[Bug] 2FA breaks OAuth flow

[Sly_Ripper]

Steps to reproduce

• Enable/set up 2FA
• Log into forum
• Attempt to log into external app with the forum's OAuth (/oauth/authorize/?client_id=client_id_here&response_type=code&scope=scopes&prompt=login)
• Upon logging in you will be redirected to the forum homepage, not the correct redirect url
• Disabling 2FA fixes this, as does logging out of the forum first

Edited August 19, 2023 by Sly_Ripper

[Marc Stridgen]

You mention "Upon logging in". Are you referring to log in to an external source, or logging in directly on the community. If on the external source, you would need to actually set up the redirect URL on your external source correctly.

[Sly_Ripper]

1 hour ago, Marc Stridgen said:

You mention "Upon logging in". Are you referring to log in to an external source, or logging in directly on the community. If on the external source, you would need to actually set up the redirect URL on your external source correctly.

Using OAuth while you’re already authenticated with the forum.

If 2FA is enabled, after inputting user/pass you’re just redirected to the forum index instead of triggering 2FA/redirecting to the redirect URL set in the oauth app.

Disabling 2FA or logging out of the forum first both work fine.

 

[Marc Stridgen]

We would need to look further into this for you, however the access details on file appear to be incorrect or missing. Could you please update these details by visiting your client area, selecting the relevant purchase, then clicking "Review/Update Access Information" under the "Stored Access Information" section. 

Please add the URL of the location you logging into within your notes

We look forward to further assisting you.