Error trying to log in

I tried with a different app and am receiving the following now:

Debugger [2023-12-29 17:43:02.332] 200 POST?/api/v1/apps

Debugger [2023-12-29 17:43:03.907] 200 GET /oauth/authorize?response_type=code&client_id=nkqakeechwecld0xko15ltq70nc0rzje&redirect_uri=mastodon-android-auth%3A%2F%2Fcallback&scope=read%20write%20follow%20push

Debugger [2023-12-29 17:43:04.420] 200 GET /oauth/authorize?response_type=code&client_id=nkqakeechwecld0xko15ltq70nc0rzje&redirect_uri=mastodon-android-auth%3A%2F%2Fcallback&scope=read%20write%20follow%20push&action=enable-mastodon-apps-authenticate

In the app I get the error “The page isn’t redirecting properly”

The URL that gives that error is “/oauth/authorize?response_type=code&client_id=jzrqbsz0gmyam5jnoum34nabtjssxmum&redirect_uri=mastodon-android-auth%3A%2F%2Fcallback&scope=read%20write%20follow%20push&action=enable-mastodon-apps-authenticate#”

The debugger info for the entry is:

params array ( ‘response_type’ => ‘code’, ‘client_id’ => ‘nkqakeechwecld0xko15ltq70nc0rzje’, ‘redirect_uri’ => ‘mastodon-android-auth://callback’, ‘scope’ => ‘read write follow push’, ‘action’ => ‘enable-mastodon-apps-authenticate’, )
current_user 0
app Enable_Mastodon_Apps\Mastodon_App::__set_state(array( ‘term’ => WP_Term::__set_state(array( ‘term_id’ => 472, ‘name’ => ‘enable-mastodon-apps’, ‘slug’ => ‘enable-mastodon-apps’, ‘term_group’ => 0, ‘term_taxonomy_id’ => 472, ‘taxonomy’ => ‘mastodon-app’, ‘description’ => ”, ‘parent’ => 0, ‘count’ => 0, ‘filter’ => ‘raw’, )), ))

• This reply was modified 10 months, 4 weeks ago by Jonathan Eggers.
• This reply was modified 10 months, 4 weeks ago by Jonathan Eggers.

This is an error message I’m seeing in my 404 logs:

{“error”:”redirect_uri_mismatch”,”error_description”:”The redirect URI provided is missing or does not match”,”error_uri”:”http:\/\/tools.ietf.org\/html\/rfc6749#section-3.1.2″}

Hi Jonathan, sorry for the trouble! Could you try your own blog URL in this tester app that I created? https://akirk.github.io/mastodon-api-tester/

Clicking “Authorize” should then take you to your WordPress login page and back again after authorizing.

Then you could click the “verify_credentials” endpoint to see if it’s working.

If not, the tester should be able to show you an error message that should help us here in identifying the problem.

I get the following code:

— Request at 2024-01-04T14:31:44.809ZPOST /api/v1/apps
Server: https://jseggers.com
Content-Type: application/json
Accept: application/json
{ “client_name”: “Mastodon API Tester”, “redirect_uris”:“https://akirk.github.io/mastodon-api-tester/”, “scopes”: “read write follow” }– Response received after 0.4 secondsHTTP Status: 200 cache-control: public, max-age=604800
content-type: application/json
expires: Thu, 11 Jan 2024 14:31:46 GMT
link: <https://jseggers.com/wp-json/&gt;; rel=”https://api.w.org/&#8221;
{ “id”: “y0iruksblcq6pw7b6lqifr3ugr58xgh4”, “name”: “Mastodon API Tester”, “website”: “”, “redirect_uri”:“https://akirk.github.io/mastodon-api-tester/&#8221;, “client_id”: “y0iruksblcq6pw7b6lqifr3ugr58xgh4”, “client_secret”: “kLVhP0h3Uor8CPh56lUZVsX7trtVh9Go7RiV3JqKwJZHKLEb3qvmNxbRua7bnMc8dIcpVf9RP7Xzl427zcsUlfa9qPVf7VSUPMXqZKnUj0jOPJLDzdLny8Ei2xze6PPn” }– Page loaded at 2024-01-04T14:31:33.369Z

Then I get the following:

This page isn’t working

jseggers.com redirected you too many times.

• Try deleting your cookies.

ERR_TOO_MANY_REDIRECTS

I tried it in a private session with the same results.

Does it leverage the /.well-know path at all?

It looks like you leverage nodeinfo:

https://jseggers.com/wp-json/enable-mastodon-apps/api/nodeinfo/2.0.json

If you’re doing this via a redirect of /.well-known/x-nodeinfo2 I need to build a redirect to handle it. My host will not pass any traffic aimed at /.well-know/ through to WordPress, making redirects for that URI within the system impossible.

ERR_TOO_MANY_REDIRECTS

Could it be that you are doing something to your wp-loing URL? The authentication happens there and it identifies the URL via teh standard wp_login_url() which looks like it’s failing. Does it display the URL with too many redirects? Is it your wp-login URL?

