Comments (5)
Hi @psignoret,
What's the best way to diagnose errors in the absence of any messages? I get redirected to /wp-login.php but not logged in.
from aad-sso-wordpress.
@Andre4s and @psignoret
From experience, there are 2 reasons why each time you try to login, you get redirected to wp-login.php
-
Make sure you have at least PHP7.
From wp-login.php, when you click to login with O365, and upon succesfull authentication by microsoft, the url returned is quite long and completely ignored by PHP5 unless you make sure to increase the lenght for GET params. Because it is ignored, you get stuck to the wp-login.php page.
With PHP5.x, to add support for long parameters with suhosin, add
suhosin.get.max_value_length = <limit>
in php.ini (source http://stackoverflow.com/questions/7724270/max-size-of-url-parameters-in-get) -
You might need to force the reload of the ADDSSO openconfig configuration.
In Settings.php (line 208), I don't know exactly why, but $openid_configuration was an empty string and the condition should have returned true in order to reload the configuration settings. Instead, the code was going staight to line 215 with $openid_configuration empty. This caused the authentication link not to be generated well, causing the redirect to wp-login.
You can temporarily add at line 214 the code below and remove it after :
$openid_configuration = json_decode(
self::get_remote_contents( $instance->openid_configuration_endpoint ),
true // Return associative array
);
set_transient( 'aadsso_openid_configuration', $openid_configuration, 3600 );
Anyway in those 2 cases, you don't have any error messages displaying.
from aad-sso-wordpress.
Edit: @cjh357 found what appears to be conflict with the VigilanTor plugin—everything works fine with it disabled.
from aad-sso-wordpress.
@Andre4s: Thanks for the heads up, will look into it with #112 and see if we can play nicely together.
@M-ine: Both of these are interesting observations.
For 1, we can probably add an alert in the admin setting if the PHP value is too low. Alternatively (or in addition), we can change to the Form Post Response Mode, which will put the contents of the Authorization Response in POST, instead of GET, bypassing this URL length problem. Looking into this in #113.
For 2, the condition did not return true because we're using ===
, which means the result must evaluate to FALSE
and be a boolean. I'll have to look at this more carefully (to see what could have cause an empty string in the first place), and add some better validation of the returned contents (#114).
That said, if you ever need to force-reload the OpenID config, just add &aadsso_reload_openid_config=1
to the login page's URL, as described here: https://github.com/psignoret/aad-sso-wordpress#refreshing-the-openid-connect-configuration-cache
from aad-sso-wordpress.
@psignoret Thanks.
Glad to be of use. Keep up the good work.
from aad-sso-wordpress.
Related Issues (20)
- ERROR 403: Options.php HOT 1
- Error when signing in - "Session does not contain antiforgery ID." #200 HOT 8
- User token? HOT 2
- Wrong redirect URL HOT 4
- One user unable to auth to WordPress HOT 1
- Is this repository active? HOT 2
- Support for OAuth2 Authorization Code Flow HOT 3
- Implement support for PKCE
- Retirement of basic authentication HOT 2
- Session does not contain antiforgery ID HOT 1
- PHP 8.1: PHP Deprecated: Implicit conversion from float 9615.9 to int loses precision HOT 2
- Slowing down site HOT 3
- I get Session does not contain antiforgery ID when logging in HOT 2
- No request found for this application. HOT 1
- You do not have permission to view this directory or page. HOT 8
- Too many redirect URL error HOT 2
- Getting error "Session does not contain antiforgery ID" HOT 5
- How to refresh Access Token? HOT 1
- Fetching Azure Userdata HOT 3
- Deprecation notice in PHP 8.1/8.2 HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from aad-sso-wordpress.