Not compatible with Yunohost 12.0

[gabrielcossette]

Describe the bug

Can't sign in when installed in a fresh Yunohost 12.0 (released in November 2024).

Context

• Hardware: Virtual machine in Proxmox
• YunoHost version: 12.0
• I have access to my server: SSH + webadmin
• Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: no
• Using, or trying to install package version/branch: master

Steps to reproduce

1. Install Grist
2. Go to URL and try to sign-in (Yunohost authentication will pop-up)
3. Error appears

Logs

As error was not in the installation but rather in the usage of the app, let me know if I can share some log to help you.

---

Yunohost 12.0 made some changes to SSO and they mention this:

Specifically, the rework of the SSO might have broken some apps relying on “Basic Auth” and may need some ironing on our side. If you see any anormal authentication issues, please make us know!

See this release announcement.

I suspect some type of change in the app or Yunohost is needed.

[fflorent]

It was reported (by me here but elsewhere too) and should have been fixed since last week: YunoHost/yunohost#1981

However, I have checked the headers passed to Grist, and indeed there is no email (I can only see ynh_user):

Nov 04 08:59:50 ynh-dev.local run.sh[4300]: 2024-11-04 08:59:50.641 - error: req.headers = {
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   host: 'grist.local',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   'x-real-ip': '<REDACTED>',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   'x-forwarded-proto': 'https',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   'x-forwarded-for': '<REDACTED>',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   'x-forwarded-host': 'grist.local',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   connection: 'upgrade',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   'user-agent': '<REDACTED>',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   accept: 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   'accept-language': 'fr,fr-FR;q=0.8,en-US;q=0.5,en;q=0.3',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   'accept-encoding': 'gzip, deflate, br, zstd',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   referer: 'https://grist.local/o/docs/',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   'upgrade-insecure-requests': '1',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   'sec-fetch-dest': 'document',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   'sec-fetch-mode': 'navigate',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   'sec-fetch-site': 'same-origin',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   priority: 'u=0, i',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   pragma: 'no-cache',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   'cache-control': 'no-cache',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   cookie: '<REDACTED>',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   ynh_user: 'florent',
Nov 04 08:59:50 ynh-dev.local run.sh[4300]:   authorization: '<REDACTED>'
Nov 04 08:59:50 ynh-dev.local run.sh[4300]: }

I use ynh-dev, and what surprises me is that the version of SSOWat I use is 12.0.3+202410312130, and based on the date mentioned the version should contain the fix.

@Josue-T According to your doc, it seems like there is no particular steps to follow to have the ynh_user_email header included. Am I missing something? Thanks in advance 🙏

[fflorent]

OK, when we upgrade ssowat, we now can see the ynh_user_email header. I am doing a fix.