github-starred/vikunja
2
0
Fork 0
mirror of https://github.com/go-vikunja/vikunja.git synced 2026-05-05 19:18:16 -05:00
Code Issues 690 Packages Projects Releases 11 Wiki Activity

[GH-ISSUE #411] Seemingly fine OIDC config is complained about as invalid. #6153

New Issue
Closed
opened 2026-04-20 16:45:31 -05:00 by GiteaMirror · 5 comments
GiteaMirror commented 2026-04-20 16:45:31 -05:00
Owner
Copy Link

Originally created by @tecosaur on GitHub (Feb 19, 2025).
Original GitHub issue: https://github.com/go-vikunja/vikunja/issues/411

Description

I'm trying to setup OIDC on a Vikunja instance, and running into an issue. The webpage doesn't show any login button, and logs report It looks like your opened configuration is in the wrong format" However, comparing my format against the docs I cannot see any meaningful difference.

auth:
  local:
    enabled: false
  openid:
    enabled: true
    providers:
    - authurl: https://auth.<mydomain>.net
      clientid: vikunja
      clientsecret:
        file: /run/agenix/vikunja-oidc
      name: Authelia
    redirecturl: https://vikunja.<mydomain>.net/auth/openid/

looking at the sample configuration (https://vikunja.io/docs/openid-example-configurations), but I can't see any difference beyond the ordering of the keys, and my use of the file: attribute (which I believe should be fine since I'm using the dev version).

Any help would be much appreciated.

Vikunja Version

5cea469f8c

vikunja.nix 
{
  lib,
  pkgs,
  fetchFromGitHub,
  stdenvNoCC,
  stdenv,
  nodejs,
  pnpm_9,
  buildGoModule,
  mage,
  writeShellScriptBin,
  nixosTests,
}:

let
  version = "0.25.0-pre.1";
  src = fetchFromGitHub {
    owner = "go-vikunja";
    repo = "vikunja";
    rev = "5cea469f8c7c3c44c15c3fe22f486c30fb384118";
    hash = "sha256-99y4E9LQg2CqYNpnp7jBORTS1M39UPam6/kIJiElJaA=";
  };

  frontend = stdenv.mkDerivation (finalAttrs: {
    pname = "vikunja-frontend";
    inherit version src;

    sourceRoot = "${finalAttrs.src.name}/frontend";

    pnpmDeps = pnpm_9.fetchDeps {
      inherit (finalAttrs) pname version src sourceRoot;
      hash = "sha256-mficIMrZhD6ZGUG+ZdD3Oody50pgN823vyoXb1TThJw=";
    };

    nativeBuildInputs = [
      pkgs.nodejs
      pnpm_9.configHook
    ];

    doCheck = true;

    postBuild = ''
      find node_modules/.pnpm/sass-embedded-linux-*/node_modules/sass-embedded-linux-*/dart-sass/src -name dart -print0 | xargs -I {} -0 patchelf --set-interpreter "$(<$NIX_CC/nix-support/dynamic-linker)" {}
      pnpm run build
    '';

    checkPhase = ''
      pnpm run test:unit --run
    '';

    installPhase = ''
      cp -r dist/ $out
    '';
  });

  # Injects a `t.Skip()` into a given test since there's apparently no other way to skip tests here.
  skipTest =
    lineOffset: testCase: file:
    let
      jumpAndAppend = lib.concatStringsSep ";" (lib.replicate (lineOffset - 1) "n" ++ [ "a" ]);
    in
    ''
      sed -i -e '/${testCase}/{
      ${jumpAndAppend} t.Skip();
      }' ${file}
    '';
in
buildGoModule {
  inherit src version;
  pname = "vikunja";

  nativeBuildInputs =
    let
      fakeGit = writeShellScriptBin "git" ''
        if [[ $@ = "describe --tags --always --abbrev=10" ]]; then
            echo "${version}"
        else
            >&2 echo "Unknown command: $@"
            exit 1
        fi
      '';
    in
    [
      fakeGit
      mage
    ];

