Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Create sessiontoken.csr #713

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Create sessiontoken.csr #713

wants to merge 1 commit into from

Conversation

vincib
Copy link

@vincib vincib commented Aug 22, 2024

The sessiontoken app, developped by Octopuce for Nextcloud gives an API endpoint to ask for sessiontoken for any user, similar to impersonate, but via an API. It's used to migrate nextcloud accounts massively or to access nextcloud accounts from other apps

The sourcecode is available here

https://octoforge.fr/octopuce/sessiontoken

The sessiontoken app, developped by Octopuce for Nextcloud gives an API endpoint to ask for sessiontoken for any user, similar to impersonate, but via an API.
It's used to migrate nextcloud accounts massively or to access nextcloud accounts from other apps 

Signed-off-by: Benjamin Sonntag <benjamin@octopuce.fr>
@mgallien
Copy link
Contributor

@vincib we are not really sure it would be a good idea to have such an app published in the app store.

The purpose of the app is enabling mass impersonating of users by administrators if I understand it correctly. We are not so sure that has a general interest that would justify having it on the appstore.

What do you think ?
Do you really think it would be of general use ?
We already are not fan of the impersonate app to be honest. The scope of it is smaller but could already be abused.

@vincib
Copy link
Author

vincib commented Aug 30, 2024

Hello Matthieu,

I think about that issue the other way around: having good tools around an application is a good sign that it will be able to serve their user well.

To me, a free software is useful when it has 2 main characteristics:

  • a good documentation
  • a wide ecosystem of tools to handle that software.

Nextcloud, as of today, fit those 2 well!
An example: in 2005, I preferred using mysql over postgresql for this very reason: the documentation was better, and we already had circular replication in MySQL, a lot of tools (phpmyadmin, mysqldump, percona backup, fine-tuning of a lot of internals etc.) that were missing in pgsql at the time.

As of Nextcloud, I don't know how I would be able to serve my users in the Nextcloud without the Impersonate app: the users know I can act on their behalf, and they are glad I can do that, since it means I'll be able to help them.

The sessiontoken app is used in two main cases as of today:

  • To interact with other apps fluently (which means, without asking the user to re-authenticate, a better model UX-wise) like what we did for the visioconference software of the ministry of education in France: their user can use their NC files from their BBB instance without having to authenticate a second time.

  • To migrate users massively from one Nextcloud to another without the need for very skillfull system administrators or ditry hacks

Also, the sessiontoken app creates token in NC the "standard way" so the user can SEE the token in their "security" tab.

I'd just suggest that the end user of a NC instance should KNOW when the impersonate app is installed (maybe in the security tab too?)

Also, final point: if an admin (having ssh access to the NC instance) want to abuse their users, they can always install the impersonate app, whether it is in the app store or not... hiding it from the appstore would not protect anyone from rogue admins...
So, to me, this kind of app clearly have legitimate use and should clearly be in the public appstores, so that anyone can see what's possible for the admins.

Copy link
Contributor

@mgallien mgallien left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@vincib we took some time to think again at the situation.
We would like to suggest that you should feel free to reach to us to discuss improvements to your solution.
You could use our forum https://help.nextcloud.com/
You could reach out via Talk community room https://cloud.nextcloud.com/call/xs25tz5y

We are concerned by this application from a security point of view. Those concerns are not big enough that we will block this app certificate request. We would still ask you to add some disclaimer to your readme giving context that more secure options are also existing.
As I said, we are eager to discuss this in a more direct with you and to resolve any issue.
Let me also remind you that we are organizing a conference very soon that may be interesting for you.
Do you consider joining us ?
https://nextcloud.com/blog/nextcloud-conference-2024/

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants