LuckyRiver Posted March 30, 2019 Share Posted March 30, 2019 Hi, I'm trying to figure out how to get the grant type Authorization Code working? Attached is a screen shot? I was supposed to see a login screen to enter credentials so it can fire back the redirect url to ask for an access token in the next step but never got one. Has anyone already tried this type of grant type? Note while the grant type Resource Owner Password Credentials works like a charm programmatically but I want the bring the user to the IPS login screen and ask him/her to authorize? I had made sure that the redirect on the IPS Oauth 2 matches with the one I had configured in the client! But for now, I am not at that step yet since I never got to the login screen which is supposed to displayed by IPS, right? I'm testing this in my local environment only! The redirect URI got called, I can see trace in the log. But the main problem is without the login screen which is never displayed, I will not receive any authorization code back? Any input is appreciated! Link to comment Share on other sites More sharing options...
bfarber Posted April 1, 2019 Share Posted April 1, 2019 If you are already logged in and you've already authorized in your (remote) application at least once, you would be redirected back immediately without being prompted to login again. If you go to login through Facebook and you're already logged in there, clicking the "login with Facebook" button typically just immediately sends you back to the site you're already on. Link to comment Share on other sites More sharing options...
LuckyRiver Posted April 1, 2019 Author Share Posted April 1, 2019 Thanks for quick reply. I understand that but I made sure that I was logged out before calling the API. I will double check tonight. One question though. Do I need to toggle ON for Show in Admin Settings to see the authorization screen? As you said I am supposed to see the login screen to enter user and password if I am not logged in, correct? Link to comment Share on other sites More sharing options...
LuckyRiver Posted April 1, 2019 Author Share Posted April 1, 2019 Nope, I have doubled checked and retried, no authorize screen pops up. I have cleared all browser cache still no show. I'm going to stick with password credentials for now so I can go on with development. I've also checked with Postman, no luck. Here is the request sent to the IPS oauth server, the callback URL got called but no code is sent back? Assuming the scope is profile, I joined a response_type=code and sent it to the IPS oauth server along with correct clientid and redirectURI, but in the callback show code getting back as undefined and no authorization screen is displayed. Forum is installed at : localhost/ips login authorizationUri : https://localhost/ips/oauth/authorize/?response_type=code&client_id=<CLIENT_ID>&redirect_uri=<REDIRECT_URI>&scope=profile I think the oauth/authorize is correct web context to send along with response_type=code too, right? Link to comment Share on other sites More sharing options...
Mark Posted April 2, 2019 Share Posted April 2, 2019 So what happens when you try? It redirects you back to the redirect_uri but authorization code is undefined? Is there a value for "error"? Link to comment Share on other sites More sharing options...
LuckyRiver Posted April 2, 2019 Author Share Posted April 2, 2019 Yes no code is sent back so I throw an exception. Console.log displayed undefined. This is weird, I am not logged in at all so the redirect URI shouldn't be called. Unless I am mistaken, I am supposed to see a login screen to login to IPS then authorize to get a code back so I can request it with the secret key to exchange for an access token. In postman I do get an error but not much detail the postman console just logs the word 'Error'. Not sure how to investigate this I am using latest version of IPS. Is there a working code snippet I can use? Link to comment Share on other sites More sharing options...
Mark Posted April 2, 2019 Share Posted April 2, 2019 What is the URL, with the query string, that the user is sent back to? Link to comment Share on other sites More sharing options...
LuckyRiver Posted April 2, 2019 Author Share Posted April 2, 2019 1 hour ago, Mark said: What is the URL, with the query string, that the user is sent back to? I called the url below https://localhost/ips/oauth/authorize/?response_type=code&client_id=<CLIENT_ID>&redirect_uri=<REDIRECT_URI>&scope=profile in IPS oauth config and in code I define a callback URL. Eg: https ://localhost/oauth/callback so I was expecting code return in the redirect url. Don't have query string though? Do I need one? I may miss a step before which is sign the user in before IPS fires back authorization code? If yes, which url to call before authorize step? But authorize should display it, right? Link to comment Share on other sites More sharing options...
bfarber Posted April 2, 2019 Share Posted April 2, 2019 I'm not really seeing looking at the code how you could be getting redirected back to your redirect_uri without any query string parameters included in the URL. The authorize/index.php file is pretty small (only ~14kb) and is easy to look through if you want to take a look. We obviously can't really assist or give you much more information since everything is set up on localhost, but any redirect back to your site should include either the authorization code data, or at least an 'error' parameter. Link to comment Share on other sites More sharing options...