  vendorHash = "sha256-Fj45v51nXvSOqbxkcWHJE+kgUQ8w7UGm8YeWqTu1HYM=";

  inherit frontend;

  prePatch = ''
    cp -r ${frontend} frontend/dist
  '';

  postConfigure = ''
    # These tests need internet, so we skip them.
    ${skipTest 1 "TestConvertTrelloToVikunja" "pkg/modules/migration/trello/trello_test.go"}
    ${skipTest 1 "TestConvertTodoistToVikunja" "pkg/modules/migration/todoist/todoist_test.go"}
  '';

  buildPhase = ''
    runHook preBuild

    # Fixes "mkdir /homeless-shelter: permission denied" - "Error: error compiling magefiles" during build
    export HOME=$(mktemp -d)
    mage build:build

    runHook postBuild
  '';

  checkPhase = ''
    mage test:unit
    mage test:integration
  '';

  installPhase = ''
    runHook preInstall
    install -Dt $out/bin vikunja
    runHook postInstall
  '';

  passthru.tests.vikunja = nixosTests.vikunja;
}

Browser and version

No response

Can you reproduce the bug on the Vikunja demo site?

No

Screenshots

No response

Originally created by @tecosaur on GitHub (Feb 19, 2025). Original GitHub issue: https://github.com/go-vikunja/vikunja/issues/411 ### Description I'm trying to setup OIDC on a Vikunja instance, and running into an issue. The webpage doesn't show any login button, and logs report `It looks like your opened configuration is in the wrong format"` However, comparing my format against the docs I cannot see any meaningful difference. ```yaml auth: local: enabled: false openid: enabled: true providers: - authurl: https://auth.<mydomain>.net clientid: vikunja clientsecret: file: /run/agenix/vikunja-oidc name: Authelia redirecturl: https://vikunja.<mydomain>.net/auth/openid/ ``` looking at the sample configuration (https://vikunja.io/docs/openid-example-configurations), but I can't see any difference beyond the ordering of the keys, and my use of the `file:` attribute (which I believe should be fine since I'm using the dev version). Any help would be much appreciated. ### Vikunja Version 5cea469f8c7c3c44c15c3fe22f486c30fb384118 <details> <summary> vikunja.nix </summary> ```nix { lib, pkgs, fetchFromGitHub, stdenvNoCC, stdenv, nodejs, pnpm_9, buildGoModule, mage, writeShellScriptBin, nixosTests, }: let version = "0.25.0-pre.1"; src = fetchFromGitHub { owner = "go-vikunja"; repo = "vikunja"; rev = "5cea469f8c7c3c44c15c3fe22f486c30fb384118"; hash = "sha256-99y4E9LQg2CqYNpnp7jBORTS1M39UPam6/kIJiElJaA="; }; frontend = stdenv.mkDerivation (finalAttrs: { pname = "vikunja-frontend"; inherit version src; sourceRoot = "${finalAttrs.src.name}/frontend"; pnpmDeps = pnpm_9.fetchDeps { inherit (finalAttrs) pname version src sourceRoot; hash = "sha256-mficIMrZhD6ZGUG+ZdD3Oody50pgN823vyoXb1TThJw="; }; nativeBuildInputs = [ pkgs.nodejs pnpm_9.configHook ]; doCheck = true; postBuild = '' find node_modules/.pnpm/sass-embedded-linux-*/node_modules/sass-embedded-linux-*/dart-sass/src -name dart -print0 | xargs -I {} -0 patchelf --set-interpreter "$(<$NIX_CC/nix-support/dynamic-linker)" {} pnpm run build ''; checkPhase = '' pnpm run test:unit --run ''; installPhase = '' cp -r dist/ $out ''; }); # Injects a `t.Skip()` into a given test since there's apparently no other way to skip tests here. skipTest = lineOffset: testCase: file: let jumpAndAppend = lib.concatStringsSep ";" (lib.replicate (lineOffset - 1) "n" ++ [ "a" ]); in '' sed -i -e '/${testCase}/{ ${jumpAndAppend} t.Skip(); }' ${file} ''; in buildGoModule { inherit src version; pname = "vikunja"; nativeBuildInputs = let fakeGit = writeShellScriptBin "git" '' if [[ $@ = "describe --tags --always --abbrev=10" ]]; then echo "${version}" else >&2 echo "Unknown command: $@" exit 1 fi ''; in [ fakeGit mage ]; vendorHash = "sha256-Fj45v51nXvSOqbxkcWHJE+kgUQ8w7UGm8YeWqTu1HYM="; inherit frontend; prePatch = '' cp -r ${frontend} frontend/dist ''; postConfigure = '' # These tests need internet, so we skip them. ${skipTest 1 "TestConvertTrelloToVikunja" "pkg/modules/migration/trello/trello_test.go"} ${skipTest 1 "TestConvertTodoistToVikunja" "pkg/modules/migration/todoist/todoist_test.go"} ''; buildPhase = '' runHook preBuild # Fixes "mkdir /homeless-shelter: permission denied" - "Error: error compiling magefiles" during build export HOME=$(mktemp -d) mage build:build runHook postBuild ''; checkPhase = '' mage test:unit mage test:integration ''; installPhase = '' runHook preInstall install -Dt $out/bin vikunja runHook postInstall ''; passthru.tests.vikunja = nixosTests.vikunja; } ``` </details> ### Browser and version _No response_ ### Can you reproduce the bug on the Vikunja demo site? No ### Screenshots _No response_
GiteaMirror commented 2026-04-20 16:45:32 -05:00
Author
Owner
Copy Link

