Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth2 authentication with Cisco Duo #43

Open
TineUser opened this issue Sep 27, 2024 · 2 comments
Open

OAuth2 authentication with Cisco Duo #43

TineUser opened this issue Sep 27, 2024 · 2 comments

Comments

@TineUser
Copy link

Actual behaviour

We configured OAuth2 authentication with Cisco Duo. When a user is logging in we get this error message:

Warning: Undefined array key "id" in C:\xampp\htdocs\kanboard\plugins\OAuth2\User\GenericOAuth2UserProvider.php on line 260

And we see:

Externe Authentifizierung fehlgeschlagen

We played around with the user ID key and in one situation the new user was created and could log in. But logging in with a already known user failed even if the user ID key and the username key of the logged in user are exactly the same as the already known user.

The already known users came from LDAP login. We want them to be switched to OAuth2.

Expected behaviour

The alreayd known user can authenticate by OAuth2 and new users will be automatically created in Kanboard.

Steps to reproduce

Configuration

  • Plugin version: OAuth2 1.0.2
  • Kanboard version: 1.2.38
  • Database type and version: sqlite 3.33.0
  • PHP version: 8.0.19
  • OS: Windows 10
  • Browser: Firefox 130.0.1, Microsoft Edge (chromium-based)
@TineUser TineUser changed the title OAuth2 authentication wicht Cisco Duo OAuth2 authentication with Cisco Duo Sep 27, 2024
@TineUser
Copy link
Author

I tried a little bit more but now I have the following situation:

Logging in with an unknown user in Kanboard: The user will be created.
Logging in with a known user: We get these error messages:

Warning: Undefined array key "id" in C:\xampp\htdocs\kanboard\app\Core\User\UserProfile.php on line 56

and

Externe Authentifizierung fehlgeschlagen

In Cisco Duo we are working with this mapping:

image

A new user in Kanboard will get the user name of his email address. So I changed the user name of the already known user in Kanboard to the email address, too.

The error message

Warning: Undefined array key "id" in C:\xampp\htdocs\kanboard\app\Core\User\UserProfile.php on line 56

can be suppressed if you set the following option in the config.php file of Kanboard:

define('LDAP_GROUP_SYNC', false);

On line 56 of the file UserProfile.php there's an if statement regarding the variable 'LDAP_GROUP_SYNC'.

@TineUser
Copy link
Author

TineUser commented Sep 30, 2024
edited
Loading

With the SQLite DB Browser tool I can see in the database, table 'users' that there's a column 'is_ldap_user' with value '1'. Setting this value to '0' doesn't solve the issue but the last column of the table, 'oauth2_user_id' is empty and when setting the mail address to this field the login with the already known user works :-). After the succesful login, the column 'is_ldap_user' gets the value '1' again.

It would be helpful to see this field in the user profile page and to have an option to change this field in the user management. We searched for hours regarding the error messages and didn't find a way to solve this.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@TineUser