search

rtCamp / login-with-google

Minimal plugin which allows WordPress user to login with google.
https://wordpress.org/plugins/login-with-google/
GNU General Public License v2.0
63 stars 17 forks source link

403 Forbidden on redirect back from google #100

Closed hemmesdev closed 2 years ago

hemmesdev commented 2 years ago

Hi,

I'm getting a 403 Forbidden on wp-login.php after redirecting back from google. Any idea why that is happening?

Forbidden You don't have permission to access this resource.

https://domain.org/wp-login.php?state=*************************JzdGVsYWNhZGVtaWUub3JnXC93cC1hZG1pblwvIiwicHJvdmlkZXIiOiJnb29nbGUifQ%3D%3D&code=4%2F0AX4XfWg7HKgikNlBfgUXhufLtqYbTKJ_u0y7khBQKOE691O1UFPZHSh3i3QVIOrxDBAcbw&scope=email+profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+openid&authuser=0&hd=*********emie.org&prompt=consent

I've googled a bit and most answers suggest editing the .htaccess.

My htaccess looks like this now:

<Files xmlrpc.php>
    Require all denied
</Files>
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>

Any suggestions on how to resolve the problem?

UPDATE:

When i remove the section below from the url manually it does work, any idea's

&scope=email+profile+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile+openid&authuser=0&hd=*********emie.org&prompt=consent
hemmesdev commented 2 years ago

The problem is a Mod Security rule from my hoster. So not anything you guys can help me with. Consider it closed for now