Unable to Authorise Access

[Clearmask]

Opens log-in for instance in browser as expected but once logged in, it does not permit authorisation and instead returns the following error: "Client authentication failed due to unknown client, no client authentication included, or unsupported authentication method." Help greatly appreciated.

[janboddez]

Thanks for letting me know! What version of the plugin are you using? Which Mastodon instance?

1. Would it be possible to enable WP debugging by adding the following to wp-config.php?

   define('WP_DEBUG', true);
   define('WP_DEBUG_LOG', true);
   define('WP_DEBUG_DISPLAY', false);

   You should then see a textarea field on the settings page for this plugin that displays your Share on Mastodon settings. (Don't share them here! But you should then at least be able to see if a mastodon_client_id and secret were assigned, which should happen in the background when you first input and save your instance.)

Actually, there must be, otherwise the Authorize button would not be shown. They do get sanitized, though, before the plugin saves them to the db, so maybe they got corrupted there.

2. Do you have access to your SQL db? Mind running something like DELETE FROM wp_options WHERE option_name = 'share_on_mastodon_settings'; (Best make a backup before. May need to adjust your database prefix.)

If not, that's okay, too. I plan to release next version very soon, and will at least add a way to recreate a client id and secret, and remove the superfluous sanitization.

[Clearmask]

Hey Jan,

Thanks for the detailed response! I'm running WP 5.3.2 and v0.2 of your plug-in.

Have successfully enabled debug mode and can see that a client id and secret were assigned, but no token.

I'm not sure how to run the shell script you recommend but my friend should be able to help with that later today (I'm a beginner - sorry!).

I will let you know how I get on. Any idea when you're likely to release an update?

Thanks again for your swift reply.

Kind regards,

CM

Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, 14 March 2020 19:55, Jan Boddez notifications@github.com wrote:

Thanks for letting me know! What version of the plugin are you using? Which Mastodon instance?

• Would it be possible to enable WP debugging by adding the following to wp-config.php?

define('WP_DEBUG', true); define('WP_DEBUG_LOG', true); define('WP_DEBUG_DISPLAY', false);

You should then see a textarea field on the settings page for this plugin that displays your Share on Mastodon settings. (Don't share them here! But you should then at least be able to see if a mastodon_client_id and secret were assigned, which should happen in the background when you first input and save your instance.)

Actually, there must be, otherwise the Authorize button would not be shown. They do get sanitized, though, before the plugin saves them to the db, so maybe they got corrupted there.

• Do you have access to your SQL db? Mind running something like DELETE FROM wp_options WHERE option_name = 'share_on_mastodon_settings'; (Best make a backup before. May need to adjust your database prefix.)

If not, that's okay, too. I plan to release next version very soon, and will at least add a way to recreate a client id and secret, and remove the superfluous sanitization.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.

[janboddez]

Yeah, somehow the client ID or secret WordPress has stored for you isn't what your instance is expecting, which is stopping you from authorizing WP to access your Mastodon account by means of an access token.

If you deleted the plugin's settings (which does not happen on uninstall, for multiple reasons), you'd get assigned a new ID and secret, and chances are those would work.

The new version should be available soon. Today, perhaps, or tomorrow. And will include a couple changes that make switching accounts and wiping settings much easier, and storing tokens and such more robust.

[Clearmask]

Fantastic news. Cheers Jan.

I'll keep an eye out for the update.

Enjoy the rest of your Sunday.

Sent from ProtonMail mobile

-------- Original Message -------- On 15 Mar 2020, 13:34, Jan Boddez wrote:

Yeah, somehow the client ID or secret WordPress has stored for you isn't what your instance is expecting, which is stopping you from authorizing WP to access your Mastodon account by means of an access token.

If you deleted the plugin's settings (which does not happen on uninstall, for multiple reasons), you'd get assigned a new ID and secret, and chances are those would work.

The new version should be available soon. Today, perhaps, or tomorrow. And will include a couple changes that make switching accounts and wiping settings much easier, and storing tokens and such more robust.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.

[janboddez]

All right. Not promising anything, but: you should now (or soon) be able to install v0.4.1, which comes with a back-end button to destroy all settings. You could probably just do that and then try again. The way the client ID and secret are saved also changed slightly, and I haven't had any issues testing things over here, so ... Fingers crossed.

One other thing's changed: if after you've installed the update, you deactivate and reactivate the plugin (or install from scratch), it should also check the validity of your access token in the background, once a day.

Should you find that posting to Mastodon suddenly stops working (like when you revoke the token from Mastodon's back end but not WordPress), you'll then notice the need to re-authorize on the settings page, and the blank token, in case debugging is enabled, in the settings "dump." (I'll add context and what not in a later version.)

It's probably safest to disable debugging after troubleshooting, and delete the debug.log file in wp-content (or elsewhere, if you've set it up that way) in case there is one.

[Clearmask]

Hey Jan,

Success! Thanks so much for all your hard work! After a year spent learning about self hosting and web design and tinkering with various iterations of my site, it feels great to finally achieve my initial goal of having it publish directly to the Fediverse. It's a bit of a milestone on a long and faltering journey, if I'm honest. Just need to work on the content now! Thanks again for making and maintaining this and for putting it out there free of charge. This has made my weekend.

Best wishes,

CM

Sent with ProtonMail Secure Email.

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, 15 March 2020 21:09, Jan Boddez notifications@github.com wrote:

All right. Not promising anything, but: you should now (or soon) be able to install v0.4.1, which comes with a back-end button to destroy all settings. You could probably just do that and then try again. The way the client ID and secret are saved also changed slightly, and I haven't had any issues testing things over here, so ... Fingers crossed.

One other thing's changed: if after you've installed the update, you deactivate and reactivate the plugin (or install from scratch), it should also check the validity of your access token in the background, once a day.

Should you find that posting to Mastodon suddenly stops working (like when you revoke the token from Mastodon's back end but not WordPress), you'll then notice the need to re-authorize on the settings page, and the blank token, in case debugging is enabled, in the settings "dump." (I'll add context and what not in a later version.)

It's probably safest to disable debugging after troubleshooting, and delete the debug.log file in wp-content (or elsewhere, if you've set it up that way) in case there is one.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.