From 7bba07ccbfb673a814ab8fc2524a827c77016109 Mon Sep 17 00:00:00 2001
From: Bojan Hartmann <bogie@bawki.de>
Date: Wed, 22 Jan 2020 22:28:03 +0100
Subject: Implemented Nextcloud OAuth2 Hack

Fixed: OAuth2 authentication via Nextcloud(tested Nextcloud 17.0.2-18.0.0)
Todo: actually use the profile data: Fullname and Email in Profile
---
 docker-compose.yml | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

(limited to 'docker-compose.yml')

diff --git a/docker-compose.yml b/docker-compose.yml
index 6f52a2fb..57ccaeea 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -342,6 +342,31 @@ services:
       # Tthe claim name you want to map to the email field:
       #- OAUTH2_EMAIL_MAP=email
       #-----------------------------------------------------------------
+      # ==== OAUTH2 Nextcloud ====
+      # 1) Register the application with Nextcloud: https://your.nextcloud/settings/admin/security
+      #    Make sure you capture the application ID as well as generate a secret key.
+      # 2) Configure the environment variables. This differs slightly
+      #     by installation type, but make sure you have the following:
+      #- OAUTH2_ENABLED=true
+      # OAuth2 login style: popup or redirect.
+      #- OAUTH2_LOGIN_STYLE=redirect
+      # Application GUID captured during app registration:
+      #- OAUTH2_CLIENT_ID=xxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx
+      # Secret key generated during app registration:
+      #- OAUTH2_SECRET=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
+      #- OAUTH2_SERVER_URL=https://your-nextcloud.tld
+      #- OAUTH2_AUTH_ENDPOINT=/index.php/apps/oauth2/authorize
+      #- OAUTH2_USERINFO_ENDPOINT=/ocs/v2.php/cloud/user?format=json
+      #- OAUTH2_TOKEN_ENDPOINT=/index.php/apps/oauth2/api/v1/token
+      # The claim name you want to map to the unique ID field:
+      #- OAUTH2_ID_MAP=id
+      # The claim name you want to map to the username field:
+      #- OAUTH2_USERNAME_MAP=id
+      # The claim name you want to map to the full name field:
+      #- OAUTH2_FULLNAME_MAP=display-name
+      # Tthe claim name you want to map to the email field:
+      #- OAUTH2_EMAIL_MAP=email
+      #-----------------------------------------------------------------
       # ==== OAUTH2 KEYCLOAK ====
       # https://github.com/wekan/wekan/wiki/Keycloak  <== MAPPING INFO, REQUIRED
       #- OAUTH2_ENABLED=true
-- 
cgit v1.2.3-1-g7c22