LuckyRiver Posted April 2, 2019 Author Share Posted April 2, 2019 Thanks, I will definitely investigate this issue on a test site. Link to comment Share on other sites More sharing options...
Mark Posted April 2, 2019 Share Posted April 2, 2019 It's literally sending you back to "https ://localhost/oauth/callback"? That can't be right... If you use Postman to send a request to the authorise URL (https://localhost/ips/oauth/authorize/?response_type=code&client_id=<CLIENT_ID>&redirect_uri=<REDIRECT_URI>&scope=profile) without enabling the option to follow redirects, what is the raw (with all the headers) output of that request? Link to comment Share on other sites More sharing options...
LuckyRiver Posted April 3, 2019 Author Share Posted April 3, 2019 I have disabled the auto follow redirect. Not sure how to see the raw? Here is the trace in the main log [8904][1554257175089][main][info]["OAuth2WindowManager~startLoginWith - Opening auth login window","https://localhost/ips/oauth/authorize/?response_type=code&state=&client_id=9a234bc2edb635a3afd6905b7f8e5022&scope=profile&redirect_uri=http%3A%2F%2Flocalhost%2Fips%2Foauth%2Fcallback"] [8904][1554257175261][main][info]["OAuth2WindowManager~startLoginWith - Received redirect on auth login window"] [8904][1554257175367][main][info]["OAuth2WindowManager~startLoginWith - Received redirect on auth login window"] Have not seen anything like a login screen, have also logged off from site. Postman console just displays 2 lines : Invalid request and Error but gave no much detail to debug. Link to comment Share on other sites More sharing options...
Mark Posted April 3, 2019 Share Posted April 3, 2019 Show me a screenshot of Postman. Link to comment Share on other sites More sharing options...
LuckyRiver Posted April 3, 2019 Author Share Posted April 3, 2019 Here you go! Link to comment Share on other sites More sharing options...
LuckyRiver Posted April 4, 2019 Author Share Posted April 4, 2019 On 4/2/2019 at 10:28 PM, Mark said: Show me a screenshot of Postman. Hi Mark, Were you able to reproduce it with Postman? I did test it out of the box by installing a local test version, created the key and test it right away with Postman so you should be able to see if I have misconfigured something. Link to comment Share on other sites More sharing options...
Mark Posted April 4, 2019 Share Posted April 4, 2019 Don't try to use the options to get an access token - just send a plain vanilla GET request to https://localhost/ips/oauth/authorize/?response_type=code&client_id=<CLIENT_ID>&redirect_uri=<REDIRECT_URI>&scope=profile - what is the response? Link to comment Share on other sites More sharing options...
LuckyRiver Posted April 5, 2019 Author Share Posted April 5, 2019 1 hour ago, Mark said: Don't try to use the options to get an access token - just send a plain vanilla GET request to https://localhost/ips/oauth/authorize/?response_type=code&client_id=<CLIENT_ID>&redirect_uri=<REDIRECT_URI>&scope=profile - what is the response? Same thing, call back got called directly without login screen res.redirect('https://localhost/ips/oauth/authorize/?response_type=code&client_id=9a234bc2edb635a3afd6905b7f8e5022&redirect_uri=http://localhost:50451/api/ips/callback&scope=profile'); At callback entry, I throw an exception seen in trace with console.log login authorizationUri : https://localhost/ips/oauth/authorize?response_type=code&client_id=9a234bc2edb635a3afd6905b7f8e5022&redirect_uri=http%3A%2F%2Flocalhost%3A50451%2Fapi%2Fips%2Fcallback&scope=profile undefined (node:6876) UnhandledPromiseRejectionWarning: Error: NoCodeProvided Nothing much have changed! I am curious if you manage to see the login screen so I will try to get it working on my local env. Link to comment Share on other sites More sharing options...
