Jump to content

Extension talk:OAuth2 Client

About this board

Translation (general)

2
Goliath2m (talkcontribs)

I would like (to start) to translate this page. Primerily to understand the topic and secondly - of course - to help other people

BUT: How to start? There ist no "Translation-Button"

Who can help? THX a lot!

Goliath

~~~~

BugCatcher2019 (talkcontribs)
Reply to "Translation (general)"

Are these a problem?

2
AManWithNoPlan (talkcontribs)

Using the https://github.com/wikimedia/mediawiki-oauthclient-php client I see these in the logs

mod_fastcgi.c.487) FastCGI-stderr:PHP Notice:  Undefined property: stdClass::$key in /public_html/vendor/mediawiki/oauthclient/src/Client.php on line 181

mod_fastcgi.c.487) FastCGI-stderr:PHP Notice:  Undefined property: stdClass::$secret in /public_html/vendor/mediawiki/oauthclient/src/Client.php on line 181

Is this something to be concerned about or is the code just missing the at symbol in front of a $return->key and $return->secret?

AManWithNoPlan (talkcontribs)

Reported to correct page.

Reply to "Are these a problem?"

Fatal exception of type "GuzzleHttp\Exception\RequestException"

8
Ahmad.enisyst (talkcontribs)

I am trying to login to my media wiki from my wordpress. I have WPOauthServer runing on my WordPress (Wordpress plugin). I want that my users only login to wordpress and from there they can go to wiki without loging to wiki again. The server is working fine i have tested by sending curl request and post i am able to get the authentication token.

I have abutton on my wordpress with wikis client id and details:

<a href="[https://XXXXXXX.de/oauth/authorize?response_type=code&client_id=XXXXXXXXX https://XXXXXXX.de/oauth/authorize?response_type=code&client_id=XXXX]&state=123">

When i opne the authorization link, i land on:

https://wiki.XXXXXXXXXXXXX.de/wiki/Special:OAuth2Client/callback?code=farkmm4ttuwxnne8a9firwtdikmite788hwpyhzg&state=123 and here i get a "Fatal exception of type "GuzzleHttp\Exception\RequestException" upon digging i found out that this exception is caused in `AbstractProvider.php` in the sendRequest function in the following line `$response = $this->getHttpClient()->send($request);`


    protected function sendRequest(RequestInterface $request)

    {

        try {

var_dump($request);

            $response = $this->getHttpClient()->send($request);

var_dump($response);

        } catch (BadResponseException $e) {

            $response = $e->getResponse();

        }

        return $response;

    }

I think may be there is something wrong with my request, my request is as follows

/var/www/mediawiki/w/extensions/MW-OAuth2Client/vendors/oauth2-client/src/Provider/AbstractProvider.php:629:

object(GuzzleHttp\Psr7\Request)[278]

  private 'method' => string 'POST' (length=4)

  private 'requestTarget' => null

  private 'uri' =>

    object(GuzzleHttp\Psr7\Uri)[279]

      private 'scheme' => string 'https' (length=5)

      private 'userInfo' => string '' (length=0)

      private 'host' => string 'XXXXXXX.de' (length=13)

      private 'port' => null

      private 'path' => string '/oauth/token/' (length=13)

      private 'query' => string '' (length=0)

      private 'fragment' => string '' (length=0)

  private 'headers' =>

    array (size=2)

      'Host' =>

        array (size=1)

          0 => string 'XXXXXXX.de' (length=13)

      'content-type' =>

        array (size=1)

          0 => string 'application/x-www-form-urlencoded' (length=33)

  private 'headerNames' =>

    array (size=2)

      'content-type' => string 'content-type' (length=12)

      'host' => string 'Host' (length=4)

  private 'protocol' => string '1.1' (length=3)

  private 'stream' =>

    object(GuzzleHttp\Psr7\Stream)[287]

      private 'stream' => resource(18, stream)

      private 'size' => null

      private 'seekable' => boolean true

      private 'readable' => boolean true

      private 'writable' => boolean true

      private 'uri' => string 'php://temp' (length=10)

      private 'customMetadata' =>

        array (size=0)

          empty

Ahmad.enisyst (talkcontribs)
Prostoprojekt (talkcontribs)

