Seafile API and webdav through SSO


#1

Hi,

We are using seafile with a “Single Sign-On” authentication based on OIDC in keycloak.

It works well to connect to the interface through the client.

But is there a way to reach the differents API endpoint with the bearer token provided by the OIDC provider ( here keycloak but it’s standard token ) ?

For exemple use the bearer directly in the call of the API. Or at least use the bearer in a specific endpoint like api2/auth-token/ to get a seafile token.

edit : same problem and same question about how to use webdav with SSO.

Thanks.


#3

“Not possible” is also an acceptable answer.


#4

Hi,

I’m also intersted in this implementation (API and WebDav through SSO)

We are planning to give access to seafile from a portal on which authentication could be based on Shibboleth / Apache HTTP Remote Host / OIDC, from LemonLdap::NG SSO provider (similar to keycloack)

@daniel.pan @Jonathan,
If we delegate SSO authentication from local Shibboleth SP (one the same machine as Seafile) to Lemonldap SSO (on a central SSO endpoint), could we use WebDav and API ?

Regards,

Gautier


#5

Hi,
@daniel.pan @Jonathan
Could you give us any information on how to use SSO with Webdav and API ?
There may be an option here :


#6

@gauburtin These two features are not implemented yet.


#7

This is a required feature for us. I’m working on an implementation for the 6.3 branch. Any interest in a pull request?

For info, I’m working for the Human Brain Project (an EU Horizon 2020 project) and we’re working on rolling out a collaborative research and teaching platform for neuroscientists. We’ve picked seafile for the shared storage backend, and we’re integrating it with Jupyter Lab, KeyCloak and XWiki. We’re on the CE for now and evaluating whether we will get the pro version.