to an authentication url. Once the authentication is successful and the session cookie has been set, the iframe src attribute is changed to match the external site final url.
Since most of the time the ajax request is performed against an other domain than Nextcloud's one we are confronted to cross sites control restrictions. Thus it is necessary to add Access-Control-Allow-xxxx headers to the web server hosting the external site. The most common necessary headers are those : Access-Control-Allow-Origin : "https://external.site.domain" Access-Control-Allow-Methods : "GET, POST, OPTIONS" Access-Control-Allow-Credentials: "true" Access-Control-Allow-Headers: "Authorization, Content-Type"
The fourth field I added is there for supplementary headers sent with the ajax request that might be required by the login form.
I successfully used these auth fields to authenticate against Kibana free edition with x-pack security enabled.
Thank you for taking my contribution into account.
Best regards,
Thierry
I literally just made a middle man PHP page to do a much simpler version of this. Maybe this code can be of some use. It converts "GET" URL variables to "POST" so that {displayname} and hopefully a future {password} can be used to automatically login nextcloud users into other websites. This is obviously much less a complete than what you have done, congratulations.
HTML Code: usrlogin.php.txt
Love the idea of this, but we might want to add a "logout redirect" to the main Nextcloud codebase first (which has been long due anyway), to also enable people to seemlessly log out of an external service on nextcloud logout too.
I don't think this is something we want. You can check if #310 solves your issue.