Hi Ahmad,

was following you step-by-step guide to install SSO, everything is OK on Wordpress installation, but when I get to Wiki's special page, or click Extension

  • OAuth2 login

I've got an internal error:

[YThUiyPOGJus@NM1z-FWbgAAAIo] 2021-09-08 06:13:31: Fatal exception of type "Error"


Is there chance to fix an error I receive ? If I delete, it gone (by disabling the Ext.):

##Try to OAuth20 Clien

wfLoadExtension( 'MW-OAuth2Client' );

Prostoprojekt (talkcontribs)

BTW update, from debug:


[exception] [YThYI3DQ75zKOxO@VZk5EwAAARg] /w/index.php?title=Special:OAuth2Client/redirect&returnto=Main+Page   Error: Call to undefined method GuzzleHttp\Utils::chooseHandler()

240F:111:2465:1:50D8:791E:13BC:F38 (talkcontribs)

I found that the guzzlehttp is installed 2 different places (mediawiki/vendor/guzzlehttp and mediawiki/extensions/MW-OAuth2Client/vendors/oauth2-client/vendor/guzzlehttp ). Then, the latter one was an old version.

I simply deleted the latter one. Wiki's special page is now shown.

NathanFranzmeier (talkcontribs)

I followed your instructions on the stackoverflow link but I receive the same error as you indicate here.

I am redirected with the same exception.

Was there something else that needed to be done - ie. options that need enabling etc. on the plugin?

Maybe you can share your setup for the LocalSettings.php as well.

NathanFranzmeier (talkcontribs)

I finally got it working with these additional steps - editing my LocalSettings.php; xxxx is my website starting with https://

  1. In addition to setting the secret and ID I had to fill in the the configuration parameters with these settings - these are from my site.
  2. $wgOAuth2Client['configuration']['authorize_endpoint']     = 'xxxx/oauth/authorize'; // Authorization URL
  3. $wgOAuth2Client['configuration']['access_token_endpoint']  = 'xxxx/oauth/token'; // Token URL
  4. $wgOAuth2Client['configuration']['api_endpoint']           = 'xxxx/oauth/me?access_token=';
  5. $wgOAuth2Client['configuration']['redirect_uri']           = 'xxxx/mediawiki/index.php?title=Special:OAuth2Client/redirect&returnto=Special%3AUserLogin';          
  6. $wgOAuth2Client['configuration']['username'] = 'user_login'; // JSON path to username
  7. $wgOAuth2Client['configuration']['email'] = 'user_email'; // JSON path to email
  8. $wgOAuth2Client['configuration']['scopes'] = 'openid email profile'; //Permissions
  9. $wgWhitelistRead = array("Special:OAuth2Client");  

Then I also had to make one code change in .../mediawiki/extensions/MW-OAuth2Client/vendors/oauth2-client/src/Provider/AbstractProvider.php

protected function fetchResourceOwnerDetails(AccessToken $token)

    {

        $url = $this->getResourceOwnerDetailsUrl($token);

        // Added this line so we can build the url request properly otherwise it didn't append the token to the api_endpoint

        $url = $url . $token;

        $request = $this->getAuthenticatedRequest(self::METHOD_GET, $url, $token);

        return $this->getResponse($request);

    }

After that the plugin worked as expected.

Note on installation of the mediawiki extension I got these composer warnings - I believe they can be safely ignored...

Package guzzle/guzzle is abandoned, you should avoid using it. Use guzzlehttp/guzzle instead.

Package phpunit/phpunit-mock-objects is abandoned, you should avoid using it. No replacement was suggested.

Package satooshi/php-coveralls is abandoned, you should avoid using it. Use php-coveralls/php-coveralls instead.


Also I found this link useful in understanding how to use the wordpress plugin: https://wp-oauth.com/docs/how-to/setup-wp-oauth-server-for-single-sign-on-with-wordpress/

And I found you can just add the OAUTH plugin to wordpress from your site's WP admin page - just click the Add Plugins button - or search for "oath" by WP Oauth Server There is no need to get it from their WP OATH website where you can only find the paid version.

61.222.202.141 (talkcontribs)

I followed your step on the stackoverflow link but I received a new error report when I tried to login my mediawiki(version:1.37).

---

