RADIUSdesk / Discussion / Help: Can't get Social Login to work

Hello,

Currently I am having trouble setting up social login.
I don't seem to be able to figure out what I am doing wrong.

I followed the guide on the radiusdesk to the letter, but am still unable to get the authentication to go through.

I have also found a bug in the system.
If you choose your own NAS secret, and set up a new hotspot, the freeradius daemon complains about a non-matching secret, although it is the same in both the NAS and the captive-portal in the Mesh exit point.
It only works when using the testing123 secret, if something else is chosen, the /usr/local/sbin/radiusd -X (I am on ubuntu 14.04) shows an error when the router is powered up and it simply said: wrong secret. The redirect page loads, the error shows 3 or 4 times, and then nothing happens.

When setting up everything according to the guide and using testing123 as the secret, it doesnt show an error (or so I think)

The following output is generated by the freeradius server when booting the router, but I am not sure of there are any mistakes in there:

rad_recv: Accounting-Request packet from host 87.64.xx.x port 54424, id=0, length=184
server dynamic_client_server {
rlm_raw: NAS-Identifier = sco_cp1
rlm_raw: NAS-Identifier = sco_cp1
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released sql socket id: 3
rlm_raw: NAS-Identifier = sco_cp1
rlm_sql (sql): Reserving sql socket id: 2
rlm_sql (sql): Released sql socket id: 2
rlm_raw: NAS-Identifier = sco_cp1
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql (sql): Released sql socket id: 1
} # server dynamic_client_server
- Added client 87.64.103.135 with shared secret testing123
rad_recv: Accounting-Request packet from host 87.64.xx.x port 54424, id=0, length=184
    ChilliSpot-Version = "1.3.1-svn"
    ChilliSpot-Attr-10 = 0x00000002
    Event-Timestamp = "Feb 10 2016 20:40:17 EST"
    Acct-Status-Type = Accounting-On
    NAS-Port-Type = Wireless-802.11
    Calling-Station-Id = "00-00-00-00-00-00"
    Called-Station-Id = "66-46-2E-xx-xx-xx"
    NAS-IP-Address = 10.1.0.1
    NAS-Identifier = "sco_cp1"
    WISPr-Location-ID = "isocc=,cc=,ac=,network=MESHdesk,"
    WISPr-Location-Name = "MESHdesk_hotspot"
# Executing section preacct from file /usr/local/etc/raddb/sites-enabled/default
+group preacct {
++[preprocess] = ok
[acct_unique] WARNING: Attribute NAS-Port was not found in request, unique ID MAY be inconsistent
[acct_unique] WARNING: Attribute Acct-Session-Id was not found in request, unique ID MAY be inconsistent
[acct_unique] WARNING: Attribute User-Name was not found in request, unique ID MAY be inconsistent
[acct_unique] Hashing ',Client-IP-Address = 87.64.xx.x,NAS-IP-Address = 10.1.0.1,,'
[acct_unique] Acct-Unique-Session-ID = "24dc56540eb91a29".
++[acct_unique] = ok
[suffix] Proxy reply, or no User-Name.  Ignoring.
++[suffix] = ok
++policy RADIUSdesk_preacct {
+++policy rewrite.calling_station_id {
++++? if ((Calling-Station-Id) && "%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i)
?? Evaluating (Calling-Station-Id) -> TRUE
    expand: %{Calling-Station-Id} -> 00-00-00-00-00-00
    expand: policy.mac-addr -> policy.mac-addr
    expand: ^%{config:policy.mac-addr}$ -> ^([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})[^0-9a-f]?([0-9a-f]{2})$
? Evaluating ("%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i) -> TRUE
++++? if ((Calling-Station-Id) && "%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i) -> TRUE
++++if ((Calling-Station-Id) && "%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i) {
+++++update request {
