Skip to content

Allow usage of Microsoft graph to lookup guid to group names on EntraID#1379

Open
small1 wants to merge 6 commits intonextcloud:mainfrom
small1:entraid
Open

Allow usage of Microsoft graph to lookup guid to group names on EntraID#1379
small1 wants to merge 6 commits intonextcloud:mainfrom
small1:entraid

Conversation

@small1
Copy link

@small1 small1 commented Mar 16, 2026

This patch will allow to lookup group guid on Microsoft Graph and store that as group name in Nextcloud.

It will only lookup groups if "Fetch group names from Microsoft Graph" is checked. Otherwise it will run as normal.

Code has been tested and works against EntraID

Fixes #640 and #1017

@small1 small1 changed the title Switch to allow usage of Microsoft graph to lookup guid to group names on EntraID Allow usage of Microsoft graph to lookup guid to group names on EntraID Mar 16, 2026
julien-nc
julien-nc requested changes Mar 18, 2026
View reviewed changes
Copy link
Member

@julien-nc julien-nc left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for the PR!

  • I feel like this change is too specific to one provider to justify adding an option in the UI. It would be fine if the flag can only be set via the occ command. Wdyt?
  • Can you rename the new option in the upsert command from entraid to something more explicit like azure-group-names?
  • Can you isolate the 2 change blocks in ProvisioningService.php in new methods to avoid making the getSyncGroupsOfToken one too long and more difficult to read?

@small1
Copy link
Author

small1 commented Mar 18, 2026

Thank you for the PR!

  • I feel like this change is too specific to one provider to justify adding an option in the UI. It would be fine if the flag can only be set via the occ command. Wdyt?
  • Can you rename the new option in the upsert command from entraid to something more explicit like azure-group-names?
  • Can you isolate the 2 change blocks in ProvisioningService.php in new methods to avoid making the getSyncGroupsOfToken one too long and more difficult to read?

In this case it is EntraID so entraid-group-names yes sure (This was developed when the name was Azure AD). And we can remove the ui option. I actually just added the occ command when i submitted this.

The last one i can check. A bit above my development skills Ill make an effort and ask for some assistance on that one.

@julien-nc
Copy link
Member

julien-nc commented Mar 18, 2026

Sure feel free to ask for assistance. Are you asking me?

About my last change request, it would be replacing each of the 2 blocks you inserted in ProvisioningService.php by a call to a method that contains the block. So everything you added would end up in 2 methods of this class and those methods would be called in getSyncGroupsOfToken.

I can make this change (after you've made the other adjustments) if you ask me to.

@small1
Copy link
Author

small1 commented Mar 20, 2026

Sure feel free to ask for assistance. Are you asking me?

About my last change request, it would be replacing each of the 2 blocks you inserted in ProvisioningService.php by a call to a method that contains the block. So everything you added would end up in 2 methods of this class and those methods would be called in getSyncGroupsOfToken.

I can make this change (after you've made the other adjustments) if you ask me to.

I have made changes and tested them. I would appretiate assistance with the method part from you @julien-nc :)

@julien-nc julien-nc force-pushed the entraid branch 2 times, most recently from 697d099 to d545d8e Compare March 20, 2026 12:22
@julien-nc julien-nc self-requested a review March 20, 2026 12:33
@julien-nc
Copy link
Member

julien-nc commented Mar 20, 2026
edited
Loading

@small1 Can you validate the changes i made in ed40f6b ?

small1 and others added 5 commits March 20, 2026 14:19
@small1 @julien-nc
Switch to allow usage of Microsoft graph to lookup group names on Ent…
1d0f9bb 
…ra ID

Signed-off-by: Johan Bernhardsson <johan.bernhardsson@redpill-linpro.com>
@small1 @julien-nc
Small fixes to get patch to latest branch
6fc01a4 
Signed-off-by: Johan Bernhardsson <johan.bernhardsson@redpill-linpro.com>
@small1 @julien-nc
Added occ command and updated Readme
564a792 
Signed-off-by: Johan Bernhardsson <johan.bernhardsson@redpill-linpro.com>
@small1 @julien-nc
Remove web ui setting and rename occ command to --entraid-group-names…
d906c58 
…, update readme

Signed-off-by: Johan Bernhardsson <johan.bernhardsson@redpill-linpro.com>
@julien-nc
isolate azure-specific group logic in 2 methods
ed40f6b 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
@julien-nc
fix: tests
51260f6 
Signed-off-by: Julien Veyssier <julien-nc@posteo.net>
@small1
Copy link
Author

small1 commented Mar 20, 2026

@small1 Can you validate the changes i made in ed40f6b ?

Tested and verified. It works on my system against EntraID. Thank you very much!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@julien-nc julien-nc julien-nc approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Ability to convert group id sent from azure ad to group names

2 participants

@small1 @julien-nc