User IdP value should be separate from iopUrl

[mirekys]

As of now, the iopUrl config value is used in Authenticate and GetUser responses (https://github.com/pondersource/oc-sciencemesh/blob/main/lib/Controller/RevaController.php#L284) as a value for user's IdP.

This will cause problems with IOP deployments, where auth providers are authorized against OCM metadata,
where auth provider domain could be something different from an URL of IOP service, e.g.:

[http.middlewares.providerauthorizer]
driver = "mentix"
[http.middlewares.providerauthorizer.drivers.mentix]
url = "https://iop.sciencemesh.uni-muenster.de/iop/mentix/cs3"

In such cases, all requests done by oc-sciencemesh users will fail to go through IOP's providerauthorizer middleware with similar error:

2022-07-28 12:37:48.729 ERR src/github/cs3org/reva/internal/http/interceptors/providerauthorizer/providerauthorizer.go:103 > provider not registered in OCM error="error: not found: sciencemesh.cesnet.cz" pid=1 pkg=rhttp traceid=f224f790b9a1012bce739c2e9d63c255

Either the domain of IOP deployments must be the same as domain registered in OCM provider metadata of each site, or we should make user IdP value configurable in this app (e.g. under providerDomain or userIdpUrl).

[michielbdejong]

OK thanks for reporting!
So from what I understand, it would be enough if we add one userIdpUrl OC-10 app config value (similar to the existing iopUrl config value) and then just change getIopUrl in https://github.com/pondersource/oc-sciencemesh/blob/main/lib/Controller/RevaController.php#L284 to something like getUserIdpUrl, right?

[michielbdejong]

And then we should make the same change in https://github.com/pondersource/nc-sciencemesh obviously.

[mrvahedi68]

This may be the cause of issue #16

[Daniel-WWU-IT]

We are running our IOP/Reva under a subdomain (reva.sciebo.de), but would prefer to set our domain (in GOCDB) to just sciebo.de, so such an option certainly makes sense.