[1905f47f4bb1c705f8784b14] /wiki/Special:OAuth2Client/callback?code=vuwwxrmdpcelvccip6vpebetb5jkjnyybhb3qb8m&state=ZnnN0VgGVbf7JeMBJUS2SUukTHG3rD6q&iframe=break League\OAuth2\Client\Provider\Exception\IdentityProviderException: invalid_request

Backtrace:

from /var/www/wiki-testing/extensions/MW-OAuth2Client/vendors/oauth2-client/src/Provider/GenericProvider.php(216)

#0 /var/www/wiki-testing/extensions/MW-OAuth2Client/vendors/oauth2-client/src/Provider/AbstractProvider.php(649): League\OAuth2\Client\Provider\GenericProvider->checkResponse()

#1 /var/www/wiki-testing/extensions/MW-OAuth2Client/vendors/oauth2-client/src/Provider/AbstractProvider.php(801): League\OAuth2\Client\Provider\AbstractProvider->getResponse()

#2 /var/www/wiki-testing/extensions/MW-OAuth2Client/vendors/oauth2-client/src/Provider/AbstractProvider.php(781): League\OAuth2\Client\Provider\AbstractProvider->fetchResourceOwnerDetails()

#3 /var/www/wiki-testing/extensions/MW-OAuth2Client/SpecialOAuth2Client.php(118): League\OAuth2\Client\Provider\AbstractProvider->getResourceOwner()

#4 /var/www/wiki-testing/extensions/MW-OAuth2Client/SpecialOAuth2Client.php(66): SpecialOAuth2Client->_handleCallback()

#5 /var/www/wiki-testing/includes/specialpage/SpecialPage.php(647): SpecialOAuth2Client->execute()

#6 /var/www/wiki-testing/includes/specialpage/SpecialPageFactory.php(1366): SpecialPage->run()

#7 /var/www/wiki-testing/includes/MediaWiki.php(314): MediaWiki\SpecialPage\SpecialPageFactory->executePath()

#8 /var/www/wiki-testing/includes/MediaWiki.php(930): MediaWiki->performRequest()

#9 /var/www/wiki-testing/includes/MediaWiki.php(564): MediaWiki->main()

#10 /var/www/wiki-testing/index.php(53): MediaWiki->run()

#11 /var/www/wiki-testing/index.php(46): wfIndexMain()

#12 {main}

---

Is this error cause by new version? I have no idea about it.

Reply to "Fatal exception of type "GuzzleHttp\Exception\RequestException""
172.97.187.204 (talkcontribs)

What exactly is an "api_endpoint"? This language is not used in the oAuth2 specification.

Reply to "api_endpoint"
Treinisch (talkcontribs)

When using outh the users are auto-logged out after some minutes. Clicking the Log in link logs them back in without further ado ...

Any suggestions, whats going on here?

Reply to "Expiration too soon"
Natsu Dragoneel (talkcontribs)

Can this install manually? I have no SSH access and cannot install Composer.

Reply to "install manually"

Is this currently enabled for English Wikipedia?

2
Xinbenlv (talkcontribs)

and others?

Kghbln (talkcontribs)

No, and it will never be.

Reply to "Is this currently enabled for English Wikipedia?"

Help with OpenStreetMap Wiki

4
Yurik (talkcontribs)

Hi @Nischayn22 and @DukeofRealms, thanks for the great extension! I would like to use it for the OpenStreetMap wiki. At the moment OSM wiki has its own accounts, and the main OSM itself has separate accounts. They clearly should be merged. The main OSM system (editing system) can server as an Oauth server. In your opinion, what is the best approach, especially considering that many people already have accounts in both systems, and probably would want to merge them rather than duplicating them in the wiki. Thanks!

Nischayn22 (talkcontribs)

Hi @Yurik

You can use OSM as a a Oauth server, but currently I don't think it will be able to handle duplicate accounts. That feature can be added though where it has to match the user's email addresses. Hope that helps.

Yurik (talkcontribs)

How difficult would it be to add the email matching? I could try to hack on it, but some guiding starting points would be great. Thx!

Nischayn22 (talkcontribs)
Reply to "Help with OpenStreetMap Wiki"

What would be an example of the api_endpoint and the JSON paths?

2
Automation4 (talkcontribs)

I'm new to setting up OAuth, everything is working fine except that it isn't creating the new user when I click the login. If you could add to the examples I'd really appreciate it.

Nischayn22 (talkcontribs)

The example would be different for each auth service. Would recommend you seek the help of a developer.

Reply to "What would be an example of the api_endpoint and the JSON paths?"
There are no older topics