1

Topic: Roundcube oauth2 Authelia Error 404

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): last version 1.6.8
- Deployed with iRedMail Easy or the downloadable installer? Downloadablr installer
- Linux/BSD distribution name and version: Debian 12
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): Mysql
- Web server (Apache or Nginx):Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello I'm testing Iredmail with Roundcube / Sogo, all is ok.
I have my provider Authelia which is ok for other services.
I activate oauth2 in the config.php.inc
I have the login "authelia" in the first windows for login, I choose auhelia and the process is ok but when the process of authentification is finished I have a error 404 nginx (it 's when Authelia send back for the authentfication)
My perception it's a subject with Nginx, but I'm not an expert If you can help me ?
Many thanks and sorry for my poor language (I'm french and not expert)
Fred

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Roundcube oauth2 Authelia Error 404

Roundcube doesn't have oauth2 plugin, iRedMail doesn't ship/integrate one either. So what plugin are we talking about?

3

Re: Roundcube oauth2 Authelia Error 404

Hello
Thanks for your feedback
Roundcube support the oauth2 in "standard" not via plugin.
You can find the parameters in the default.inc.php
I copy past to this parameters below with my parameters in the config.inc.php
If you can help me much appreciate
Fred


----------------------------------
OAuth
----------------------------------

Enable OAuth2 by defining a provider. Use 'generic' here
$config['oauth_provider'] = null;

Provider name to be displayed on the login button
$config['oauth_provider_name'] = 'Google';

Mandatory: OAuth client ID for your Roundcube installation
$config['oauth_client_id'] = null;

Mandatory: OAuth client secret
$config['oauth_client_secret'] = null;

Mandatory: URI for OAuth user authentication (redirect)
$config['oauth_auth_uri'] = null;

Mandatory: Endpoint for OAuth authentication requests (server-to-server)
$config['oauth_token_uri'] = null;

Optional: Endpoint to query user identity if not provided in auth response
$config['oauth_identity_uri'] = null;

Optional: disable SSL certificate check on HTTP requests to OAuth server
$config['oauth_verify_peer'] = true;


Mandatory: OAuth scopes to request (space-separated string)
$config['oauth_scope'] = null;

Optional: additional query parameters to send with login request (hash array)
$config['oauth_auth_parameters'] = [];

Optional: array of field names used to resolve the username within the identity information
$config['oauth_identity_fields'] = null;

Boolean: automatically redirect to OAuth login when opening Roundcube without a valid session
$config['oauth_login_redirect'] = false;

4

Re: Roundcube oauth2 Authelia Error 404

why you want to protect roundcube with oauth, when normal smtp login won't have it?
that is no security improvement at all, roundcube has a fail2ban filter already to prevent brute force and/or dictionary attacks

and 404 means file not found, so you should check logfiles to see which file was requested to be even able to bughunt this