Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed incorrect OAuth nonce_used error when it should be error on inc… #4378

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Fixed incorrect OAuth nonce_used error when it should be error on inc… #4378

wants to merge 8 commits into from

Conversation

kiatng
Copy link
Contributor

@kiatng kiatng commented Nov 24, 2024

…orrect consumer key.

Description (*)

Incorrect error message leads the developer astray and can waste hours on the wrong thing. This PR fixes such a bug.

Manual testing scenarios (*)

I use openmage-shooter to test.

  1. [OpenMage OAuth Server] Add a consumer if none exist.
  2. [DDEV] Install openmage-shooter in your DDEV environment.
  3. [Browser] Open https://openmage.ddev.site/shooter/rest
    • Fill in the OAuth params, on Consumer Key, enter a wrong key.
    • Click save.
    • Error nonce_used:
      image
    • Try again with this PR, error: Could not retrieve a valid Token response from Token URL: oauth_problem=consumer_key_rejected

@kiatng kiatng added the bug label Nov 24, 2024
@github-actions github-actions bot added the Component: Oauth Relates to Mage_Oauth label Nov 24, 2024
@sreichel
Copy link
Contributor

sreichel commented Jan 17, 2025
edited
Loading

Tried and failed ...

  • install your module
  • added oauth consumer
  • went to "shooter/rest"
  • got redirected to customer login
  • logged in
  • "shooter/rest/index" shows 404

@sreichel sreichel added this to the 20.13.0 milestone Jan 17, 2025
@sreichel sreichel removed this from the 20.13.0 milestone Jan 18, 2025
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@kiatng
Copy link
Contributor Author

kiatng commented Jan 22, 2025

Tried and failed ...

  • install your module
  • added oauth consumer
  • went to "shooter/rest"
  • got redirected to customer login
  • logged in
  • "shooter/rest/index" shows 404

Did you add your OAuth consumer in the same OpenMage instance? Test the API to itself? I do not think this can work. I used the session to store OAuth token, if you login in to authorize, the session is lost Can you test the API with another OpenMage instance?

After installing openmage-shooter, the normal steps in the browser are:

  1. Login to frontend, your customer ID must be <20 to access shooter
  2. Access "shooter/rest"
  3. Input URL other than local
  4. Redirected to server for authorization with email/password
  5. Redirect back to "shooter"
  6. Start the API test

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@addison74 addison74 addison74 approved these changes

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
Component: Oauth Relates to Mage_Oauth waiting for feedback
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@kiatng @sreichel @addison74