Skip to content

feat: fix wrong message Unauthorized to connect to Openproject#1018

Open
Ashim-Stha wants to merge 1 commit into
release/2.11from
unauthorized-bug
Open

feat: fix wrong message Unauthorized to connect to Openproject#1018
Ashim-Stha wants to merge 1 commit into
release/2.11from
unauthorized-bug

Conversation

@Ashim-Stha
Copy link
Copy Markdown
Collaborator

@Ashim-Stha Ashim-Stha commented May 8, 2026
edited
Loading

Description

Problem

On first Nextcloud login, getOIDCToken fetches a valid token, saves token_expires_at, then calls initUserInfo which fails with 401 because the user hasn't SSO'd into OpenProject yet. Since token_expires_at is already saved, all subsequent requests return the cached token and skip getOIDCToken entirely, so initUserInfo is never retried until the token naturally expires (~15 min).

Fix

  • Moved initUserInfo out of getOIDCToken -> getOIDCToken is now only responsible for fetching and returning the token.
  • initUserInfo now takes accessToken directly and calls rawRequest instead of request -> breaking the circular dependency completely.
  • getAccessToken calls initUserInfo on every request (for OIDC) until user_id and user_name are saved -> both in the cached token path and the expired token path

Related Issue or Workpackage

Screenshots (if appropriate):

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Tests only (no source changes)

Checklist:

  • Code changes
  • Unit tests added
  • Acceptance tests added
  • Updated CHANGELOG.md file

@Ashim-Stha Ashim-Stha self-assigned this May 8, 2026
saw-jan
saw-jan reviewed May 11, 2026
View reviewed changes
Comment thread lib/Service/OpenProjectAPIService.php Outdated
@Ashim-Stha Ashim-Stha force-pushed the unauthorized-bug branch 4 times, most recently from b8f4510 to 7c574a1 Compare May 12, 2026 09:13
saw-jan
saw-jan reviewed May 12, 2026
View reviewed changes
Comment thread lib/Service/OpenProjectAPIService.php Outdated
Comment thread lib/Service/OpenProjectAPIService.php Outdated
Comment thread lib/Service/OpenProjectAPIService.php Outdated
Comment thread lib/Service/OpenProjectAPIService.php Outdated
@Ashim-Stha Ashim-Stha force-pushed the unauthorized-bug branch 4 times, most recently from 9276eb7 to d6f2af2 Compare May 13, 2026 05:58
@Ashim-Stha Ashim-Stha requested a review from saw-jan May 13, 2026 06:06
saw-jan
saw-jan reviewed May 14, 2026
View reviewed changes
Comment thread lib/Service/OpenProjectAPIService.php
saw-jan
saw-jan reviewed May 14, 2026
View reviewed changes
Comment thread lib/Service/OpenProjectAPIService.php Outdated
saw-jan
saw-jan reviewed May 14, 2026
View reviewed changes
Comment thread lib/Service/OpenProjectAPIService.php Outdated
@Ashim-Stha Ashim-Stha requested a review from saw-jan May 15, 2026 04:19
@Ashim-Stha Ashim-Stha force-pushed the unauthorized-bug branch 5 times, most recently from 5823afd to abd5d37 Compare May 18, 2026 09:15
@Ashim-Stha
feat: fix wrong message Unauthorized to connect to Openproject
bbed379 
Signed-off-by: Ashim Shrestha <ashimshrestha2384@gmail.com>
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 18, 2026

JS Code Coverage

Coverage after merging unauthorized-bug into release/2.11 will be
91.03%
Coverage Report
FileStmtsBranchesFuncsLinesUncovered Lines
src
   adminSettings.js0%0%0%0%1, 1, 10–19, 2–9
   bootstrap.js0%0%0%0%1, 1, 10–12, 2–9
   dashboard.js0%0%0%0%1, 1, 10–19, 2–9
   fileActions.js0%0%0%0%1, 1, 10–19, 2, 20–23, 3–9
   personalSettings.js0%0%0%0%1, 1, 10–19, 2–9
   projectTab.js0%0%0%0%1, 1, 10–19, 2, 20–29, 3, 30–39, 4, 40–49, 5, 50, 6–9
   reference.js0%0%0%0%1, 1, 10–19, 2, 20–29, 3, 30–39, 4, 40–45, 5–9
   utils.js85.71%62.50%66.67%87.41%12–14, 142–143, 15–20, 23–32
src/api
   endpoints.js100%100%100%100%
   settings.js64.71%100%0%73.33%10–11, 14–15
src/components
   AdminSettings.vue96.33%96.03%95.88%96.41%1005, 1008–1014, 1044–1045, 1049–1050, 1053–1054, 1058–1059, 1069–1074, 1146–1148, 1160–1163, 1176–1178, 1202–1205, 1239–1247, 1304–1306, 1341–1344, 1380–1382, 1402–1405, 724, 835–837, 992–994
   ErrorLabel.vue100%100%100%100%
   OAuthConnectButton.vue91.85%75%100%93.28%64–69, 72–76
   PersonalSettings.vue92.02%95.65%90%91.71%133–134, 144–149, 152–161
src/components/admin
   FieldValue.vue100%100%100%100%
   FormAuthMethod.vue98.12%96.88%100%98.12%222–224, 247–250
   FormHeading.vue100%100%100%100%
   FormOpenProjectHost.vue98.90%95%100%99.35%175–177, 287
   TermsOfServiceUnsigned.vue100%100%100%100%
   TextInput.vue100%100%100%100%
src/components/icons
   ClippyIcon.vue100%100%100%100%
   OpenProjectIcon.vue100%100%100%100%
src/components/settings
   CheckBox.vue100%100%100%100%
   ErrorNote.vue100%100%100%100%
   SettingsTitle.vue96.91%85.71%100%97.67%51–53
src/components/tab
   EmptyContent.vue96.45%80.95%100%98.24%102–105, 107–108, 97
   SearchInput.vue95.31%92.96%94.74%95.78%138–139, 192, 203–208, 267–269, 285–287, 291–296
   WorkPackage.vue86.22%72.50%93.33%87.62%107–116, 129–131, 142–146, 156–158, 176–182, 220, 220–225, 225, 225–236, 81–82
src/constants
   appID.js100%100%100%100%
   links.js100%100%100%100%
   messages.js100%100%100%100%
src/filesPlugin
   filesPlugin.js0%0%0%0%1, 1, 10, 100, 11–19, 2, 20–29, 3, 30–39, 4, 40–49, 5, 50–59, 6, 60–69, 7, 70–79, 8, 80–89, 9, 90–99
   filesPluginLessThan28.js0%0%0%0%1, 1, 10–19, 2, 20–29, 3, 30–39, 4, 40–49, 5, 50–59, 6, 60–69, 7, 70, 8–9
src/utils
   workpackageHelper.js93.80%93.10%88.89%94.24%100–102, 23–27, 54, 54–56, 97–99
src/views
   CreateWorkPackageModal.vue94.18%86.32%90.48%95.43%367–372, 375, 391, 508–511, 516–521, 526–531, 537–540, 543, 559, 559, 600–604, 614–616, 639–640, 648–650, 679–681, 703–705, 714–718
   Dashboard.vue92.96%92.86%82.61%93.77%120–125, 134, 144, 147, 158–160, 214–217, 220–221, 228–232, 67
   LinkMultipleFilesModal.vue99.14%97.56%100%99.32%157–159
   ProjectsTab.vue94.06%92.45%93.33%94.33%100–101, 107–109, 129, 140–141, 175–185, 234–236, 98–99

