Skip to content

fix: wrong message Unauthorized to connect to Openproject shown with valid SSO connection#1018

Merged
Ashim-Stha merged 5 commits into
release/2.11from
unauthorized-bug
May 26, 2026
Merged

fix: wrong message Unauthorized to connect to Openproject shown with valid SSO connection#1018
Ashim-Stha merged 5 commits into
release/2.11from
unauthorized-bug

Conversation

@Ashim-Stha
Copy link
Copy Markdown
Collaborator

@Ashim-Stha Ashim-Stha commented May 8, 2026
edited
Loading

Description

Problem

On first Nextcloud login, getOIDCToken fetches a valid token, saves token_expires_at, then calls initUserInfo which fails with 401 because the user hasn't SSO'd into OpenProject yet. Since token_expires_at is already saved, all subsequent requests return the cached token and skip getOIDCToken entirely, so initUserInfo is never retried until the token naturally expires (~15 min).

Fix

  • Moved initUserInfo out of getOIDCToken -> getOIDCToken is now only responsible for fetching and returning the token.
  • initUserInfo now takes accessToken directly and calls rawRequest instead of request -> breaking the circular dependency completely.
  • getAccessToken calls initUserInfo on every request (for OIDC) until user_id and user_name are saved -> both in the cached token path and the expired token path

Related Issue or Workpackage

Screenshots (if appropriate):

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Updated CHANGELOG.md file

@Ashim-Stha Ashim-Stha self-assigned this May 8, 2026
saw-jan
saw-jan reviewed May 11, 2026
View reviewed changes
Comment thread lib/Service/OpenProjectAPIService.php Outdated
@Ashim-Stha Ashim-Stha force-pushed the unauthorized-bug branch 4 times, most recently from b8f4510 to 7c574a1 Compare May 12, 2026 09:13
saw-jan
saw-jan reviewed May 12, 2026
View reviewed changes
Comment thread lib/Service/OpenProjectAPIService.php Outdated
Comment thread lib/Service/OpenProjectAPIService.php Outdated
Comment thread lib/Service/OpenProjectAPIService.php Outdated
Comment thread lib/Service/OpenProjectAPIService.php Outdated
@Ashim-Stha Ashim-Stha force-pushed the unauthorized-bug branch 4 times, most recently from 9276eb7 to d6f2af2 Compare May 13, 2026 05:58
@Ashim-Stha Ashim-Stha requested a review from saw-jan May 13, 2026 06:06
saw-jan
saw-jan reviewed May 14, 2026
View reviewed changes
Comment thread lib/Service/OpenProjectAPIService.php
saw-jan
saw-jan reviewed May 14, 2026
View reviewed changes
Comment thread lib/Service/OpenProjectAPIService.php Outdated
saw-jan
saw-jan reviewed May 14, 2026
View reviewed changes
Comment thread lib/Service/OpenProjectAPIService.php Outdated
@Ashim-Stha Ashim-Stha requested a review from saw-jan May 15, 2026 04:19
@Ashim-Stha Ashim-Stha force-pushed the unauthorized-bug branch 6 times, most recently from abd5d37 to bbed379 Compare May 18, 2026 09:17
@Ashim-Stha Ashim-Stha changed the title feat: fix wrong message Unauthorized to connect to Openproject feat: fix wrong message Unauthorized to connect to Openproject May 19, 2026
@Ashim-Stha Ashim-Stha marked this pull request as ready for review May 19, 2026 04:05
Ashim-Stha added 2 commits May 25, 2026 17:34
@Ashim-Stha
test: add php unit test for initUserInfo
1daa01d 
Signed-off-by: Ashim Shrestha <ashimshrestha2384@gmail.com>
@Ashim-Stha
chore: update changelog
0d45a98 
Signed-off-by: Ashim Shrestha <ashimshrestha2384@gmail.com>
@Ashim-Stha Ashim-Stha force-pushed the unauthorized-bug branch 5 times, most recently from ac10f26 to 00bef04 Compare May 26, 2026 07:11
Copilot AI reviewed May 26, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 4 out of 4 changed files in this pull request and generated 3 comments.

Comment thread tests/lib/Service/OpenProjectAPIServiceTest.php
Comment thread lib/Service/OpenProjectAPIService.php
Comment thread lib/Service/OpenProjectAPIService.php
nabim777
nabim777 reviewed May 26, 2026
View reviewed changes
Comment thread tests/lib/Service/OpenProjectAPIServiceTest.php Outdated
nabim777
nabim777 reviewed May 26, 2026
View reviewed changes
Comment thread tests/lib/Service/OpenProjectAPIServiceTest.php Outdated
@Ashim-Stha Ashim-Stha force-pushed the unauthorized-bug branch 2 times, most recently from 57dce7a to e98a30d Compare May 26, 2026 09:37
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 26, 2026

JS Code Coverage

Coverage after merging unauthorized-bug into release/2.11 will be
91.03%
Coverage Report
FileStmtsBranchesFuncsLinesUncovered Lines
src
   adminSettings.js0%0%0%0%1, 1, 10–19, 2–9
   bootstrap.js0%0%0%0%1, 1, 10–12, 2–9
   dashboard.js0%0%0%0%1, 1, 10–19, 2–9
   fileActions.js0%0%0%0%1, 1, 10–19, 2, 20–23, 3–9
   personalSettings.js0%0%0%0%1, 1, 10–19, 2–9
   projectTab.js0%0%0%0%1, 1, 10–19, 2, 20–29, 3, 30–39, 4, 40–49, 5, 50, 6–9
   reference.js0%0%0%0%1, 1, 10–19, 2, 20–29, 3, 30–39, 4, 40–45, 5–9
   utils.js85.71%62.50%66.67%87.41%12–14, 142–143, 15–20, 23–32
src/api
   endpoints.js100%100%100%100%
   settings.js64.71%100%0%73.33%10–11, 14–15
src/components
   AdminSettings.vue96.33%96.03%95.88%96.41%1005, 1008–1014, 1044–1045, 1049–1050, 1053–1054, 1058–1059, 1069–1074, 1146–1148, 1160–1163, 1176–1178, 1202–1205, 1239–1247, 1304–1306, 1341–1344, 1380–1382, 1402–1405, 724, 835–837, 992–994
   ErrorLabel.vue100%100%100%100%
   OAuthConnectButton.vue91.85%75%100%93.28%64–69, 72–76
   PersonalSettings.vue92.02%95.65%90%91.71%133–134, 144–149, 152–161
src/components/admin
   FieldValue.vue100%100%100%100%
   FormAuthMethod.vue98.12%96.88%100%98.12%222–224, 247–250
   FormHeading.vue100%100%100%100%
   FormOpenProjectHost.vue98.90%95%100%99.35%175–177, 287
   TermsOfServiceUnsigned.vue100%100%100%100%
   TextInput.vue100%100%100%100%
src/components/icons
   ClippyIcon.vue100%100%100%100%
   OpenProjectIcon.vue100%100%100%100%
src/components/settings
   CheckBox.vue100%100%100%100%
   ErrorNote.vue100%100%100%100%
   SettingsTitle.vue96.91%85.71%100%97.67%51–53
src/components/tab
   EmptyContent.vue96.45%80.95%100%98.24%102–105, 107–108, 97
   SearchInput.vue95.31%92.96%94.74%95.78%138–139, 192, 203–208, 267–269, 285–287, 291–296
   WorkPackage.vue86.22%72.50%93.33%87.62%107–116, 129–131, 142–146, 156–158, 176–182, 220, 220–225, 225, 225–236, 81–82
src/constants
   appID.js100%100%100%100%
   links.js100%100%100%100%
   messages.js100%100%100%100%
src/filesPlugin
   filesPlugin.js0%0%0%0%1, 1, 10, 100, 11–19, 2, 20–29, 3, 30–39, 4, 40–49, 5, 50–59, 6, 60–69, 7, 70–79, 8, 80–89, 9, 90–99
   filesPluginLessThan28.js0%0%0%0%1, 1, 10–19, 2, 20–29, 3, 30–39, 4, 40–49, 5, 50–59, 6, 60–69, 7, 70, 8–9
src/utils
   workpackageHelper.js93.80%93.10%88.89%94.24%100–102, 23–27, 54, 54–56, 97–99
src/views
   CreateWorkPackageModal.vue94.18%86.32%90.48%95.43%367–372, 375, 391, 508–511, 516–521, 526–531, 537–540, 543, 559, 559, 600–604, 614–616, 639–640, 648–650, 679–681, 703–705, 714–718
   Dashboard.vue92.96%92.86%82.61%93.77%120–125, 134, 144, 147, 158–160, 214–217, 220–221, 228–232, 67
   LinkMultipleFilesModal.vue99.14%97.56%100%99.32%157–159
   ProjectsTab.vue94.06%92.45%93.33%94.33%100–101, 107–109, 129, 140–141, 175–185, 234–236, 98–99

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 26, 2026

PHP Code Coverage

Coverage after merging unauthorized-bug into release/2.11 will be
67.43%
Coverage Report
FileStmtsBranchesFuncsLinesUncovered Lines
integration_openproject/server/apps/integration_openproject/lib
   Capabilities.php0%100%0%0%24, 31–40
   OIDCClientMapper.php0%100%0%0%29, 40–49, 52
   TokenEventFactory.php100%100%100%100%
integration_openproject/server/apps/integration_openproject/lib/AppInfo
   Application.php36.59%100%50%35.53%105–107, 110–114, 116–121, 123–124, 127, 132–133, 135–138, 140, 142, 144, 148–151, 153–164, 166, 169, 173, 177–179, 212
integration_openproject/server/apps/integration_openproject/lib/BackgroundJob
   RemoveExpiredDirectUploadTokens.php0%100%0%0%28, 30–32, 41–42
integration_openproject/server/apps/integration_openproject/lib/Controller
   ConfigController.php75.12%100%64.71%75.56%114, 151–152, 154, 156–158, 160–163, 166–167, 169, 194, 198–200, 442–444, 446–448, 497, 541–543, 577–581, 592, 606–609, 617, 621–624, 660, 663–678, 695–700, 702–703, 705–707, 710, 712–728, 742–745, 747–751
   DirectDownloadController.php0%100%0%0%33–35, 50–52, 54–61
   DirectUploadController.php71.03%100%100%70.21%117–119, 162–164, 175, 179–182, 184, 194, 201, 217–219, 221–222, 225–230, 233, 235, 245–247, 253–255, 263–265, 280–282, 301, 306, 312
   FilesController.php86.99%100%83.33%87.18%178–179, 241, 250, 267–270, 275–277, 282–284, 293
   OpenProjectAPIController.php80.51%100%82.35%80.34%107, 146, 193–195, 198–205, 207–211, 213, 232, 257, 322, 372, 392, 439, 464–466, 469–473, 475, 66
   OpenProjectController.php96.45%100%80%96.95%241–245
integration_openproject/server/apps/integration_openproject/lib/Dashboard
   OpenProjectWidget.php0%100%0%0%101, 108–109, 111–116, 118–122, 124–126, 129–140, 61–66, 73, 80, 87, 94
integration_openproject/server/apps/integration_openproject/lib/Exception
   OpenprojectAvatarErrorException.php100%100%100%100%
   OpenprojectErrorException.php100%100%100%100%
   OpenprojectFileNotUploadedException.php100%100%100%100%
   OpenprojectGroupfolderSetupConflictException.php100%100%100%100%
   OpenprojectResponseException.php100%100%100%100%
   OpenprojectUnauthorizedUserException.php0%100%0%0%21
integration_openproject/server/apps/integration_openproject/lib/Listener
   BeforeGroupDeletedListener.php100%100%100%100%
   BeforeNodeInsideOpenProjectGroupfilderChangedListener.php0%100%0%0%46–48, 52–55, 57, 59, 62–63, 65, 67–70, 72–75, 77–79
   BeforeUserDeletedListener.php0%100%0%0%30, 37–38, 40–43, 45
   LoadAdditionalScriptsListener.php0%100%0%0%37–38, 46–47, 49, 51–52, 54
   LoadSidebarScript.php65.91%100%100%64.29%105, 77–88, 95, 98
   OpenProjectReferenceListener.php0%100%0%0%45–47, 54–55, 57, 59–60, 62–74
   TermsOfServiceEventListener.php0%100%0%0%41–42, 47–48, 50–51, 53–55, 58–62
   UserChangedListener.php0%100%0%0%34, 41–42, 45–50, 53
integration_openproject/server/apps/integration_openproject/lib/Migration
   Version2001Date20221213083550.php0%100%0%0%30, 40–48, 50–58, 60–62, 64
   Version20100Date20250820101358.php0%100%0%0%38, 47–53, 56
   Version2310Date20230116153411.php0%100%0%0%29, 32–35, 37–62, 64–65, 67
   Version2400Date20230504144300.php0%100%0%0%30, 40–43
   Version2640Date20240628114301.php0%100%0%0%35, 47–49, 52–53, 56
   Version2900Date20250718065820.php0%100%0%0%22, 33–36, 38–39, 41–42, 45
integration_openproject/server/apps/integration_openproject/lib/Reference
   WorkPackageReferenceProvider.php51.67%100%25%58.33%100–101, 104, 108, 142, 150–151, 159, 37, 44, 51, 58–60, 87, 93–96, 99
integration_openproject/server/apps/integration_openproject/lib/Search
   OpenProjectSearchProvider.php0%100%0%0%100–102, 104–106, 109–110, 112–113, 116–125, 127–131, 52–55, 62, 69, 77, 79, 82, 89–90, 93–97, 99
   OpenProjectSearchResultEntry.php100%100%100%100%
integration_openproject/server/apps/integration_openproject/lib/Service
   DatabaseService.php42.31%100%60%40.43%108–112, 114, 63–76, 78–85
   DirectDownloadService.php88.46%100%100%87.50%62–63, 65
   DirectUploadService.php42.86%100%66.67%40%101, 62–65, 67–75, 95
   OauthService.php0%100%0%0%100–101, 40–42, 51–58, 60–66, 75–83, 94–99
   OpenProjectAPIService.php76.48%100%78.87%76.29%1006–1007, 1009,

