Not working after updating

  • Resolved jordiblanchcarles

    (@jordiblanchcarles)


    5 years, 4 months ago

    Today I’ve updated the plugin to the last version and after updating it is not working anymore. Now, when my webapp tries to authenticate using OAuth, after introducing the correct username/password the plugin shows a new page asking for authorization and warning the user that “The application ‘MyApp API’wants to access following information: Basic public profile – Public email This application cannot continue if you do not allow this application” and 2 buttons (Allow and Deny). But clicking the Allow button doesn’t provide access to my WebApp as done in the last version, so now everything gets stuck in an endless loop showing the “Authorize” page over and over again.

    Is there any way to configure the plugin to work the same way as it did in the last version and prevent this new “Authorize” page to be shown? I’m the owner of the WordPress site and the WebApp, so I don’t want my users to see this “Authorization” message page the looks like a warning about an untrusted site (my WebApp).

    Thank you.

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Author miniOrange

    (@cyberlord92)

    Hi @jordiblanchcarles

    This would be a new security feature that we added in the last release.
    This allows your users to know which of their information is being shared with your OAuth application.

    You can disable the consent screen by simply adding a prompt parameter with the value allow in the Authorization Endpoint call.

    For example, the authorization URL will be as follows:

    https://<your-wordpress-domain>/path/to/authorize/endpoint?
 client_id=<client_id>
....
 &state=xyz
 &prompt=allow

    If you still face the same issues, please let us know.
    We’d be happy to help.

    Thanks.
    miniOrange

    • This reply was modified 5 years, 4 months ago by miniOrange.
    • This reply was modified 5 years, 4 months ago by miniOrange.
    • This reply was modified 5 years, 4 months ago by miniOrange. Reason: correction and formatting
    Thread Starter jordiblanchcarles

    (@jordiblanchcarles)

    Hello,

    sorry for replying so late, but I’ve been too busy to test your recommendation until today.

    Today I’ve updated your plugin from my working version 2.9.1 up to the latest version 2.12.0 and added prompt=allow to the authorization url as follows:

    https://mywebsite.com/wp-content/plugins/miniorange-oauth-20-server/web/index.php/moserver/authorize?prompt=allow

    but the plugin is still showing the new page asking over and over again for permission to access the information.

    Could you please give me some clue on how to solve this and aviod the plugin to show the new page and work as it worked in version 2.9.1?

    Thank you!

    Plugin Author miniOrange

    (@cyberlord92)

    Hi @jordiblanchcarles

    The issue you are getting regarding the consent screen can be handled with our premium version where we provide a configurable option for the consent screen. If you want, we can also setup a demo of our premium version so that you verify this.

    Let us know if it works for you.

    Thanks,
    miniOrange Team

    Thread Starter jordiblanchcarles

    (@jordiblanchcarles)

    So there’s no way to avoid this consent screen using the prompt parameter as you explained in the first reply of this topic?

    Plugin Author miniOrange

    (@cyberlord92)

    This is now supported with only our premium versions.

Viewing 5 replies - 1 through 5 (of 5 total)
  • The topic ‘Not working after updating’ is closed to new replies.