FriendsOfFlarum OAuth

Hari

IanM Does it fixes all the login issues with Twitter and Google?

Hari

IanM

Hari Does it say it does in the release announcement?

Hari

IanM It says fof components are removed. I thought that would address the issues 🙄

😔

IanM

Hari no, fof/components is a library for adding extension settings items to the admin/extension page. These are now provided by flarum/core, so by removing the fof library we can lighten the dependencies a little (once all extensions requiring it are updated).

This will have no effect on any other issues the extension may or may not have.

I'm not seeing any issues reported for Twitter and Google.

010101

I am trying to set up Facebook login. It connected to Facebook, I logged in and gave it permission, it redirected back to my Flarum and then says, "Invalid state. Please try again." Which is a Flarum error. What could make the "state" not right? I tried emptying cache and cookies. After some Google searches and searching here I'm thinking no one will 100% know. I suppose I could try disabling other extensions.

A little while later...

Ok, I couldn't get Facebook login to work so on to Twitter log in, and, haha:

Received HTTP status code [401] with message "{"errors":[{"code":32,"message":"Could not authenticate you."}]}" when getting temporary credentials.

Going to try Google next... if that fails then I guess social login is not for me. 😆

Seconds later... Invalid state error with Google login, just like I got with Facebook.

More seconds later after a Google search... some information on this "state"...

This may or may not be how Flarum does it.

When you call ->redirect(), this bundle gets a state value (a random string) and stores it in the session.

The bundle asks the Facebook OAuth library to generate the "redirect" URL to Facebook internally, this knows what the "state" is and includes it on that URL. This is to tell Facebook "Hey! when you redirect back to us later, include this state query parameter.

After the user is redirected back to your site from Facebook, you call ->getAccessToken() (or maybe ->fetchUser(), which calls getAccessToken()). This method looks for the state query parameter on the URL, which should be there because we asked Facebook to include it when redirecting back to us. We make sure this matches what's in the session.

And so, my Flarum installation is having trouble with sessions, and/or this state query parameter not matching up?

I can see the callback auth URL in my browser's console which does include a state parameter with a random string.

Hari

010101 like ianm said report at GitHub issues, This extension is working so weird since v1.0.4

010101

So, all of the sudden, after switching from Safari to Chrome and trying twice, the Facebook login suddenly worked. Hopefully it keeps working now. That "state" parameter in the callback URL seems to be very finicky and sensitive. And I think it could also have to do with the PWA extension, or maybe any extension that messes with the login/session. Or, could be anything that messes with caching or cookies (aka PWA extension? maybe?) I have no idea.

But, the Google log in still gives me invalid state.

I also worry that the Facebook login may be suddenly working for me, but who knows if it will work for a random user.

Twitter login still doesn't work either.

I personally won't be able to figure it out. An experience developer with a lot of OAuth experience would need to throughly test this extension in different browsers, with the PWA and a bunch of other extensions. It's not a big deal for me personally... I'm just suggesting this be done for the sake of others. 🙂

Hari

reported Twitter issue here FriendsOfFlarum/oauth34

010101

Hari Thanks! I added a comment about Facebook there.

A theory:

Flarum creates a state random string. It is sent to the login provider. But, during the split second redirect back, Flarum creates another state string? I don’t know how to debug or figure out if that’s true. Or, due to some cookie/cache, Flarum thinks the state string is old.

Even though the Twitter login gives a different error compared to Facebook and Google, it still could be an invalid state issue for that one too.

010101

010101 Hello, anyone. I’m curious if these odd issues I mentioned in September are still happening to others? I am probably wrong but I thought I narrowed it down to the state string. A random string that is generated and must match throughout the log in process I think or the log in fails? I’m clueless about this oauth stuff so I don’t know.

To recap, I never could get Twitter or Google working. Only Facebook. 🤪

ilyBenny

is there a way i can use this to login with discord then check what guilds the user logging in and if their in a specific guild they will recieve a permission group?

Vidhun

I am getting an error when I try to use the social sign-in. All the Client ID and Client Secret has been set up, and it even opens the pop-up to login. However, it says Email, Password, and username required.

clarkwinkelmann

Vidhun can you share your php flarum info output? There might be another extension interfering.

Vidhun

clarkwinkelmann

I solved the issue with a reinstall of Flarum. Thanks anyways.

idkwhatusername

Can you add option to link oauth accounts in settings? So users can link their accounts

clarkwinkelmann

idkwhatusername except for Twitter, the process is currently fully based on email match, so this is actually not possible without changing the current implementation.

I believe we have some sort of support in Flarum core for social linking but the API might be incomplete and this extension currently doesn't use it.

Twitter is an exception and uses a custom column on the users table, so a connect/disconnect for Twitter could probably be done with slightly less work than the other providers.

idkwhatusername

clarkwinkelmann oh, so you can't add that?

When the user uses different email for your forum and social media, they can't use it correctly.
As in flarum you can't add more emails to one user account :/

IanM

1.1.0

Allow 3rd party extensions to register additional providers FriendsOfFlarum/oauth35
Display help text when signing in using a provider that does not suggest a username FriendsOfFlarum/oauthb4883a8

Updating

composer require fof/oauth:"*"
php flarum cache:clear

Forhack

Hi, in extension have bug.

clarkwinkelmann

Forhack it's actually a feature, not a bug FriendsOfFlarum/oauth24

This was done to meet Google brand requirements which doesn't allow using an icon alone.

Forhack

clarkwinkelmann ☹️
P.S. : I found a small solution

css

.FoFLogInButton.LogInButton--google {
    color: var(--button-color, #757575) !important;
    background: var(--button-bg, #fff) !important;
    border-radius: 15px !important;
    text-align: center !important;
    margin-left: auto !important;
    margin-right: auto !important;
    margin-top: 10px !important;
    margin-bottom: 15px !important;
}

« Previous Page Next Page »