@Ashim-Stha Ashim-Stha requested a review from nabim777 May 26, 2026 09:41
saw-jan
saw-jan reviewed May 26, 2026
View reviewed changes
Comment thread tests/lib/Service/OpenProjectAPIServiceTest.php Outdated
saw-jan
saw-jan reviewed May 26, 2026
View reviewed changes
Comment thread tests/lib/Service/OpenProjectAPIServiceTest.php
saw-jan
saw-jan reviewed May 26, 2026
View reviewed changes
Comment thread CHANGELOG.md Outdated
@Ashim-Stha
address reviews
677426b 
Signed-off-by: Ashim Shrestha <ashimshrestha2384@gmail.com>
@Ashim-Stha Ashim-Stha changed the title feat: fix wrong message Unauthorized to connect to Openproject feat: fix wrong message Unauthorized to connect to Openproject shown with valid SSO connection May 26, 2026
@Ashim-Stha Ashim-Stha requested a review from saw-jan May 26, 2026 11:27
@saw-jan saw-jan changed the title feat: fix wrong message Unauthorized to connect to Openproject shown with valid SSO connection fix: wrong message Unauthorized to connect to Openproject shown with valid SSO connection May 26, 2026
@Ashim-Stha Ashim-Stha merged commit 5a23b6e into release/2.11 May 26, 2026
1 check passed
@Ashim-Stha Ashim-Stha deleted the unauthorized-bug branch May 26, 2026 11:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@saw-jan saw-jan saw-jan approved these changes

@julien-nc julien-nc Awaiting requested review from julien-nc julien-nc is a code owner

@individual-it individual-it Awaiting requested review from individual-it individual-it is a code owner

@ba1ash ba1ash Awaiting requested review from ba1ash ba1ash is a code owner

@dominic-braeunlein dominic-braeunlein Awaiting requested review from dominic-braeunlein dominic-braeunlein is a code owner

@Kharonus Kharonus Awaiting requested review from Kharonus Kharonus is a code owner

@lindenthal lindenthal Awaiting requested review from lindenthal lindenthal is a code owner

@psatyal psatyal Awaiting requested review from psatyal psatyal is a code owner

@wielinde wielinde Awaiting requested review from wielinde wielinde is a code owner

@NobodysNightmare NobodysNightmare Awaiting requested review from NobodysNightmare NobodysNightmare is a code owner

@nabim777 nabim777 Awaiting requested review from nabim777 nabim777 is a code owner

Assignees

@Ashim-Stha Ashim-Stha

Labels

feedback-requested

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Ashim-Stha @saw-jan @nabim777