This may happen if no group information is shared via OAuth2/OIDC but synchronization of user data is intended by WeKan administration. Without the patch the following exception is raised:
Error in OAuth Server: groups is not iterable
with this fix, Authentication via OAuth2 with Google is possible.
1.) token endpoint and userinfo-endpoint in Google are different, so you have to check that,
2.) request the scopes of the environment variable "process.env.OAUTH2_REQUEST_PERMISSIONS"
with this small little fix the login with google in oauth2-protocol gets possible :-)
I would be very happy about a master-merge
thank you in advance
Trying to configure wekan authenticating against LemonLDAP-NG, I used to read about errors like the following:
```
XXX: getUserInfo response: { sub: 'demoone' }
XXX: userinfo: { sub: 'demoone' }
{"line":"431","file":"oauth.js","message":"Error in OAuth Server: id is not defined","time":{"$date":1556286530412},"level":"warn"}
Exception while invoking method 'login' { stack: 'ReferenceError: id is not defined\n at Object.handleOauthRequest (packages/wekan-oidc.js:39:68)\n at OAuth._requestHandlers.(anonymous function) (packages/oauth2.js:27:31)\n at middleware (packages/oauth.js:203:5)\n at packages/oauth.js:176:5',
source: 'method' }
```
Looking at the sources, that error message seems to be right: we have several references to `id`, `uid`, `displayName` or `email`, which are not defined. Probably a typo, assuming we meant these to be strings.
Applying that patch, I confirm I can finally log in:
```
XXX: getUserInfo response: { sub: 'demoone' }
XXX: userinfo: { sub: 'demoone' }
XXX: serviceData: { id: undefined,
username: undefined,
fullname: undefined,
accessToken: 'e57dc4e9e81cc98c279db3ed08b1c72f',
expiresAt: 1556298699213,
email: undefined }
XXX: profile: { name: undefined, email: undefined }
```
All the credit goes to @pcurie .
