PHP Fatal error: Uncaught Error: Failed opening required '/srv/htdocs/wp-content/plugins/miniorange-oauth-20-server//admin\helper\constants\class-miniorange-oauth-20-server-oauth-constants.php' (include_path='/:.') in /srv/htdocs/wp-content/plugins/miniorange-oauth-20-server/public/class-miniorange-oauth-20-server-public.php:18 Stack trace: #0 /srv/htdocs/wp-content/plugins/miniorange-oauth-20-server/includes/class-miniorange-oauth-20-server.php(122): require_once() #1 /srv/htdocs/wp-content/plugins/miniorange-oauth-20-server/includes/class-miniorange-oauth-20-server.php(76): Miniorange_Oauth_20_Server->load_dependencies() #2 /srv/htdocs/wp-content/plugins/miniorange-oauth-20-server/mo_oauth_settings.php(86): Miniorange_Oauth_20_Server->__construct() #3 /srv/htdocs/wp-content/plugins/miniorange-oauth-20-server/mo_oauth_settings.php(90): run_miniorange_oauth_20_server() #4 /wordpress/core/6.4.3/wp-settings.php(473): include_once('/srv/htdocs/wp-...') #5 /srv/htdocs/wp-config.php(102): require_once('/wordpress/core...') #6 /wordpress/core/6.4.3/wp-load.php(55): require_once('/srv/htdocs/wp-...') #7 /wordpress/core/6.4.3/wp-cron.php(46): require_once('/wordpress/core...') #8 {main} thrown in /srv/htdocs/wp-content/plugins/miniorange-oauth-20-server/public/class-miniorange-oauth-20-server-public.php on line 18Error thrown on latest version 6.0.4. Maybe a trailing slash issue?
]]>Hello team, I was trying to configure:?Circle Single Sign-On (SSO) With WordPress As OAuth Server ,?but was not able to find:?WordPress (MiniOrange) URL.?
So, where can I find that url?
]]>Hi,
I open this topic because since several days I want to implement, following the documentation, WordPress sso access in my Nextcloud server. I have configured everything I followed step by step and at first I was hoping that everything was going well, because when in my nextcloud instance I pressed the login button for my WordPress site, it opened the WordPress login page, I tried to send email and password instead to redirect me in nextcloud it gives me this error: https://ibb.co/tQKyCgq
I don’t know what i did possibly wrong i followed every step and it makes sense it should work like that, but not in my case.
Thank you in advance
Best Regards.
]]>Hello there,
I am able to receive the response for Authorization Endpoint, i.e. /wp-json/moserver/authorize.
However, when I am pinging for Token Endpoint, it returns me below error:
{“error”:”invalid_grant”,”error_description”:”The authorization code has expired”}”
I made sure to check on whether the correct code is being passed, client_id, client_secret, etc. Not sure what’s causing this issue.
I have made sure to enable the below header for my nginx setup:
add_header Access-Control-Allow-Headers “Authorization”;
Could you please help me out with this?
Thanks,
Jay.
]]>Hello there,
I hope you are well.
As our title says, the reason that all our users are getting the same token is because we use the free version of the plugin, or we are missing anything on the plugin’s settings?
Thanks in advance,
George.
]]>When debug is on, the dashboard generates notices that register_rest_route is missing the required permission_callback argument. It’s for moserver/authorize, moserver/token and moserver/resource.
]]>Hi,
I’m trying to use Miniorange OAuth Server as identity server for several WSO2 services (API Store, …).
I was able to set WP Server, and federate that in WSO2.
However, I had no luck making it work.
I think it has to be related with matching Miniorange Oauth fields returned in oauth flow with the ones that need to be stored in WSO2 db.
Anyone suffered the same? Any advice?
In the other hand.. could the creator inform me about compatibility? I have no problem to buy a license but I need to know that it’s possible to make it work.
Thanks in advance.
]]>Hi,
I am using the “miniOrange OAuth / OpenID Connect Server” plugin to login to Nextcloud 21 (Social Login) with my WordPress user names and passwords.
However, I keep getting error message back in Netxcloud:
Signed API request has returned an error. HTTP error 401. Raw Provider API response: {“error”:”missing_access_token”,”error_description”:”No Access Token provided”}.