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 18, 2026

PHP Code Coverage

Coverage after merging unauthorized-bug into release/2.11 will be
67.14%
Coverage Report
FileStmtsBranchesFuncsLinesUncovered Lines
integration_openproject/server/apps/integration_openproject/lib
   Capabilities.php0%100%0%0%24, 31–40
   OIDCClientMapper.php0%100%0%0%29, 40–49, 52
   TokenEventFactory.php100%100%100%100%
integration_openproject/server/apps/integration_openproject/lib/AppInfo
   Application.php36.59%100%50%35.53%105–107, 110–114, 116–121, 123–124, 127, 132–133, 135–138, 140, 142, 144, 148–151, 153–164, 166, 169, 173, 177–179, 212
integration_openproject/server/apps/integration_openproject/lib/BackgroundJob
   RemoveExpiredDirectUploadTokens.php0%100%0%0%28, 30–32, 41–42
integration_openproject/server/apps/integration_openproject/lib/Controller
   ConfigController.php75.12%100%64.71%75.56%114, 151–152, 154, 156–158, 160–163, 166–167, 169, 194, 198–200, 442–444, 446–448, 497, 541–543, 577–581, 592, 606–609, 617, 621–624, 660, 663–678, 695–700, 702–703, 705–707, 710, 712–728, 742–745, 747–751
   DirectDownloadController.php0%100%0%0%33–35, 50–52, 54–61
   DirectUploadController.php71.03%100%100%70.21%117–119, 162–164, 175, 179–182, 184, 194, 201, 217–219, 221–222, 225–230, 233, 235, 245–247, 253–255, 263–265, 280–282, 301, 306, 312
   FilesController.php86.99%100%83.33%87.18%178–179, 241, 250, 267–270, 275–277, 282–284, 293
   OpenProjectAPIController.php80.51%100%82.35%80.34%107, 146, 193–195, 198–205, 207–211, 213, 232, 257, 322, 372, 392, 439, 464–466, 469–473, 475, 66
   OpenProjectController.php96.45%100%80%96.95%241–245
integration_openproject/server/apps/integration_openproject/lib/Dashboard
   OpenProjectWidget.php0%100%0%0%101, 108–109, 111–116, 118–122, 124–126, 129–140, 61–66, 73, 80, 87, 94
integration_openproject/server/apps/integration_openproject/lib/Exception
   OpenprojectAvatarErrorException.php100%100%100%100%
   OpenprojectErrorException.php100%100%100%100%
   OpenprojectFileNotUploadedException.php100%100%100%100%
   OpenprojectGroupfolderSetupConflictException.php100%100%100%100%
   OpenprojectResponseException.php100%100%100%100%
   OpenprojectUnauthorizedUserException.php0%100%0%0%21
integration_openproject/server/apps/integration_openproject/lib/Listener
   BeforeGroupDeletedListener.php100%100%100%100%
   BeforeNodeInsideOpenProjectGroupfilderChangedListener.php0%100%0%0%46–48, 52–55, 57, 59, 62–63, 65, 67–70, 72–75, 77–79
   BeforeUserDeletedListener.php0%100%0%0%30, 37–38, 40–43, 45
   LoadAdditionalScriptsListener.php0%100%0%0%37–38, 46–47, 49, 51–52, 54
   LoadSidebarScript.php65.91%100%100%64.29%105, 77–88, 95, 98
   OpenProjectReferenceListener.php0%100%0%0%45–47, 54–55, 57, 59–60, 62–74
   TermsOfServiceEventListener.php0%100%0%0%41–42, 47–48, 50–51, 53–55, 58–62
   UserChangedListener.php0%100%0%0%34, 41–42, 45–50, 53
integration_openproject/server/apps/integration_openproject/lib/Migration
   Version2001Date20221213083550.php0%100%0%0%30, 40–48, 50–58, 60–62, 64
   Version20100Date20250820101358.php0%100%0%0%38, 47–53, 56
   Version2310Date20230116153411.php0%100%0%0%29, 32–35, 37–62, 64–65, 67
   Version2400Date20230504144300.php0%100%0%0%30, 40–43
   Version2640Date20240628114301.php0%100%0%0%35, 47–49, 52–53, 56
   Version2900Date20250718065820.php0%100%0%0%22, 33–36, 38–39, 41–42, 45
integration_openproject/server/apps/integration_openproject/lib/Reference
   WorkPackageReferenceProvider.php51.67%100%25%58.33%100–101, 104, 108, 142, 150–151, 159, 37, 44, 51, 58–60, 87, 93–96, 99
integration_openproject/server/apps/integration_openproject/lib/Search
   OpenProjectSearchProvider.php0%100%0%0%100–102, 104–106, 109–110, 112–113, 116–125, 127–131, 52–55, 62, 69, 77, 79, 82, 89–90, 93–97, 99
   OpenProjectSearchResultEntry.php100%100%100%100%
integration_openproject/server/apps/integration_openproject/lib/Service
   DatabaseService.php42.31%100%60%40.43%108–112, 114, 63–76, 78–85
   DirectDownloadService.php88.46%100%100%87.50%62–63, 65
   DirectUploadService.php42.86%100%66.67%40%101, 62–65, 67–75, 95
   OauthService.php0%100%0%0%100–101, 40–42, 51–58, 60–66, 75–83, 94–99
   OpenProjectAPIService.php75.68%100%78.87%75.42%1006–1007, 1009,