Mark Posted April 5, 2019 Share Posted April 5, 2019 I want to see the raw HTTP response. Don't do anything fancy - just send a HTTP request and show me the output. If what you're saying is true that it's just redirecting back, it should look something like... HTTP/1.1 301 Moved Permanently Date: Fri, 05 Apr 2019 01:11:33 GMT Server: Apache X-Powered-By: PHP/7.2.14 Set-Cookie: ips4_guestTime=1554426693; path=/; secure; HttpOnly Expires: 0 Cache-Control: no-cache, no-store, must-revalidate Pragma: no-cache Set-Cookie: ips4_oauth_authorize=f8ea82acb671b1fd9deb46b02ace7f3f; path=/; secure; HttpOnly X-IPS-LoggedIn: 0 Vary: cookie Content-Length: 0 Location: https://example.com/ Connection: close Content-Type: ;charset=UTF-8 Link to comment Share on other sites More sharing options...
LuckyRiver Posted April 5, 2019 Author Share Posted April 5, 2019 By sending directly the link in chrome, see attached screen, I have the following error: I have configured the redirect as https://localhost/ips, which is the site in local I'm having this error which I don't have using access token https://localhost/ips/?error=invalid_request&error_description=request%20must%20be%20made%20with%20https Do I need to install some certificate for https? With Postman, I can tell it to ignore but not with chrome, I just authorize to go without https, this may cause this error, anyhow I don't see any login screen. Link to comment Share on other sites More sharing options...
newbie LAC Posted April 5, 2019 Share Posted April 5, 2019 Hello, 1 Redirection URIs https://localhost/ips/oauth/callback 2 Callback URL http://localhost/ips/oauth/callback https vs. http I've created an OAuth Client with settings as on your screenshots I've also changed in conf_global.php 'base_url' => 'http://localhost/ips/', to 'base_url' => 'https://localhost/ips/', Tests Link https://localhost/ips/oauth/authorize/?response_type=code&client_id=7b298e0a123154ac43d0abf0210fc87e&redirect_uri=https://localhost/ips/oauth/callback&scope=profile As guest As user Link to comment Share on other sites More sharing options...
LuckyRiver Posted April 5, 2019 Author Share Posted April 5, 2019 @newbie LAC. Thanks. That's exactly how I wanted to achieve but I am unable to get it working. Which version of IPS are you using? Did you make the landing page as forum or pages? It should not matter right? I try to play more this weekend. Link to comment Share on other sites More sharing options...
newbie LAC Posted April 5, 2019 Share Posted April 5, 2019 1 minute ago, LuckyRiver said: Which version of IPS are you using? 4.4.2 1 minute ago, LuckyRiver said: Did you make the landing page as forum or pages? Forums 4 minutes ago, LuckyRiver said: It should not matter right? Yes Link to comment Share on other sites More sharing options...
LuckyRiver Posted April 5, 2019 Author Share Posted April 5, 2019 I'm going to reinstall from scratch to see! Are you on Windows or Ubuntu or the like? I'm using Xammp in local. 5 hours ago, newbie LAC said: https://localhost/ips/oauth/authorize/?response_type=code&client_id=7b298e0a123154ac43d0abf0210fc87e&redirect_uri=https://localhost/ips/oauth/callback&scope=profile How do you call that link? In a browser? Chrome? So simple but for obscure reason, have been fighting this for days now. Link to comment Share on other sites More sharing options...
newbie LAC Posted April 5, 2019 Share Posted April 5, 2019 Windows, Xammp, localhost 20 minutes ago, LuckyRiver said: In a browser? Yes 22 minutes ago, LuckyRiver said: Chrome? This doesn't matter Link to comment Share on other sites More sharing options...
bfarber Posted April 5, 2019 Share Posted April 5, 2019 By default OAuth connections require https. If you are testing locally and wish to disable this requirement, you can set the following in constants.php define( 'OAUTH_REQUIRES_HTTPS', false ); We do not recommend doing this on a production environment. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.