Oauth error login when trying to view profile, post new reply,...

Get help with installation and running phpBB 3.2.x here. Please do not post bug reports, feature requests, or extension related questions here.
Post Reply
User avatar
Big Monstro
Registered User
Posts: 40
Joined: Tue Nov 15, 2016 5:42 pm

Oauth error login when trying to view profile, post new reply,...

Post by Big Monstro » Mon Aug 20, 2018 3:13 pm

Hello,

I thoroughly follow that guideline https://www.phpbb.com/support/docs/en/3.2/ug/adminguide/general_client to set up oauth authentication in my board. When I try connect via ucp.php?mode=login, the Bitly/Google/Twitter oauth logins perfectly work.

However, if a guest tries to access to a feature enabled only for registered users (see profiles, memberlist, post a new topic/post in most forums), the login authentication form also appears. The classic login (enter username and password) works okay but not the oauth authentications.
  • Bitly: {"status_code": 500, "data": null, "status_txt": "REDIRECT_URI_DOES_NOT_MATCH_APPLICATION"}
  • Google: error 400 Error: redirect_uri_mismatch
  • Twitter: error 500, without more information
I guess the problem is because the link is not starting by http://{your_board_URL}/ucp.php?mode=login&login=external&oauth_service= or http://{your_board_URL}/ucp.php?i=ucp_auth_link&mode=auth_link&link=1&oauth_service=. However, I won't add an infinity of links (due to the number of topics or forums) as REQUEST URIS in my Bitly/Google/Twitter account.

Any idea ? Is it a misconfiguration or a phpBB design flaw ?

User avatar
Big Monstro
Registered User
Posts: 40
Joined: Tue Nov 15, 2016 5:42 pm

Re: Oauth error login when trying to view profile, post new reply,...

Post by Big Monstro » Tue Aug 21, 2018 9:54 am

I finally managed to fix the problem, known since 2015 but still unfixed (https://tracker.phpbb.com/browse/PHPBB3-13505).

Open phpbb/auth/provider/oauth/oauth.php and find that line:

Code: Select all

$redirect_url = build_url(false) . '&login=external&oauth_service=' . $actual_name;
Replace it:

Code: Select all

$redirect_url = $phpbb_root_path . 'ucp.' . $this->php_ext . '?mode=login&login=external&oauth_service=' . $actual_name;
Now, the Oauth authentication works everywhere!

The only remaining disadvantage (compared to the classic login) is you are always redirected to index.php after login : if you are a guest and try to post a new reply whereas only registered users can, you get the login form. If you log by typing username and password, you are redirected to the posting editor. If you use Oauth authentication instead, you are redirected to index.php. But it's definitely better than getting an error.

Post Reply

Return to “[3.2.x] Support Forum”

Who is online

Users browsing this forum: AbaddonOrmuz, Baidu [Spider], Hartenheer, invenio, lopoto, Lumpy Burgertushie, Scanialady, stevemaury and 52 guests