    expand: %{1}-%{2}-%{3}-%{4}-%{5}-%{6} -> 00-00-00-00-00-00
    expand: %{tolower:%{1}-%{2}-%{3}-%{4}-%{5}-%{6}} -> 00-00-00-00-00-00
+++++} # update request = noop
+++++[updated] = updated
++++} # if ((Calling-Station-Id) && "%{Calling-Station-Id}" =~ /^%{config:policy.mac-addr}$/i) = updated
++++ ... skipping else for request 0: Preceding "if" was taken
+++} # policy rewrite.calling_station_id = updated
+++? if (request:User-Name =~ /^([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})$/i)
    (Attribute request:User-Name was not found)
? Evaluating (request:User-Name =~ /^([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})$/i) -> FALSE
+++? if (request:User-Name =~ /^([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})[-:]+([0-9a-f]{2})$/i) -> FALSE
+++update control {
sql_xlat
    expand: %{User-Name} -> 
sql_set_user escaped user --> ''
    expand: SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='%{request:User-Name}' and attribute='Rd-Not-Track-Acct' and value=1 -> SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='' and attribute='Rd-Not-Track-Acct' and value=1
rlm_sql (sql): Reserving sql socket id: 0
sql_xlat finished
rlm_sql (sql): Released sql socket id: 0
    expand: %{sql:SELECT count(radcheck.username) FROM radcheck WHERE radcheck.username='%{request:User-Name}' and attribute='Rd-Not-Track-Acct' and value=1} -> 0
+++} # update control = noop
+++? if ("%{control:Rd-Not-Track-Acct}" == 0)
    expand: %{control:Rd-Not-Track-Acct} -> 0
? Evaluating ("%{control:Rd-Not-Track-Acct}" == 0) -> TRUE
+++? if ("%{control:Rd-Not-Track-Acct}" == 0) -> TRUE
+++if ("%{control:Rd-Not-Track-Acct}" == 0) {
++++policy RADIUSdesk_set_acct_realm {
+++++update control {
sql_xlat
    expand: %{User-Name} -> 
sql_set_user escaped user --> ''
    expand: SELECT value FROM radcheck WHERE radcheck.username='%{request:User-Name}' and attribute='Rd-Realm' -> SELECT value FROM radcheck WHERE radcheck.username='' and attribute='Rd-Realm'
rlm_sql (sql): Reserving sql socket id: 4
SQL query did not return any results
rlm_sql (sql): Released sql socket id: 4
    expand: %{sql:SELECT value FROM radcheck WHERE radcheck.username='%{request:User-Name}' and attribute='Rd-Realm'} -> 
+++++} # update control = noop
+++++? if ("%{control:Rd-Realm}")
    expand: %{control:Rd-Realm} -> 
? Evaluating ("%{control:Rd-Realm}") -> FALSE
+++++? if ("%{control:Rd-Realm}") -> FALSE
++++} # policy RADIUSdesk_set_acct_realm = noop
++++policy RADIUSdesk_async_acct {
+++++? if (("%{request:User-Name}")&&("%{request:Calling-Station-Id}"))
    expand: %{request:User-Name} -> 
?? Evaluating ("%{request:User-Name}") -> FALSE
?? Skipping ("%{request:Calling-Station-Id}")
+++++? if (("%{request:User-Name}")&&("%{request:Calling-Station-Id}")) -> FALSE
++++} # policy RADIUSdesk_async_acct = noop
+++} # if ("%{control:Rd-Not-Track-Acct}" == 0) = noop
++} # policy RADIUSdesk_preacct = updated
++[files] = noop
+} # group preacct = updated
# Executing section accounting from file /usr/local/etc/raddb/sites-enabled/default
+group accounting {
[detail]    expand: %{Packet-Src-IP-Address} -> 87.64.xx.x
[detail]    expand: /usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d -> /usr/local/var/log/radius/radacct/87.64.xx.x/detail-20160212
[detail] /usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /usr/local/var/log/radius/radacct/87.64.xx.x/detail-20160212
[detail]    expand: %t -> Fri Feb 12 11:18:14 2016
++[detail] = ok
++[unix] = noop
[radutmp]   expand: /usr/local/var/log/radius/radutmp -> /usr/local/var/log/radius/radutmp
rlm_radutmp: NAS 10.1.0.1 restarted (Accounting-On packet seen)