I have added the following lines to my .htaccess already:
RewriteEngine On
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule .* – [e=HTTP_AUTHORIZATION:%1]
Doesn’t help:(
]]>There is no warning in description that it has 100 login limit for free, than you have to pay, why is it listed with other open sources plugins?
]]>Hello
I’m trying to use the plugin with moodle, but I can’t.
I have tried many combinatios, creating the tokens, checking and uncheking options… but I got different errors.
The current error I get is “Could not discover end points for identity issuer”. I have created the endpoints manually but didn’t work.
The other error is “The redirect URI provided is missing or does not match”
I’ll thank any help with this.
]]>Hey there,
I would like to use the MO AUth-Plugin for authentification in my Rocket.Chat.
Installation works an I can generate the IDs etc.
Whenever I try to use the WP-Credentials in the Rocket.Chat I receive a 404 error. But the permalinks settings are not plain.
I use Nginx as Server. Is there any problem with nginx and redirect/rewrite that maybe cause the 404?
BTW: I use WordFence as Security Plugin.
Thx for a short reply.
mike
]]>This is how the navigation looks with your plugin turned off:
and this is with your plugin turned on:
Why does it changes something in the look of my page? I thought it mainly would run on the backend?
]]>Hello,
We are experiencing issues accessing User Information after successfully performing Authorization and retrieving a token.
Curl request:
curl -H “Authorization:Bearer < 1c666593bd9fb6f1e0fea583d7f4f101 >” -X GET https://oursite.com/wp-json/moserv
er/resource
Response:
{“error”:”missing_access_token”,”error_description”:”No Access Token provided”}
Can you advise, please.
]]>Hi,
Thank you for your awesome plugin.
How do I include email in the User Info Endpoint response?
Currently only username is included.
Regards,
Yoshimi
Hi,
I’m testing an Angular Application on localhost:4200 to use my WordPress Woocommerce Site’s user credentials using this OAuth Server plugin. I’m able to redirect the users to the /wp-content/plugins/miniorange-oauth-20-server/web/moserver/authorize endpoint, get the user consent and then get the authorization code.
However, when I do a post request to the /wp-content/plugins/miniorange-oauth-20-server/web/moserver/token endpoint with all the correct details, I keep getting the following error :
Access to XMLHttpRequest at 'https://mydomain.com/wp-content/plugins/miniorange-oauth-20-server/web/moserver/token' from origin 'https://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I don’t want to completely enable CORS and create security issues, since the Woocommerce store is a live one. Is there any way by which I can allow post requests from localhost for now during testing and then once deployed, allow requests from the application’s URL?
Can you please help me out?
Regards,
Arjun
Hi miniOrange team!
I have an issue with the plugin. When I try the SSO login with the client I provided, I keep on getting this error:
[body] => {"code":"rest_no_route","message":"No route was found matching the URL and request method","data":{"status":404}}
[http_code] => 404
[last_url] => https://philecdev054.cafe24.com/wp-json/moserver/resourceI checked the route list of my site, and I see that the resource endpoint is registered there. Also, I’m just wondering why the authorize and token endpoint have no issues while this one has. Thank you!
]]>Hello,
Upon installing your plugin, I experienced an error when using the authorize endpoint. I believe the problem was a timeout/memory allocation error through the use of the get_users function call at _mo_check_user_login (endpoints/registry.php line 224)
After replacing this line with:
get_user_by('login', $current_user_cookie['username'])
the plugin begins to work as normal. My guess is that our large database of users is causing a memory error!
]]>Hello miniOrange Team,
If I remove a user’s account and this user was logged in, the user is still logged in, while this user doesn′t log out or the cookies expire. But this would be a mistake, because this user can continue to view the content for a while. Is there a way to solve this?
When the user logs in the first time, gets a form to accept some terms. Is this mandatory? If so, why is it mandatory? Can I change the text?
Thankst,
Tamara Z.
When I click deny I can see that the network request contains ‘deny’ but the server’s reply is a redirect containing ‘allow’.
]]>I want to use nginx-sso which expect to be able to fetch .well-known/openid-configuration. Do you support this or is there documentation how to create that file with the right settings?
Thanks.
