Skip to content

fix: Do not show password dialog when user can not validate password #54005

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 29, 2025
Merged

fix: Do not show password dialog when user can not validate password #54005

merged 1 commit into from
Jul 29, 2025

Conversation

@danxuliu
Copy link
Member

@danxuliu danxuliu commented Jul 18, 2025
edited
Loading

Follow up to #50465
Related to #53472

The password confirmation dialog (which is used, for example, in external storages) is always shown unless the user backend does not allow password confirmation. A user backend may explicitly provide that information, but even if it does not that could have been defined in the authentication token with IToken::SCOPE_SKIP_PASSWORD_VALIDATION (for example, when user_oidc is only used for authentication and user provision is done by another user backend).

How to test

'user_oidc' => [
    'auto_provision' => false,
]
  • Install Keycloack
  • Configure Keycloack and user_oidc as described in https://web.archive.org/web/20240412121655/https://www.schiessle.org/articles/2023/07/04/nextcloud-and-openid-connect/
  • Back in Nextcloud, add an account with the same account name as the ID (not username, ID) of the Keycloack user (otherwise Failed to provision the user would be shown when logging in, as user_oidc is being used only for authentication and the user should be provisioned by another user backend)
  • In a private window, log in Nextcloud with Keycloack
  • Open the Settings
  • Open the External storage section
  • Try to add an external storage

Result with this pull request

No password confirmation dialog is shown and the external storage is saved

Result without this pull request

A password confirmation dialog is shown

@danxuliu
fix: Do not show password dialog when user can not validate password
03c76d8 
The password confirmation dialog is always shown unless the user backend
does not allow password confirmation. A user backend may explicitly
provide that information, but even if it does not that could have been
defined in the authentication token with
"IToken::SCOPE_SKIP_PASSWORD_VALIDATION" (for example, when "user_oidc"
is only used for authentication and user provision is done by another
user backend).

Signed-off-by: Daniel Calviño Sánchez <danxuliu@gmail.com>
@danxuliu danxuliu added this to the Nextcloud 32 milestone Jul 18, 2025
@danxuliu danxuliu added bug 2. developing Work in progress labels Jul 18, 2025
@danxuliu
Copy link
Member Author

/backport to stable31

@danxuliu
Copy link
Member Author

/backport to stable30

@danxuliu danxuliu added 3. to review Waiting for reviews and removed 2. developing Work in progress labels Jul 18, 2025
@danxuliu danxuliu marked this pull request as ready for review July 18, 2025 20:07
@danxuliu danxuliu requested a review from a team as a code owner July 18, 2025 20:07
@danxuliu danxuliu requested review from ArtificialOwl, icewind1991, julien-nc and skjnldsv and removed request for a team July 18, 2025 20:07
skjnldsv
skjnldsv approved these changes Jul 20, 2025
View reviewed changes
Copy link
Member

@skjnldsv skjnldsv left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🐘

@skjnldsv skjnldsv mentioned this pull request Jul 21, 2025
Open
@danxuliu danxuliu merged commit b9ab00a into master Jul 29, 2025
199 checks passed
@danxuliu danxuliu deleted the do-not-show-password-dialog-when-user-can-not-validate-password branch July 29, 2025 15:54
This was referenced Jul 29, 2025
Merged
Merged
@skjnldsv skjnldsv mentioned this pull request Aug 19, 2025
Merged
@skjnldsv skjnldsv modified the milestones: Nextcloud 32, Nextcloud 33 Sep 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@julien-nc julien-nc julien-nc approved these changes

@skjnldsv skjnldsv skjnldsv approved these changes

@ArtificialOwl ArtificialOwl Awaiting requested review from ArtificialOwl ArtificialOwl is a code owner automatically assigned from nextcloud/server-backend

@icewind1991 icewind1991 Awaiting requested review from icewind1991 icewind1991 is a code owner automatically assigned from nextcloud/server-backend

Assignees

No one assigned

Labels

3. to review Waiting for reviews bug

Projects

None yet

Milestone

Nextcloud 32

Development

Successfully merging this pull request may close these issues.

4 participants

@danxuliu @julien-nc @skjnldsv