@Ashim-Stha Ashim-Stha changed the title feat: fix wrong message Unauthorized to connect to Openproject feat: fix wrong message Unauthorized to connect to Openproject May 19, 2026
@Ashim-Stha Ashim-Stha marked this pull request as ready for review May 19, 2026 04:05
@Ashim-Stha Ashim-Stha requested a review from julien-nc as a code owner May 19, 2026 04:05
saw-jan
saw-jan reviewed May 19, 2026
View reviewed changes
Comment thread lib/Service/OpenProjectAPIService.php
Comment on lines +1750 to +1752
if ($authMethod === SettingsService::AUTH_METHOD_OIDC) {
$this->initUserInfo($userId, $token);
}
Copy link
Copy Markdown
Collaborator

@saw-jan saw-jan May 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

need test

Comment thread lib/Service/OpenProjectAPIService.php
Comment on lines +1787 to +1789
if ($token) {
$this->initUserInfo($userId, $token);
}
Copy link
Copy Markdown
Collaborator

@saw-jan saw-jan May 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

need test

Comment thread lib/Service/OpenProjectAPIService.php
*/
public function initUserInfo(string $userId): array {
$info = $this->request($userId, '/users/me');
public function initUserInfo(string $userId, string $accessToken): array {
Copy link
Copy Markdown
Collaborator

@saw-jan saw-jan May 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

need test

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@saw-jan saw-jan saw-jan left review comments

@julien-nc julien-nc Awaiting requested review from julien-nc julien-nc is a code owner

@individual-it individual-it Awaiting requested review from individual-it individual-it is a code owner

@ba1ash ba1ash Awaiting requested review from ba1ash ba1ash is a code owner

@dominic-braeunlein dominic-braeunlein Awaiting requested review from dominic-braeunlein dominic-braeunlein is a code owner

@Kharonus Kharonus Awaiting requested review from Kharonus Kharonus is a code owner

@lindenthal lindenthal Awaiting requested review from lindenthal lindenthal is a code owner

@nabim777 nabim777 Awaiting requested review from nabim777 nabim777 is a code owner

@psatyal psatyal Awaiting requested review from psatyal psatyal is a code owner

@wielinde wielinde Awaiting requested review from wielinde wielinde is a code owner

@NobodysNightmare NobodysNightmare Awaiting requested review from NobodysNightmare NobodysNightmare is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

@Ashim-Stha Ashim-Stha

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Ashim-Stha @saw-jan