brandon/nextcloud-mcp-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: auto-derive oidc.discovery_url from NEXTCLOUD_HOST
Bump version / Bump version and create changelog for monorepo components (push) Failing after 8s
Details

Browse Source 
When OIDC_DISCOVERY_URL is not explicitly set, the status endpoint now
auto-derives the discovery URL from NEXTCLOUD_HOST using the standard
well-known path. This allows Astrolabe to discover OIDC endpoints
without requiring explicit OIDC configuration.

The oidc block is now included in the status response regardless of
auth mode when a discovery URL is available (explicit or derived),
enabling smoother auth mode transitions.

Closes #1
This commit is contained in:
Brandon
2026-03-29 12:56:50 -06:00
parent 656acc2c1f
commit 92f2d74637
2 changed files with 146 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files
nextcloud_mcp_server/api/management.py
+17 -15
View File
@@ -235,24 +235,26 @@ async def get_server_status(request: Request) -> JSONResponse:
if mode == AuthMode.MULTI_USER_BASIC:
response_data["supports_app_passwords"] = settings.enable_offline_access
# Include OIDC configuration if OAuth is available
# This includes OAuth mode AND hybrid mode (multi_user_basic + offline_access)
# Astrolabe needs OIDC config to discover IdP for OAuth flow in hybrid mode
oauth_provisioning_available = auth_mode == "oauth" or (
mode == AuthMode.MULTI_USER_BASIC and settings.enable_offline_access
)
if oauth_provisioning_available:
# Provide IdP discovery information for NC PHP app
oidc_config = {}
# Include OIDC configuration for client discovery (e.g. Astrolabe PHP app).
# Always attempt to provide oidc.discovery_url so clients can discover the
# IdP regardless of the current auth mode. This enables smoother transitions
# between auth modes and lets Astrolabe pre-discover OIDC endpoints.
oidc_config: dict[str, str] = {}
if settings.oidc_discovery_url:
oidc_config["discovery_url"] = settings.oidc_discovery_url
if settings.oidc_discovery_url:
# Explicit OIDC_DISCOVERY_URL takes precedence
oidc_config["discovery_url"] = settings.oidc_discovery_url
elif settings.nextcloud_host:
# Auto-derive from NEXTCLOUD_HOST — Nextcloud exposes OIDC discovery
# at the standard well-known path when user_oidc is enabled
host = settings.nextcloud_host.rstrip("/")
oidc_config["discovery_url"] = f"{host}/.well-known/openid-configuration"
if settings.oidc_issuer:
oidc_config["issuer"] = settings.oidc_issuer
if settings.oidc_issuer:
oidc_config["issuer"] = settings.oidc_issuer
if oidc_config:
response_data["oidc"] = oidc_config
if oidc_config:
response_data["oidc"] = oidc_config
return JSONResponse(response_data)