-
Notifications
You must be signed in to change notification settings - Fork 85
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
callback_phase issues with callback_url #5
Comments
hi @andrew-whitmore , thanks for the note. I haven't seen this, but haven't been using this gem actively (project back burnered). It worked when we prototyped it, but I imagine something could have changed on the azure size. |
Hi @marknadig - Thanks for your response. Just to let you know i got to the bottom of this in the end. Basically versions 1.3.1 of omniauth-oauth2 used to override the callback_uri in its strategy to the following: def callback_url
full_host + script_name + callback_path
end It looks like they thought this was a bad idea and removed it recently. What happens now is the callback_url method falls back the the oauth2 implementation which also includes request parameters. so on the second auth pass when going to the oauth2/token url azure complains because the redirect_url has the code parameter appended on the end so it throws the error hightlighted in my previous comment. I have just simply overridden callback_url in your strategy and it works fine. Hope this makes sense. Thanks Again Andy |
👍 thanks for tracking this down. |
Is there going to be an update to this gem? I'd like to see it working again. |
@abezulski , I didn't have time to test Andrew's fix. I see it in his branch, but never submitted a PR. Sorry, time constraints :/ Curious, I see LightspeedSystems fork with a lot of recent activity, but they don't mention any of the issue Andrew mentioned. |
@marknadig Thanks for reply. What would be the quickes way of getting it fixed in my code without building entire gem? |
@abezulski quickest way would be just to ref abezulki's fork directly in your gemfile https://github.com/andrew-whitmore/omniauth-azure-oauth2/ |
I had the same issue and checked when |
@thomas-siimpl can you open a Pull Request for that? :) |
I needed a much newer version of https://github.com/nickcampbell18/omniauth-azure-oauth2 Looks like the omniauth-oauth2 team re-added the query component here. Seems like they can't decide which way to go on this. |
@nickcampbell18 can you push your version as a PR on the official branch? :D |
Brilliant @nickcampbell18. Thank you so much for your fork, that fixed the callback query parameters issue for me with Can we get a PR? Do we need some tests? |
Hi,
I've recently been trying to use your gem for a project i'm working on and I can't seem to get it working.
During the callback when the token is requested. The azure AD instance is throwing the following error:
AADSTS70002: Error validating credentials. AADSTS50011: The reply address does not match.
At first I thought I had a typo inside my app setup in azure but that wasn't the case.
Azure seems to complain about the fact that the underlying auth2 implementation of callback_url appends the code parameter on the end of the redirect_uri and therefore it doesn't match what is is expecting.
Just wondering if you have run into this scenario?
Thanks
The text was updated successfully, but these errors were encountered: