Nextcloud login not working (not using configured server address)

[jonaskohl]

Issue

I'm trying to add login via Nextcloud to my Tandoor instance. I enabled the Nextcloud provider in my .env file via

SOCIAL_PROVIDERS=allauth.socialaccount.providers.nextcloud

and configured a new Social Application via the Django admin. I added the client ID and secret and added the following text to the Settings input:

{"SERVER": "https://my-redacted-nextcloud-address/"}

But when I click Sign in using Nextcloud and then Continue, I always get redirected to https://nextcloud.example.org/ instead of https://my-redacted-nextcloud-address/. It seems that Tandoor/django-allauth doesn't respect the SERVER field inside the settings as https://nextcloud.example.org/ is the default fallback value. Am I misunderstanding the configuration process or is this a bug?

Tandoor Version

1.5.18

OS Version

Debian 12.6

Setup

Docker / Docker-Compose

Reverse Proxy

Others (please state below)

Other

nginx (Plain old nginx, not nginx proxy manager)

Environment file

SECRET_KEY=#REDACTED
DB_ENGINE=django.db.backends.postgresql
POSTGRES_HOST=db_recipes
POSTGRES_DB=djangodb
POSTGRES_PORT=5432
POSTGRES_USER=djangouser
POSTGRES_PASSWORD=#REDACTED
DEBUG=0
ENABLE_PDF_EXPORT=0
ENABLE_SIGNUP=0
EMAIL_HOST=#REDACTED
EMAIL_PORT=#REDACTED
EMAIL_HOST_USER=#REDACTED
EMAIL_HOST_PASSWORD=#REDACTED
EMAIL_USE_TLS=0
EMAIL_USE_SSL=1
EMAIL_TIMEOUT=5
DEFAULT_FROM_EMAIL=#REDACTED
FORCE_THEME_FROM_SPACE=1
ALLOWED_HOSTS=#REDACTED
SOCIAL_PROVIDERS=allauth.socialaccount.providers.nextcloud

Docker-Compose file

services:
  db_recipes:
    restart: unless-stopped
    image: postgres:16-alpine
    volumes:
      - ./postgresql:/var/lib/postgresql/data
    env_file:
      - ./.env
  web_recipes:
    restart: unless-stopped
    image: vabene1111/recipes
    env_file:
      - ./.env
    volumes:
      - staticfiles:/opt/recipes/staticfiles
      - nginx_config:/opt/recipes/nginx/conf.d
      - ./mediafiles:/opt/recipes/mediafiles
    depends_on:
      - db_recipes
  nginx_recipes:
    image: nginx:mainline-alpine
    restart: unless-stopped
    ports:
      - '127.0.0.1:9980:80'
    env_file:
      - ./.env
    depends_on:
      - web_recipes
    volumes:
      - nginx_config:/etc/nginx/conf.d:ro
      - staticfiles:/static:ro
      - ./mediafiles:/media:ro
volumes:
  nginx_config:
  staticfiles:

Relevant logs

No response

[smilerz]

https://docs.allauth.org/en/latest/socialaccount/providers/nextcloud.html

[jonaskohl]

I also tried putting that config into my .env file like this:

# ...
SOCIALACCOUNT_PROVIDERS='{ "nextcloud": { "APPS": [ { "client_id": "#REDACTED", "secret": "#REDACTED", "settings": { "server": "https://my-redacted-nextcloud-address/", } } ] }}'

But it results in the exact same behavior

[smilerz]

don't enclose it in quotes

[jonaskohl]

I removed the quotes like this:

SOCIALACCOUNT_PROVIDERS={ "nextcloud": { "APPS": [ { "client_id": "#REDACTED", "secret": "#REDACTED", "settings": { "server": "https://my-redacted-nextcloud-address/" } } ] }}

But I still get thrown to nextcloud.example.org

[smilerz]

I removed the quotes like this:

SOCIALACCOUNT_PROVIDERS={ "nextcloud": { "APPS": [ { "client_id": "#REDACTED", "secret": "#REDACTED", "settings": { "server": "https://my-redacted-nextcloud-address/" } } ] }}

But I still get thrown to nextcloud.example.org

and you rebuilt the container after making the change?

[jonaskohl]

Yes, I rebuilt the container with docker compose up -d --force-recreate --build

[smilerz]

can you remove the trailing slash in the url configuration? if that doesn't work I'd suggest joining the discord and see if anyone has a working configuration.

[tomtjes]

This works for me:
SOCIALACCOUNT_PROVIDERS={"nextcloud":{"SERVER":"https://mynextcould.xyz"}}
Maybe this structure is deprecated, as I don't see it in the Allauth docs, but as of Tandoor 1.5.14 it's working well.

[jonaskohl]

This works for me: SOCIALACCOUNT_PROVIDERS={"nextcloud":{"SERVER":"https://mynextcould.xyz"}} Maybe this structure is deprecated, as I don't see it in the Allauth docs, but as of Tandoor 1.5.14 it's working well.

Doing this in addition to configuring the provider inside of the Django admin panel (while leaving the Settings field in that admin panel blank/the default value) finally solves the problem.
However, this does not seem like the intended behaviour. It's at least not the documented behaviour

[tomtjes]

Here's where the new structure was introduced: https://docs.allauth.org/en/latest/release-notes/recent.html#id49

[ftschindler]

This works for me: SOCIALACCOUNT_PROVIDERS={"nextcloud":{"SERVER":"https://mynextcould.xyz"}} Maybe this structure is deprecated, as I don't see it in the Allauth docs, but as of Tandoor 1.5.14 it's working well.

Thx for the tip, using

{"nextcloud":{"SERVER":"_server_","APPS":[{"client_id":"_client_id_","secret":"_secret_"}]}}

worked for me. Next up is figuring out the redirect URL to be entered in Nextcloud...

[tomtjes]

https://tandoor.tld/accounts/nextcloud/login/callback/