Login through external OIDC

[thegcat]

There is currently no way to login to accounts that use an external OIDC authentication (currently set up through MAS).

I just tried my luck and clicked the AppleID button while having my homeserver (matrix.fachschaften.org) set up in the appropriate field and was taken through the OIDC flow with our OIDC provider and then MAS on fachschaften.org and then back to Robrix, this seems to result in an unexpected config though as the app crashed after it had received the OIDC/MAS callback and now crashes on start.

(I realize this might not be high on your list, this is just to document the issue, not to complain that it's not working)

[alanpoon]

Thanks for reporting for the issue. I will look into it.

[alanpoon]

You can delete the app_data_dir as per written in the log and try again.
src/app.rs:184:9 - App::handle_startup(): app_data_dir: "/Users/alanpoon/Library/Application Support/org.robius.robrix"

Could you kindly provide the crash log?

[thegcat]

I can't find that line in the Console.app logs, where would I find the Robrix specific logs? I use the pre-compiled macOS version downloaded from Github.

EDIT: I know where the folder is and could remove it, without knowing where the logs you'd be interested in after that are that would be pointless though 😀

[alanpoon]

I can't find that line in the Console.app logs, where would I find the Robrix specific logs? I use the pre-compiled macOS version downloaded from Github.

EDIT: I know where the folder is and could remove it, without knowing where the logs you'd be interested in after that are that would be pointless though 😀

#345 There is no logs for distribution packages.

[kevinaboos]

Thanks for the report! I don't think we've tried MAS yet, though I'm not 100% sure since I mostly just test with the main matrix.org homeserver (which I thought had support for MAS?). Maybe it's an SDK issue; we're a few months behind the latest main branch of matrix-rust-sdk, but will update soon.

You can certainly delete the app data directory and try again, but that doesn't address the core issue. We'll try to test with a MAS provider and see if we can repro this problem.

[thegcat]

I am sorry, my description of the issue might have been misleading. MAS still supports m.login.password authentication, and matrix.org supports this, so no problem there.

We (matrix.fachschaften.org if you want to have a look) use MAS with an external OIDC authentication. From what I understand this is per MSC3824 {"type":"m.login.sso","org.matrix.msc3824.delegated_oidc_compatibility":true}.

[kevinaboos]

I'd like to understand more about this use case, since i don't have a way to test it.

Currently we're just relying on what the matrix-rust-sdk offers for login/auth. Is this a different form of auth that isn't provided by the SDK? Or is this something that requires us to configure how we use the SDK differently?

Basically, I need more info to determine what we're doing wrong or what we need to change in our use of the SDK.