Yes – I have a plugin that changes the login URL. I disabled that and now get to the login screen. I authenticate and then I get the following:

{“error”:”redirect_uri_mismatch”,”error_description”:”The redirect URI provided is missing or does not match”,”error_uri”:”http:\/\/tools.ietf.org\/html\/rfc6749#section-3.1.2″}

I went through the authorization process again and it worked. However, I’m getting the message in the app that says, “Required field ‘url’ of type String was null in Account”

On the tester, I’m getting the following:

— Request at 2024-01-04T22:09:41.376ZPOST /oauth/token
Server: https://jseggers.com
Content-Type: application/json
Accept: application/json
{ “client_id”: “bxmwxt7epaigt6a672s6qxlynqbz05tw”, “client_secret”: “9ucFfPuBePqYMb7rIUPvA9NZcE8fXbv1l67bwiJWrXjxnG0jP29F4FzZwy93T4tAkM8isAYGJn3M2LiYzKrqQVhIXaXboTHcBLaJfOmB6j1TzuaTlO9Z88hHMpGtHPPl”, “redirect_uri”:“https://akirk.github.io/mastodon-api-tester/&#8221;, “code”: “b41c61e19654468ce594335cf3bdf828f7a15d35”, “grant_type”: “authorization_code” }– Response received after 1.3 secondsHTTP Status: 200 cache-control: no-store
content-type: application/json
expires: Wed, 11 Jan 1984 05:00:00 GMT
pragma: no-cache
{ “access_token”: “73b4ab115c9f4e6c25cf8be20065d8da44789008”, “expires_in”: 63072000, “token_type”: “Bearer”, “scope”: “read write”, “created_at”: 1704406183 }– Page loaded at 2024-01-04T22:09:41.375Z

I was able to log in to https://pinafore.social/, but am not seeing any of my old posts.

Elk won’t accept the domain and Tusky keeps crashing.

I get the following with Elk: {“error”:”invalid_client”,”error_description”:”The client id supplied is invalid”}

• This reply was modified 10 months, 3 weeks ago by Jonathan Eggers.
• This reply was modified 10 months, 3 weeks ago by Jonathan Eggers.

Yes – I have a plugin that changes the login URL. I disabled that and now get to the login screen.

This is good news! Would you mind sharing which plugin you are using so that I can investigate how we can make them play nicely with each other?

I authenticate and then I get the following:

{“error”:”redirect_uri_mismatch”,”error_description”:”The redirect URI provided is missing or does not match”,”error_uri”:”http:\/\/tools.ietf.org\/html\/rfc6749#section-3.1.2″}

For which app is this?

However, I’m getting the message in the app that says, “Required field ‘url’ of type String was null in Account”

Thanks, I’ll try and see if I can find in which field this happens.

Tusky keeps crashing

This might be caused by the same problem from above.

I get the following with Elk: {“error”:”invalid_client”,”error_description”:”The client id supplied is invalid”}

This is likely because you have deleted the Elk app, thus the credentials it’s trying to use no longer exist. I have released 0.6.2 which has a new setting to remidy this: please activate the “Implicitly re-register the next unknown client” setting and try again.

The plugin is WPS Hide Login.

The first app I tried with was the official Mastodon app, which I later saw wasn’t listed as supported on the plugin page. Regardless of the app, if I had to sign in it would fail. Once I signed in and tried the login process again and went straight to the “authorize” page it worked.

The setting let me log in to elk and click the Authorize button, but then I got:

{“url”:”/api/jseggers.com/oauth/https%3A%2F%2Felk.zone?code=9a6720bfbf63bdf48ced9d4e31429fcacca8efb2″,”statusCode”:400,”statusMessage”:”Could not complete log in.”,”message”:”Could not complete log in.”,”stack”:””}

I get this same message each time I try to complete the authorization process. I have multiple authorization codes now for elk, but no token.

I appreciate all your help!

which I later saw wasn’t listed as supported on the plugin page.

The list on the plugin page is not intended to suggest support. In theory, all Mastodon apps should be supported. A big part of the problems come from assumptions that those apps make based on how Mastodon implements their API vs. how they defined it in the API documentation.

The setting let me log in to elk and click the Authorize button, but then I got:

{“url”:”/api/jseggers.com/oauth/https%3A%2F%2Felk.zone?code=9a6720bfbf63bdf48ced9d4e31429fcacca8efb2″,”statusCode”:400,”statusMessage”:”Could not complete log in.”,”message”:”Could not complete log in.”,”stack”:””}

Hm, this indicates to me that the redirect URI of the app was not retrieved correctly from the redirect_uri provided. Could you check in your settings under Apps? The redirect URI should start with https://elk.zone/api/, for you it might miss that elk.zone?

To solve this, I probably need to make the redirect URI editable.

https://elk.zone/api/jseggers.com/oauth/https%3A%2F%2Felk.zone

The error message comes from the following URL: https://elk.zone/api/jseggers.com/oauth/https%3A%2F%2Felk.zone?code=e6c278ed02a91cf18ecc7c3e748eb76d0cdb5b4d

• This reply was modified 10 months, 3 weeks ago by Jonathan Eggers.

The plugin is WPS Hide Login.

Thanks, this allowed me to fix it: https://github.com/akirk/enable-mastodon-apps/pull/49 (not yet released).

The Elk redirect URL looks fine. Luckily they are open source, so it fails here:

https://github.com/elk-zone/elk/blob/3adf92ea56f7237ff8918d153d132c1ce688b236/server/api/%5Bserver%5D/oauth/%5Borigin%5D.ts#L44

Could you just try to manually delete the app and then use the new option again? Maybe something failed there the first time.

Deleting the app and signing in again worked!