roundcube/dovecot documentation updates

[CodeNameTheOnlyOne]

https://integrations.goauthentik.io/chat-communication-collaboration/roundcube/

not sure if i missed a step or something but i cannot get this to work as is due to the active attribute missing in the request, but dovecot is expecting one, so it considers the response invalid.

i simply hardcoded it in the property mapping like so.

return {
"name": request.user.name,
"given_name": request.user.name,
"family_name": "",
"preferred_username": request.user.username,
"nickname": request.user.username,
"active" : True,
}

there is a better way to do this i am sure but it allowed me to login.

i also had an issue with the refresh token not being included in the request, so roundcube would start throwing errors after 5 min.

i fixed this by adding the offline access scope to the provider in authentik and in the roundcube config requesting the scope , not sure if it needs to be added to dovecot also.

$config['oauth_scope'] = 'email openid dovecotprofile offline_access';

just a few things to update in the documentation to help the next guy, or let me know where i went wrong in the setup.

[dewi-tik]

Thanks for the information @CodeNameTheOnlyOne.

I've created a PR to address these issues: #16753

Can you please have a look through it and confirm that it's accurate, or suggest any further changes that are required. Thanks

[dewi-tik]

@CodeNameTheOnlyOne - If possible, I'd particularly like input on a verification section for the end of the document. See here for an example.

[CodeNameTheOnlyOne]

it looks good.

the verification section can just be to login to roundcube, and verify it logs in and brings up a mailbox, test sending and receiving, and wait for whatever time you have set for your access token under the provider(default 5 min) and verify roundcube does not start throwing errors when it expires.

dovecot can get much more complex then just the barebones setup you have outlined here so its hard to outline a good testing procedure.

another thing that might be of use are the debug flags to diagnose any issues in dovecot/roundcube.

dovecot auth debug flags.

auth_debug=yes
auth_verbose = yes

roundcube debug flags.

$config['debug_level'] = 4;

[dewi-tik]

I've added those to the doc. Thanks @CodeNameTheOnlyOne !