Invision Community 4: SEO, prepare for v5 and dormant account notifications By Matt Monday at 02:04 PM
abobader Posted August 15 Posted August 15 Hi, The php build we upgrade to: 8.1.13 Mysql: 8.0.33 As now our API login throw out error: Quote Our OAUTH sign in is not working. Existing connections/authorizations i think are okay but any attempt to authorize a user is returning Invalid_Grant (which is just the generic error) with a description of "400" which I would think would imply some sort of parameter error (like something changed we don't know about). Thanks.
Jim M Posted August 15 Posted August 15 After upgrade PHP, you will want to run the compatibility checker to ensure that there are not any missing modules. If something was working and the software was not updated, it sounds like you are missing something:
abobader Posted August 15 Author Posted August 15 Hi Jim, All fine here: @Jim M I really need help, thanks.
Jim M Posted August 15 Posted August 15 You will want to double check the request which you are sending to the OAuth endpoint and ensure that all endpoints are authorized correctly. Additionally, you will want to enable logging for OAuth endpoint so you can see what is happening. Currently, there are no errors as logging is disabled on your endpoints.
abobader Posted August 15 Author Posted August 15 We tried everything, only option we have now to roll back to 4.7.14.
Jim M Posted August 15 Posted August 15 41 minutes ago, abobader said: We tried everything, only option we have now to roll back to 4.7.14. You would want to do as mentioned above, without the logging, we won't know what is happening.
abobader Posted August 15 Author Posted August 15 @Jim M But it was working, can the case will be from the forum generic OAuth validation that is built into IPB, it work for 20 minutes then stopped. As you see here: Quote [Thu Aug 15 14:55:57.621751 2024] [php:notice] [pid 29281:tid [client 173.230.139.54:39616] [realclient 31.221.164.22] Successfully created user 1488928/ The REST API is functioning fine. What is failing is the generic OAuth validation that is built into IPB - but it worked for 20 minutes Really, we run out of all idea.
Jim M Posted August 15 Posted August 15 That would be the PHP log. Not the OAuth log in our software. This is in ACP -> System -> API -> OAuth -> edit the OAuth key, expand the endpoint you're using and check Log. If it is working then stops, sounds like this is something with the server or the IP address in question is getting banned.
abobader Posted August 15 Author Posted August 15 @Jim M One question: Is the OAuth grant type of "password" has been deprecated in this version (4.7.18)? Thanks. Here the code: Quote $curl = curl_init( $oathUrl ); curl_setopt_array( $curl, array( CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_HTTPAUTH => CURLAUTH_BASIC, CURLOPT_HEADER => "Content-Type:application/x-www-form-urlencoded", CURLOPT_POST => TRUE, CURLOPT_POSTFIELDS => "grant_type=password&username=$cleanEmail&password=$password&client_id=$oathId&client_secret=$oathSecret&scope=profile" ) ); Thanks in advance for all the help Jim.
Jim M Posted August 15 Posted August 15 Sorry, we would not be able to assist with custom code. 33 minutes ago, Jim M said: OAuth log in our software. This is in ACP -> System -> API -> OAuth -> edit the OAuth key, expand the endpoint you're using and check Log. If it is working then stops, sounds like this is something with the server or the IP address in question is getting banned. These would be the items you need to look at
abobader Posted August 15 Author Posted August 15 No problem Jim, I know that, we just hope we did not make any error, strange, it was working well till this update. @Jim M Sorry for many questions, last one: grant_type=password still supported? Thanks
Jim M Posted August 15 Posted August 15 These would be the grant types which are supported: Resource Owner Password Credentials is supported.
abobader Posted August 15 Author Posted August 15 Thanks @Jim M well done as always. We found the issue, it was this option that ban login: How we can disable this option? Thanks.
Jim M Posted August 15 Posted August 15 I'm afraid, there is no option to disable it as it is there for security. abobader 1
abobader Posted August 15 Author Posted August 15 Yes, we edit the setting for more attempt and reduce time. Well done Jim! Thanks for everything.
Jim M Posted August 15 Posted August 15 You're very welcome. Glad we could help get it sorted 😉 abobader 1
abobader Posted August 16 Author Posted August 16 Hi, Now we faced slow when someone switching to fluid view, it took like 20-25 to switch to it, normal (table/grid) do not have that problem, any head up info regarding that. Thanks
Marc Posted August 16 Posted August 16 3 hours ago, abobader said: Hi, Now we faced slow when someone switching to fluid view, it took like 20-25 to switch to it, normal (table/grid) do not have that problem, any head up info regarding that. Thanks If its taking that long, you need to look at your servers setup abobader 1
Recommended Posts