Live connector doesnt work with query parameters on redirect_uri

alixandru / q2a-open-login

Question2Answer Open Login plugin

62 stars 44 forks source link

Live connector doesnt work with query parameters on redirect_uri #53

Closed ryanwinter closed 8 years ago

ryanwinter commented 9 years ago

Live no longer allows query parameters as part of its redirect_uri which means all authentication against new Live Applications fail.

ryanwinter commented 9 years ago

"You must enter a valid domain that begins with http:// or https:// - query strings are not allowed. Length is limited to 248 characters."

alixandru commented 8 years ago

This means that your Q2A installation must be configured to use an URL structure without query strings. More exactly, you need to choose one of the first 2 options in the admin page (URL Structure section):

/123/why-do-birds-sing
/index.php/123/why-do-birds-sing

Let me know if it works using this setup.

bertrandgorge commented 5 years ago

Hello, I allow myself to reopen this case, I have this same issue for both Live and Twitter - neither of them accept query strings. I've switch the Q2A platform to the right URL structure, but can't seem to manage to build the right redirect_uri... I've tried https://questions.tripleperformance.fr/hauth.done/Twitter but this doesn't work either. Thanks for any help !

bertrandgorge commented 5 years ago

Ok - I managed to make it work for Live. Basically you need to have a live.php file at the root of your Q2A setup, with the following content:

<?php
/**
* HybridAuth
* http://hybridauth.sourceforge.net | http://github.com/hybridauth/hybridauth
* (c) 2009-2015, HybridAuth authors | http://hybridauth.sourceforge.net/licenses.html
*/
// ------------------------------------------------------------------------
//  HybridAuth End Point
// ------------------------------------------------------------------------
$_REQUEST['hauth_done'] = 'Live';
require_once( "qa-plugin/q2a-open-login/Hybrid/Auth.php" );
require_once( "qa-plugin/q2a-open-login/Hybrid/Endpoint.php" );
Hybrid_Endpoint::process();

Then declare https://yourQ2ASetup/live.php as the Redirect URIs in Azure's configuration.

NB: I've tried to have the file live in the q2a-open-login folder, but the Hybrid lib hardcodes the URL using $HYBRID_AUTH_URL_BASE so that would break everything.

bertrandgorge commented 5 years ago

Note: it works the same for twitter. You just need to add some code to Hybrid/Provider_Adapted.php though, in order to match what has been done for Live. I will send a patch with all that, and maybe try to look some more in order to improve that fix.

        # workaround to solve twitter authentication since Twitter disallowed redirect urls to contain any parameters
        # http://mywebsite.com/path_to_hybridauth/?hauth.done=Twitter will not work
        if ($this->id=="Twitter") {
            $this->params["login_done"] = $HYBRID_AUTH_URL_BASE."twitter.php";
        }