FriendsOfFlarum OAuth

010101

Hari Thanks! I added a comment about Facebook there.

A theory:

Flarum creates a state random string. It is sent to the login provider. But, during the split second redirect back, Flarum creates another state string? I don’t know how to debug or figure out if that’s true. Or, due to some cookie/cache, Flarum thinks the state string is old.

Even though the Twitter login gives a different error compared to Facebook and Google, it still could be an invalid state issue for that one too.

010101

010101 Hello, anyone. I’m curious if these odd issues I mentioned in September are still happening to others? I am probably wrong but I thought I narrowed it down to the state string. A random string that is generated and must match throughout the log in process I think or the log in fails? I’m clueless about this oauth stuff so I don’t know.

To recap, I never could get Twitter or Google working. Only Facebook. 🤪

ilyBenny

is there a way i can use this to login with discord then check what guilds the user logging in and if their in a specific guild they will recieve a permission group?

Vidhun

I am getting an error when I try to use the social sign-in. All the Client ID and Client Secret has been set up, and it even opens the pop-up to login. However, it says Email, Password, and username required.

clarkwinkelmann

Vidhun can you share your php flarum info output? There might be another extension interfering.

Vidhun

clarkwinkelmann

I solved the issue with a reinstall of Flarum. Thanks anyways.

idkwhatusername

Can you add option to link oauth accounts in settings? So users can link their accounts

clarkwinkelmann

idkwhatusername except for Twitter, the process is currently fully based on email match, so this is actually not possible without changing the current implementation.

I believe we have some sort of support in Flarum core for social linking but the API might be incomplete and this extension currently doesn't use it.

Twitter is an exception and uses a custom column on the users table, so a connect/disconnect for Twitter could probably be done with slightly less work than the other providers.

idkwhatusername

clarkwinkelmann oh, so you can't add that?

When the user uses different email for your forum and social media, they can't use it correctly.
As in flarum you can't add more emails to one user account :/

IanM

1.1.0

Allow 3rd party extensions to register additional providers FriendsOfFlarum/oauth35
Display help text when signing in using a provider that does not suggest a username FriendsOfFlarum/oauthb4883a8

Updating

composer require fof/oauth:"*"
php flarum cache:clear

Forhack

Hi, in extension have bug.

clarkwinkelmann

Forhack it's actually a feature, not a bug FriendsOfFlarum/oauth24

This was done to meet Google brand requirements which doesn't allow using an icon alone.

Forhack

clarkwinkelmann ☹️
P.S. : I found a small solution

css

.FoFLogInButton.LogInButton--google {
    color: var(--button-color, #757575) !important;
    background: var(--button-bg, #fff) !important;
    border-radius: 15px !important;
    text-align: center !important;
    margin-left: auto !important;
    margin-right: auto !important;
    margin-top: 10px !important;
    margin-bottom: 15px !important;
}

ecbaker209

I am getting this error when I am using Twitter. I have copied the API Key and API secret correctly. Any ideas?

Received HTTP status code [401] with message "{"errors":[{"code":32,"message":"Could not authenticate you."}]}" when getting temporary credentials.

datitisev

1.1.1

Improve layout of buttons in both normal & icon-only mode (FriendsOfFlarum/oauth36)
- This also makes the Google button appear centered and in a new line

Updating

composer require fof/oauth:"*"
php flarum cache:clear

Amarok

Hey, I saw a great extension but not maintaining to login with Telegram and add an option to receive notifications via Telegram.

Is it possible to integrate it in this auth extension ? Really appreciate it if possible and will did.

Good work for this Auth extension, very useful

datitisev

Amarok If we did, we'd only do the log in with part. So we'd want to keep it a separate extension.
Other extensions can integrate with this one, however - though that only means making the addition of log in buttons less copy/paste. I don't have anything else to say, sorry.

Glad you like it though.

Amarok

datitisev The log part is a good beginning, I think. Thx for the answer.

datitisev

Amarok The reason I said it'd probably be best as a single extension is because if you do separate you'd need two apps to log in with - oauth would only verify identity, and the messaging for alerts would require those oauth perms. Does that make sense?

Also - I don't know whether we're adding more providers or not. I think we had an update at some point that clarified this, not sure.

BurungHantu

Hey guys, could you please tell what to enter in the field "GitLab Domain"? Currently I've set it to https://gitlab.com/oauth/applications/203599 but not sure if its correct. Thx

luceos

BurungHantu gitlab.com is the domain

BurungHantu

luceos Thx, but I don't see how that would make sense entering "gitlab.com". This is probably a misunderstanding. The config of the plugin requires App ID, App Secret and GitLab Domain.

« Previous Page Next Page »