I’m a happy user of Nextcloud (https://nextcloud.com), a private cloud solution, and this weekend I decided to try something I’ve wanted for a while - enabling OIDC WebID login to nextcloud. And got it working, almost out of the box - but had to tweak the nextcloud account creating code a little bit. So here’s a brief howto, for those who might be interested - just be aware it’s not security checked or supported, so be careful and only for testing. This is experimental - at your own risk!
This was tested with Nextcloud 15, Solid 5.0.0 beta 4, and only works for new accounts with Nextcloud auto account creation enabled.
- In Nextcloud, install the Social Login App (https://github.com/zorn-v/nextcloud-social-login)
- Register a new OIDC RP client for nextcloud on your Solid server (https://your.solid.server/register)
- Open the Social Login settings in Nextcloud Admin, add a new Custom OpenID Connect, and enter the clientID and secret you got from the Solid registration service. Fill out the other fields as well - the name must match with the internalname you used for RP registration.
- Then the tricky part - as nextcloud need a valid account name, and the social login app only sees the webID, which includes illegal characters for nextcloud account names, I had to strip those. I’ll show an example below that will strip them and also some other parts of the webID to make it “prettier” - it will transform the webID from https://name.your.solid.server/profile#me to name.your.solid.server. Dirty trick for now, but not quite sure what’s the best way to solve it yet:
— LoginController.php.org 2019-01-13 18:59:41.000000000 +0100
+++ LoginController.php 2019-01-14 19:52:00.471833671 +0100
-$profileId = preg_replace(’#.*/#’, ‘’, rtrim($profile->identifier, ‘/’));
+ $profileId = preg_replace(array (’/https/’,’/[#:/]/’,’/profile/’,’/card/’,’/me/’),’’, rtrim($profile->identifier,
- Now go to your nextcloud server, and click the new OpenID login button. It will redirect to the Solid login prompt (unless you’re already logged into Solid), then redirect back to your nextcloud server, create the new account - and voila, you got a new Solid WebID authorized Nextcloud account
Now this is only useful for the authentication part, it’s not interacting with the Solid Pod storage itself - and it could probably be done in a better way. For example, it might be more useful if you could just “link” your existing account to your webID provider.
Nextcloud 15 also adds support fo decentralized social networks, it’s in alpha stage but it’s interesting to see it coming - I haven’t looked into that part yet, but I wonder if it could be useful to combine it with Solid somehow - for example, by making a solid app for nextcloud, so you could easily share files from your nextcloud server via your Solid Pod. Read more about it here: