Posted July 26, 20231 yr Hi everyone, We are currently integrating our custom Identity Provider service into an Invision Community. We have already registered and added a login client inside the "Login & Registration Methods" tab. We are using the Authorization Code flow to redirect our users on Sign In to our own Login page where they enter their credentials. After a successful login, they are redirected back to Invision Community with a valid authorization code added to the response including the state fields. Right after we are redirected back to Invision Community with the provided callback with auth code and state fields - "Redirect URI?code&state", we are getting an error "Something went wrong. Please try again." and the user is not being logged in. Although we have checked the Error Logs in the admin panel, we did not manage to find exactly why we are getting this error. There are a few more exception messages on the Log, e.x.: 2C122/1 The page you are trying to access is not available to guests, but may be available if you sign in. 2S119/1 The CSRF protection key did not match. This may indicate a plugin or theme is out of date. Please contact technical support for more information. Is there anything we can do to get more info on why exactly we are getting this error when we are redirecting back the user to Invision Community? Kind regards
July 26, 20231 yr Community Expert Sorry, its not clear exactly what it is you are using here. Is this somehting you have custom developed, or are you suing OAuth 2.0? Im asking as you mention the login & registration section, but it sounds very much like you are custom developing an SSO
July 27, 20231 yr Author Hi Marc, right now we are using OAuth 2.0 with Authorization code flow and the issue we are experiencing is when we redirect the user back to Invision Community after they have provided their credential on our Login & Registration section. Apologies, for not pointing that out earlier. Kind regards
July 27, 20231 yr Community Expert OK, Im a little confused as to what URL you are redirecting back to, based on what you have said above. The redirect URI should be yourSite/oauth/callback/
July 28, 20231 yr Author After the user is redirected to our site and gives their credentials there, we redirect them back to Invision Community while using the callback given to us when registering the OAuth2.0 client: The Redirect URI to use is https://{ourId}.invisionservice.com/oauth/callback/ Then we get the mentioned error above.
July 28, 20231 yr Community Expert I have tagged our developers on this to see if we can provide some guideance
July 31, 20231 yr We have been dealing with the same exact issue for a few months now. Here's the exception: Array ( [error] => invalid_grant [error_description] => Invalid grant: code verifier is invalid ) BACKTRACE #0 /var/sites/forum/system/Login/Handler/OAuth2/OAuth2.php(607): IPS\_Log::log('Array\n(\n [er...', 'oauth') #1 /var/sites/forum/system/Login/Handler/OAuth2/OAuth2.php(389): IPS\Login\Handler\_OAuth2->_exchangeAuthorizationCodeForAccessToken('4a787f249d4de94...') #2 /var/sites/forum/system/Login/Handler/OAuth2/OAuth2.php(170): IPS\Login\Handler\_OAuth2->_handleAuthorizationResponse(Object(IPS\Login)) #3 /var/sites/forum/system/Login/Login.php(339): IPS\Login\Handler\_OAuth2->authenticateButton(Object(IPS\Login)) #4 /var/sites/forum/applications/core/modules/front/system/login.php(59): IPS\_Login->authenticate() #5 /var/sites/forum/system/Dispatcher/Controller.php(118): IPS\core\modules\front\system\_login->manage() #6 /var/sites/forum/system/Dispatcher/Dispatcher.php(153): IPS\Dispatcher\_Controller->execute() #7 /var/sites/forum/index.php(13): IPS\_Dispatcher->run() #8 {main} Edited July 31, 20231 yr by Michel Kohanim
August 18, 20231 yr Community Expert I have created a ticket on this for you, so we can take a closer look
August 29, 20231 yr Author Hi Marc, Just a follow-up on this. We will launch the forum over the next few days, and we need the Sign In to our own Login page. What is the update from the development team? Thank you!
August 29, 20231 yr Community Expert Your ticket is currently with our management team. Please ensure you respond to the ticket for any updates
August 29, 20231 yr Author How can I access the ticket? I haven't received any email about it. Thanks
August 29, 20231 yr Community Expert Sorry for the confusion here, looks like we have 2 users in this topic reporting the same problem and one of them got moved to a ticket. I have moved one for you to our ticket system so we can further investigate, you will receive further info in your email.
