Marco Telescope Live Posted July 26, 2023 Share Posted July 26, 2023 Hi everyone, We are currently integrating our custom Identity Provider service into an Invision Community. We have already registered and added a login client inside the "Login & Registration Methods" tab. We are using the Authorization Code flow to redirect our users on Sign In to our own Login page where they enter their credentials. After a successful login, they are redirected back to Invision Community with a valid authorization code added to the response including the state fields. Right after we are redirected back to Invision Community with the provided callback with auth code and state fields - "Redirect URI?code&state", we are getting an error "Something went wrong. Please try again." and the user is not being logged in. Although we have checked the Error Logs in the admin panel, we did not manage to find exactly why we are getting this error. There are a few more exception messages on the Log, e.x.: 2C122/1 The page you are trying to access is not available to guests, but may be available if you sign in. 2S119/1 The CSRF protection key did not match. This may indicate a plugin or theme is out of date. Please contact technical support for more information. Is there anything we can do to get more info on why exactly we are getting this error when we are redirecting back the user to Invision Community? Kind regards Link to comment Share on other sites More sharing options...
Marc Stridgen Posted July 26, 2023 Share Posted July 26, 2023 Sorry, its not clear exactly what it is you are using here. Is this somehting you have custom developed, or are you suing OAuth 2.0? Im asking as you mention the login & registration section, but it sounds very much like you are custom developing an SSO Link to comment Share on other sites More sharing options...
Marco Telescope Live Posted July 27, 2023 Author Share Posted July 27, 2023 Hi Marc, right now we are using OAuth 2.0 with Authorization code flow and the issue we are experiencing is when we redirect the user back to Invision Community after they have provided their credential on our Login & Registration section. Apologies, for not pointing that out earlier. Kind regards Link to comment Share on other sites More sharing options...
Marc Stridgen Posted July 27, 2023 Share Posted July 27, 2023 OK, Im a little confused as to what URL you are redirecting back to, based on what you have said above. The redirect URI should be yourSite/oauth/callback/ Link to comment Share on other sites More sharing options...
Marco Telescope Live Posted July 28, 2023 Author Share Posted July 28, 2023 After the user is redirected to our site and gives their credentials there, we redirect them back to Invision Community while using the callback given to us when registering the OAuth2.0 client: The Redirect URI to use is https://{ourId}.invisionservice.com/oauth/callback/ Then we get the mentioned error above. Link to comment Share on other sites More sharing options...
Marc Stridgen Posted July 28, 2023 Share Posted July 28, 2023 I have tagged our developers on this to see if we can provide some guideance Marco Telescope Live 1 Link to comment Share on other sites More sharing options...
Michel Kohanim Posted July 31, 2023 Share Posted July 31, 2023 (edited) We have been dealing with the same exact issue for a few months now. Here's the exception: Array ( [error] => invalid_grant [error_description] => Invalid grant: code verifier is invalid ) BACKTRACE #0 /var/sites/forum/system/Login/Handler/OAuth2/OAuth2.php(607): IPS\_Log::log('Array\n(\n [er...', 'oauth') #1 /var/sites/forum/system/Login/Handler/OAuth2/OAuth2.php(389): IPS\Login\Handler\_OAuth2->_exchangeAuthorizationCodeForAccessToken('4a787f249d4de94...') #2 /var/sites/forum/system/Login/Handler/OAuth2/OAuth2.php(170): IPS\Login\Handler\_OAuth2->_handleAuthorizationResponse(Object(IPS\Login)) #3 /var/sites/forum/system/Login/Login.php(339): IPS\Login\Handler\_OAuth2->authenticateButton(Object(IPS\Login)) #4 /var/sites/forum/applications/core/modules/front/system/login.php(59): IPS\_Login->authenticate() #5 /var/sites/forum/system/Dispatcher/Controller.php(118): IPS\core\modules\front\system\_login->manage() #6 /var/sites/forum/system/Dispatcher/Dispatcher.php(153): IPS\Dispatcher\_Controller->execute() #7 /var/sites/forum/index.php(13): IPS\_Dispatcher->run() #8 {main} Edited July 31, 2023 by Michel Kohanim Link to comment Share on other sites More sharing options...
Marc Stridgen Posted August 18, 2023 Share Posted August 18, 2023 I have created a ticket on this for you, so we can take a closer look Marco Telescope Live 1 Link to comment Share on other sites More sharing options...
Marco Telescope Live Posted August 29, 2023 Author Share Posted August 29, 2023 Hi Marc, Just a follow-up on this. We will launch the forum over the next few days, and we need the Sign In to our own Login page. What is the update from the development team? Thank you! Link to comment Share on other sites More sharing options...
Marc Stridgen Posted August 29, 2023 Share Posted August 29, 2023 Your ticket is currently with our management team. Please ensure you respond to the ticket for any updates Marco Telescope Live 1 Link to comment Share on other sites More sharing options...
Marco Telescope Live Posted August 29, 2023 Author Share Posted August 29, 2023 How can I access the ticket? I haven't received any email about it. Thanks Link to comment Share on other sites More sharing options...
Jim M Posted August 29, 2023 Share Posted August 29, 2023 Sorry for the confusion here, looks like we have 2 users in this topic reporting the same problem and one of them got moved to a ticket. I have moved one for you to our ticket system so we can further investigate, you will receive further info in your email. Link to comment Share on other sites More sharing options...
Recommended Posts