Nextcloud Sovereign Workplace (Phoenix) integration

Implemented features

Address book search
Central navigation
Unified style

Requirements

Required OIDC connection with user_oidc to be setup

OIDC token handling

During login the access_token and refresh token are passed by the user_oidc app to the integration_swp app through a dispatched event. integration_swp will request a fresh token and regularly refresh it with the refresh token that was initially provided by the OpenID Connect login.

Configuration:

OpenXChange

Configure OpenXChange base URL (to contact its API):

occ config:app:set integration_swp ox-baseurl --value="https://my.ox.instance"

Set a webmail url (will override the mailto: links click and open them in a new tab):

occ config:app:set integration_swp webmail-url --value="https://my.ox.instance/webmail"

Set the webmail tab name (target):

occ config:app:set integration_swp webmail-tabname --value="swp-webmail"

Set the cache duration for OX contact search requests (default: 600, 10 minutes):

occ config:app:set integration_swp cache-ttl-contacts --value="12"

Central menu

Set the portal URL (will add an entry in the central menu):

occ config:app:set integration_swp portal-url --value="https://portal.org"

Set the central menu Json content URL:

occ config:app:set integration_swp navigation-json-url --value="https://my.central/menu.json"

Set the authentication type when requesting the menu json content (basic or bearer, default: basic)

occ config:app:set integration_swp navigation-json-auth-type --value="basic"

Set the shared secret to access the central menu json endpoint. Will be used as a password if basic auth type is "basic". Will be used as bearer token if auth type is "bearer".

occ config:app:set integration_swp navigation-json-api-secret --value="abc123456"

Set the OIDC token attribute which value should be used as username when requesting the central menu json endpoint. (default: "preferred_username") Will be used as username if auth type is basic. Will be used in the X-Ucs-Username HTTP header is auth type is bearer.

occ config:app:set integration_swp navigation-json-username-attribute --value="preferred_username"

Choose which central menu item attribute should be used as target when opening entries. (default: undefined, target will be "_blank")

occ config:app:set integration_swp menu-tabname-attribute --value="myAttr"

Set the menu json content cache duration in seconds (default: 3600, one hour):

occ config:app:set integration_swp cache-navigation-json --value="10"

Unified style

Override the header menu background color to white and the page background color to gray (independently from the accent color set in theming admin settings). This is enabled by default:

occ config:app:set integration_swp override-header-color --value="1"

Set the main content style to square corners and remove the margins. This is enabled by default:

occ config:app:set integration_swp square-corners --value="1"

Set the default user theme (but still allow the users to change it), default value is "light":

occ config:app:set integration_swp default-user-theme --value="THEME"

THEME can be light, dark, light-highcontrast or dark-highcontrast.

Set the top-left logo:

# Do we want to use a custom logo? (1 or 0) Use the theming one if 0.
occ config:app:set integration_swp use-custom-logo --value="1"
# The custom logo image URL (default is the local /img/phoenix_suite_logo-Assets/SVG/phoenix_suite_logo.svg file)
occ config:app:set integration_swp logo-image-url --value="https://logos.org/my/logo.svg"
# CSS properties for the logo image
occ config:app:set integration_swp logo-width --value="63%"
occ config:app:set integration_swp logo-height --value="auto"
# href of the logo link
occ config:app:set integration_swp logo-link-url --value="https://swp.org"
# target of the logo link
occ config:app:set integration_swp logo-link-target --value="_blank"
# title of the logo link
occ config:app:set integration_swp logo-link-title --value="SWP portal"

Configure which activity types should be hidden (comma separated, default is "contacts,calendar,calendar_todo"):

occ config:app:set integration_swp hidden-activities --value="contacts,calendar,calendar_todo"

Local testing

Enable the apps features (theming, central menu, logo override...) even if the user is not connected via user_oidc:

occ config:app:set integration_swp debug_mode --value="1"

You can get the current OIDC token information on this page:

https://my.nextcloud.org/index.php/apps/integration_swp

Even without using SWP Login, the integration with OpenXChange can be tested by manually providing a valid OIDC ID token through app config:

occ config:app:set integration_swp ox-usertoken --value="$OIDC_ID_TOKEN"

Related Projects

social

🎉 Social can be used for work, or to connect to the fediverse!

05 Sep 2018 486

nextcloud-link

Javascript/Typescript client that communicates with Nextcloud's WebDAV and OCS APIs

11 Apr 2018 57

nextcloud-oidc-login

Nextcloud login via a single OpenID Connect 1.0 provider

16 Oct 2019 220

nextcloud-webdav-filepicker

📂 File picker to interact with Nextcloud files

28 Oct 2020 25

nextcloud

Nextcloud OCS and WebDAV API wrapper for Ruby.

24 Nov 2017 17

integration_whiteboard

✏ A whiteboard for Nextcloud, using Spacedeck

28 Dec 2020 54

user_oidc

OIDC connect user backend for Nextcloud

27 Apr 2020 83

nmctheme

MagentaCLOUD theme as app for refactored style system since NC25

24 Jul 2023 0

my_company

Get access to important information about your company

06 Jul 2023 0

notify_push

Update notifications for nextcloud clients

13 Nov 2020 225

related_resources

16 Aug 2022 7

twofactor_totp

🔑 Second factor TOTP (RFC 6238) provider for Nextcloud

04 Jun 2016 287

Android-SingleSignOn

Single sign-on for Nextcloud (Android Library Project)

05 Jun 2014 70

external

🌐 Embed external sites in your Nextcloud

09 Mar 2017 109

nextcloudpi

📦 Build code for NextcloudPi: Raspberry Pi, Odroid, Rock64, Docker, curl installer...

12 Feb 2017 2,380