Solved OIDC sociallogin bug

group_vars/all/07_applications.yml

@@ -252,7 +252,7 @@ defaults_applications:
       # Available options: oidc_login, sociallogin
       # @see https://apps.nextcloud.com/apps/oidc_login
       # @see https://apps.nextcloud.com/apps/sociallogin
-      flavor:               "oidc_login"                          # Keeping on sociallogin because the other option is not implemented yet                                             
+      flavor:               "sociallogin"                          # Keeping on sociallogin because the other option is not implemented yet                                             
     force_import:           False                                 # Forces the import of the LDIF files
     database:
       central_storage:      True

roles/docker-nextcloud/README.md

@@ -94,6 +94,11 @@ docker-compose exec -it -u www-data application /var/www/html/occ
 ```
 ### User Administration 
 
+#### Create user via CLI
+```bash
+docker compose exec -it -u www-data application php occ user:add {{username}}
+```
+
 #### Make user admin via cli
 ```bash
 docker compose exec -it -u www-data application php occ group:adduser admin {{username}}

roles/docker-nextcloud/tasks/sociallogin.yml

@@ -3,7 +3,7 @@
 - name: Flush all handlers immediately so that occ can be used
   meta: flush_handlers
 
-- name: enable oidc_login plugin
+- name: disable oidc_login plugin
   command: "docker exec -u www-data {{nextcloud_application_container_name}} {{nextcloud_docker_path}}occ app:disable oidc_login"
   ignore_errors: true
   when: 
@@ -22,6 +22,7 @@
 
 - name: Configure Sociallogin
   loop: "{{ nextcloud_sociallogin_configuration}}"
+  # The | to_json function is necessary to escape custom_providers correct.
   command: >
     docker exec -u www-data {{ nextcloud_application_container_name }}
-    php occ config:app:set {{ item.appid }} {{ item.configkey }} --value "{{ item.configvalue }}"
+    php occ config:app:set {{ item.appid }} {{ item.configkey }} --value '{{ item.configvalue | to_json if item.configvalue is mapping else item.configvalue }}'

roles/docker-nextcloud/templates/oidc.config.php.j2

@@ -14,7 +14,7 @@ return array (
     'oidc_login_client_secret' => '{{oidc.client.secret}}',
 
     // Automatically redirect the login page to the provider
-    'oidc_login_auto_redirect' => false,
+    'oidc_login_auto_redirect' => true,
 
     // Redirect to this page after logging out the user
     'oidc_login_logout_url' => 'https://{{domains[application_id]}}',
@@ -23,7 +23,7 @@ return array (
     // logout endpoint of the OIDC provider after logout
     // in Nextcloud. After successfull logout the OIDC
     // provider will redirect back to 'oidc_login_logout_url' (MUST be set).
-    'oidc_login_end_session_redirect' => false,
+    'oidc_login_end_session_redirect' => true,
 
     // Quota to assign if no quota is specified in the OIDC response (bytes)
     //
@@ -38,7 +38,7 @@ return array (
     'oidc_login_hide_password_form' => true,
 
     // Use ID Token instead of UserInfo
-    'oidc_login_use_id_token' => false,
+    'oidc_login_use_id_token' => true,
 
     // Attribute map for OIDC response. Available keys are:
     //   * id:           Unique identifier for username