Oauth error on seafile community edition

2019-06-17 13:45:35,299 [ERROR] seahub.oauth.views:133 oauth_callback Scope has changed from userinfo.email to “openid userinfo.email”.

could someone please help on the same

When I was setting up OAuth2 recently, I got similar errors when the OAUTH_ATTRIBUTE_MAP parameter in the seahub_settings.py file wasn’t configured properly. I think you should investigate in that direction. Which identity provider do you use and what does your config look like?

here is my cofig

OAUTH_ATTRIBUTE_MAP = {
“email”: (True, “email”),

“id”: (True, “id”),

"name": (True, "name")

}

And which identity provider do you use?

Google oAuth

Have you tried using the settings as described in the manual? (Section “Sample settings for Google”)

OAUTH_ATTRIBUTE_MAP = {
"id": (True, "email"),
"name": (False, "name"),
"email": (False, "contact_email"),
}

I tired but doesnot work

add openid

OAUTH_SCOPE = [
    "openid",
    "https://www.googleapis.com/auth/userinfo.email"
]

I think Google has changed policy.

it worked like a champ, as we have existing id’s alreaday created so changed attibute map as below

reference

OAUTH_ATTRIBUTE_MAP = {
“email”: (True, “email”),
“name”: (False, “name”),
}

I have a prblem after this

I want only my google domain users to have account created, but currently it is allowing any google id

any idea for resolution

same problem: google OAuth works but Seafile accepts any google user account! If there is no such user in Seafile it gets created automatically.
What I need is to have Google/Seafile accept only those users who already have an account.

I had fixed this, nothing to do with seafile. can find from Googleoauth docs

OAUTH_ATTRIBUTE_MAP = {
“email”: (True, “email”),
“name”: (False, “name”),
“hd”: (True, “”),
}

1 Like

thanks for your quick reply, however it doesn’t seem to work for me :frowning_face:
Guess there was a typo in your post and I replaced “hd” with “id”, but it makes no difference and users still get access to Seafile even if they didn’t have been created before.

no hd was correct and works for me