Is there some nodebb-plugin-sso-auth0 user ?
-
Hello,
I wish know if there is some nodebb-plugin-sso-auth0 user, to know if this plugin works.
I restart, rebuild several time, but i have nothing in the GUI menu.Thanks
-
Yes , nodebb-plugin-sso-google
You can find it in plugin section of your admin portalThanks
-
abhinov singh is referencing a different plugin that does SSO with the google's G+ API, but that is not an answer to @remydev's question. The nodebb-plugin-sso-auth0 plugin is used by the Antergos nodeBB forum: forum$antergos$com replacing '$' with '.' because the link was getting my post flagged as spam. Someone from their side is also the author of the plugin. I've been trying to get it to work myself with no luck yet but if you go to login on their page you can experience it working. Maybe we should raise some issues on the github page. I do see it in the GUI menu though, you can both install it and activate it from the GUI, I'm getting an error at the callback stage.
-
The "./nodebb log" output is :
AUTH0 ERROR - ENO-010: {"profile":{"name":{},"_json":{},"_raw":"{}"}}
2018-04-30T08:27:48.885Z [19343] - error: /auth/auth0/callbackThe UI shows this text:
Internal Error.Oops! Looks like something went wrong!
/auth/auth0/callback
undefined
And looking at network traffic with Firefox I see several 302s and a 500 error. I suppose it might be getting stripped somewhere there. I do have the Google SSO plugin working though, so I suppose that data should pass through the Nginx reverse proxies?
-
@julian Actually, I see a code parameter in the one that receives a 500 response from the page.
code someletters
state longersletters+symbolsSo I went to the Antergos forum and tried logging in there as well to watch the network, in their case they don't have the state parameter and don't get a 500 response, they have only the code parameter in this part.
-
@julian So my site receives "https$mysite$site$com/auth/auth0/callback?code=letternumberjumble&state=letternumbersymboljumble" and responds with a 500.
while their site gets "https$forum$antergos$com/auth/auth0/callback?code=letternumberjumble"
$ being replaced with the obvious things because the spam defense doesn't let me post things that seem like links yet.
If I remove the state I can at least get some better feedback from the backend, though it complains the callback code is wrong (probably because it needs to happen in that first response directly, at least I assume it shouldn't work if merely resent/spoofed later).
2018-05-01T15:30:53.594Z [26584] - error: /auth/auth0/callback
TokenError: Invalid authorization code
at Strategy.OAuth2Strategy.parseErrorResponse (/data/node_BB/nodebb/node_modules/passport-oauth2/lib/strategy.js:329:12)
at Strategy.OAuth2Strategy._createOAuthError (/data/node_BB/nodebb/node_modules/passport-oauth2/lib/strategy.js:376:16)
at /data/node_BB/nodebb/node_modules/passport-oauth2/lib/strategy.js:166:45
at /data/node_BB/nodebb/node_modules/oauth/lib/oauth2.js:191:18
at passBackControl (/data/node_BB/nodebb/node_modules/oauth/lib/oauth2.js:132:9)
at IncomingMessage.<anonymous> (/data/node_BB/nodebb/node_modules/oauth/lib/oauth2.js:157:7)
at emitNone (events.js:111:20)
at IncomingMessage.emit (events.js:208:7)
at endReadableNT (_stream_readable.js:1064:12)
at _combinedTickCallback (internal/process/next_tick.js:138:11)
at process._tickCallback (internal/process/next_tick.js:180:9)Don't spend time on it for now, I'll see if I can use a rule on the auth0 site to not send back the state and I'll report back if that works or not.
-
@khalid-kunji did u get this working? I am getting the same error.