]]>Today I’ve updated the plugin to the last version and after updating it is not working anymore. Now, when my webapp tries to authenticate using OAuth, after introducing the correct username/password the plugin shows a new page asking for authorization and warning the user that “The application ‘MyApp API’wants to access following information: Basic public profile – Public email This application cannot continue if you do not allow this application” and 2 buttons (Allow and Deny). But clicking the Allow button doesn’t provide access to my WebApp as done in the last version, so now everything gets stuck in an endless loop showing the “Authorize” page over and over again.
Is there any way to configure the plugin to work the same way as it did in the last version and prevent this new “Authorize” page to be shown? I’m the owner of the WordPress site and the WebApp, so I don’t want my users to see this “Authorization” message page the looks like a warning about an untrusted site (my WebApp).
Thank you.
]]>I’m having problems to retrieve user profile after succesfuly authenticate to my WP site with your OAuth server. When I try to get the user profile, the server answers with an error:
data:”{“error”:”invalid_bearer_token”,”error_description”:”OAuth2 Access token is empty”}”
statusCode:400
The GET method Authorization header contains “Bearer the_access_token”, so I do not understant why is it complaining about Access token being empty.
What could be causing this issue?
Thank you!
]]>I’ve setup your plugin in a SSL protected WordPress site, and trying to log from a custom app, but when your Authorize endpoint is called, the page fails to load because of a mixed content error. Chrome complains that your page is trying to request the insecure script ‘https://pagead2.googlesyndication.com/apps/domainpark/show_afd_ads.js’ so the request is blocked by Chrome.
How to solve this problem?
Thank you.
]]>I’ve installed your plugin and followed the instructions, and after configuring the plugin I cannot see the widget at the “Available Widgets” page.
I’m using WordPress 5.2.2.
How can I solve this?
Thank you!
]]>Hi,
After the plugin installed and activated, i have no “miniOrange OAuth” entry in the Settings section
cant see any error.
]]>Hi there,
I have been looking for a good OAuth2 plugin to recommend to my customers for use with an API plugin I am developing which uses the WordPress Rest API.
Unfortunately when testing and visiting the authorize url I can only get as far as logging in with WordPress and then I get a blank white screen and no redirect
There dont appear to be any PHP errors as I am checking them with debugbar and the firefox console. The authorization url I am visiting is as follows:
I tried both with and without the redirect_url.
I noticed a previous support issue in this forum with the same issue. As you can see I am including index.php in the url so that solution has not worked for me.
I’m using xampp for local development but have also tried on my shared hosting account and the same issue occurs.
I’m using the latest version of WordPress.
Could you please advise of any steps to debug or if this is a bug?
Many thanks,
Andrew van Duivenbode.
]]>I am getting this conflict with your plugin and another plugin i use when i try and activate your plugin.
Fatal error: Cannot redeclare generateRandomString() (previously declared in /var/www/wordpress/wp-content/plugins/mapfig-premium-leaflet-map-maker/lib/controller.php:777) in /var/www/wordpress/wp-content/plugins/miniorange-oauth-20-server/mo_oauth_settings.php on line 724
]]>Not working with nginx, need a re-write for the web folder that works with nginx.
]]>Hi! I’m trying to integrate this plugin with my workflow. I am calling the application from https://localhost:3000/auth/local-wordpress. This page redirects to this WordPress plugin for authentication.
The plan is to then redirect to https://localhost:3000/auth/local-wordpress/callback. The client ID is valid and the authorized redirect URI is identical: https://localhost:3000/auth/local-wordpress/callback.
The problem is right at the authorization stage: https://localhost/wordpress/wp-content/plugins/miniorange-oauth-20-server/web/moserver/authorize?response_type=code&redirect_uri=https://localhost:3000/auth/local-wordpress/callback&client_id=actual_client_id
When the application (or I, for that matter) calls the above link, I get a blank 200 response. Nothing more, nothing less. No output, and it doesn’t even redirect. How do I get the plugin to redirect correctly please?
]]>I have been using your plugin for Oauth authentication to access JSON from a mobile app. However, I have noticed since activation that I can no longer make PHP changes through the WP Editor and when I traced this back via the ‘Health Check & Troubleshooting’ plugin, I received a cURL 28 error because the loopback check was timing out.
Disabling your plugin prevented this issue from happening again. Could you please tell me how to fix it?