@kolaente commented on GitHub (Feb 21, 2025):

The format was changed, but not yet released as stable, that's why the docs have not been updated yet. The main change is from a list-based approach to a key-value based one. Your config should look like this:

auth:
  local:
    enabled: false
  openid:
    enabled: true
    providers:
      authelia:
        authurl: https://auth.<mydomain>.net
        clientid: vikunja
        clientsecret:
          file: /run/agenix/vikunja-oidc
        name: Authelia
    redirecturl: https://vikunja.<mydomain>.net/auth/openid/
<!-- gh-comment-id:2675058843 --> @kolaente commented on GitHub (Feb 21, 2025): The format was changed, but not yet released as stable, that's why the docs have not been updated yet. The main change is from a list-based approach to a key-value based one. Your config should look like this: ```yaml auth: local: enabled: false openid: enabled: true providers: authelia: authurl: https://auth.<mydomain>.net clientid: vikunja clientsecret: file: /run/agenix/vikunja-oidc name: Authelia redirecturl: https://vikunja.<mydomain>.net/auth/openid/ ```
GiteaMirror commented 2026-04-20 16:45:33 -05:00
Author
Owner
Copy Link

@tecosaur commented on GitHub (Feb 22, 2025):

Ah, that would explain it. Thanks!

<!-- gh-comment-id:2676030073 --> @tecosaur commented on GitHub (Feb 22, 2025): Ah, that would explain it. Thanks!
GiteaMirror commented 2026-04-20 16:45:34 -05:00
Author
Owner
Copy Link

@subhrapratimde commented on GitHub (Jul 13, 2025):

Facing the same error
Image
config.yml is as follows.

auth:
  local:
    enabled: false
  openid:
    enabled: true
    redirecturl: https://xxxx.yy.zz/auth/openid/
    providers:
      - name: Keycloak
        authurl: https://xxxx.yy.zz/realms/subho/
        logouturl: https://xxxx.yy.zz/realms/subho/protocol/openid-connect/logout
        clientid: vikunja
        clientsecret: r8PoTrbSxxjjkljlkjljlkHl9P6wcXrRysn

Now the login page is like that

Image

My installed version

Image
<!-- gh-comment-id:3067104743 --> @subhrapratimde commented on GitHub (Jul 13, 2025): Facing the same error <img width="1456" height="279" alt="Image" src="https://github.com/user-attachments/assets/bf322b36-aa2e-4445-ad60-ab6f52c3adfe" /> config.yml is as follows. ``` auth: local: enabled: false openid: enabled: true redirecturl: https://xxxx.yy.zz/auth/openid/ providers: - name: Keycloak authurl: https://xxxx.yy.zz/realms/subho/ logouturl: https://xxxx.yy.zz/realms/subho/protocol/openid-connect/logout clientid: vikunja clientsecret: r8PoTrbSxxjjkljlkjljlkHl9P6wcXrRysn ``` Now the login page is like that <img width="1116" height="596" alt="Image" src="https://github.com/user-attachments/assets/07609183-eb26-4d31-aefb-db978e55934f" /> My installed version <img width="677" height="249" alt="Image" src="https://github.com/user-attachments/assets/84135681-11fe-4432-a1a2-d8e6df76be9b" />
GiteaMirror commented 2026-04-20 16:45:34 -05:00
Author
Owner
Copy Link

@kolaente commented on GitHub (Jul 13, 2025):

@subhrapratimde see my earlier comment

<!-- gh-comment-id:3067110790 --> @kolaente commented on GitHub (Jul 13, 2025): @subhrapratimde see my earlier comment
GiteaMirror commented 2026-04-20 16:45:36 -05:00
Author
Owner
Copy Link

@subhrapratimde commented on GitHub (Jul 13, 2025):

@subhrapratimde see my earlier comment

solved by changing config to

auth:
  local:
    enabled: true
  openid:
    enabled: true
    redirecturl: https://xx.yy.zz/auth/openid/
    providers:
      provider1:
        name: Keycloak
        authurl: https://xx.yy.zz/realms/subho
        logouturl: https://xx.yy.zz/realms/subho/protocol/openid-connect/logout
        clientid: vikunja
        clientsecret: r8PoTrbSxxjjkljlkjljlkHl9P6wcXrRysn
        scope: openid profile email
<!-- gh-comment-id:3067113373 --> @subhrapratimde commented on GitHub (Jul 13, 2025): > [@subhrapratimde](https://github.com/subhrapratimde) see my earlier comment solved by changing config to ``` auth: local: enabled: true openid: enabled: true redirecturl: https://xx.yy.zz/auth/openid/ providers: provider1: name: Keycloak authurl: https://xx.yy.zz/realms/subho logouturl: https://xx.yy.zz/realms/subho/protocol/openid-connect/logout clientid: vikunja clientsecret: r8PoTrbSxxjjkljlkjljlkHl9P6wcXrRysn scope: openid profile email ```
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
area/api
area/attachments
area/auth
area/avatars
area/backup-restore
area/caldav
area/calendar-view
area/comments
area/config
area/database
area/desktop
area/docker
area/email
area/favorites
area/filters
area/frontend
area/gantt
area/i18n
area/import-export
area/internal-code
area/kanban
area/labels
area/list-view
area/mobile
area/notifications
area/permissions
area/projects
area/pwa
area/recurring-tasks
area/reminders
area/search
area/shortcuts
area/subtasks
area/sync
area/table-view
area/task-editor
area/task-metadata
area/task-relations
area/teams
area/theming
area/time-tracking
area/typesense
area/views
area/webhooks
bug
changes requested
concern/accessibility
concern/performance
concern/regression
concern/ux
confirmed
db/mysql
dependencies
enhancement
good first issue
help wanted
integration/inbound
integration/outbound
kind/bug
kind/feature
needs reproduction
pull-request
Mirrored from GitHub Pull Request
 question
security
support
upstream issue
waiting for reply
wontfix
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/vikunja#6153
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?