++[radutmp] = ok
++policy RADIUSdesk_acct {
+++? if ((!"%{control:Rd-Not-Track-Acct}")||("%{control:Rd-Not-Track-Acct}" != 1))
    expand: %{control:Rd-Not-Track-Acct} -> 0
?? Evaluating !("%{control:Rd-Not-Track-Acct}") -> TRUE
?? Skipping ("%{control:Rd-Not-Track-Acct}" != 1)
+++? if ((!"%{control:Rd-Not-Track-Acct}")||("%{control:Rd-Not-Track-Acct}" != 1)) -> TRUE
+++if ((!"%{control:Rd-Not-Track-Acct}")||("%{control:Rd-Not-Track-Acct}" != 1)) {
[sql] Received Acct On/Off packet
[sql]   expand: %{Acct-Delay-Time} -> 
[sql]   ... expanding second conditional
[sql]   expand: %{NAS-Identifier} -> sco_cp1
[sql]   expand:           UPDATE radacct           SET              acctstoptime       =  '%S',              acctsessiontime    =  unix_timestamp('%S') -                                    unix_timestamp(acctstarttime),              acctterminatecause =  '%{Acct-Terminate-Cause}',              acctstopdelay      =  %{%{Acct-Delay-Time}:-0}           WHERE acctstoptime IS NULL           AND nasipaddress      =  '%{NAS-IP-Address}'     AND nasidentifier =  '%{%{NAS-Identifier}:-Not in request}'           AND acctstarttime     <= '%S' ->           UPDATE radacct           SET              acctstoptime       =  '2016-02-12 11:18:14',              acctsessiontime    =  unix_timestamp('2016-02-12 11:18:14') -                                    unix_timestamp(acctstarttime),              acctterminatecause =  '',              acctstopdelay      =  0           WHERE acctstoptime IS NULL           AND nasipaddress      =  '10.1.0.1'     AND nasidentifier =  'sco_cp1'           AND acctstarttime     <= '2016-02-12 11:18:
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql (sql): Released sql socket id: 3
++++[sql] = ok
+++} # if ((!"%{control:Rd-Not-Track-Acct}")||("%{control:Rd-Not-Track-Acct}" != 1)) = ok
++} # policy RADIUSdesk_acct = ok
++[exec] = noop
[attr_filter.accounting_response]   expand: %{User-Name} -> 
++[attr_filter.accounting_response] = noop
+} # group accounting = ok
Sending Accounting-Response of id 0 to 87.64.xx.x port 54424
Finished request 0.
Cleaning up request 0 ID 0 with timestamp +66
Going to the next request
Ready to process requests.

When loading the dynamic login page, there is litterally no activity in the log. But since the dynamic page is not responding to any type of login, be it click to connect, vouchers, social login with facebook or even a username password combination, I assume this is not so strange. But that doesn't explain why nothing is happening.

Is there anyone with experience in the social login setup willing to look with me to get this set up correctly?
I have been trying to do this for over 2 weeks now to no avail.

Please contact me via steven@suitedcoders.com if you think you can figure this out together with me, and afterwards, we can post a nice tutorial of what we did for other to benefit in the future.

Thanks in advance, and please get back to me!

Best regards

Steven K.

[IP's were obfuscated for privacy reasons]

Steven Kusters - 2016-02-14

Also the click_to_connect isn't working anymore, which did work a couple of revisions back.
Testing this now with the Cheetah example which is included, and will report back.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Steven Kusters - 2016-02-15

So, yesterday I tried to get this working, and tried to understand why nothing was working anymore. Since I am only learning the code and workings so shortly, I just started over with a clean database and changed the following things to get my own router to work with the Cheetah Mesh example:
1. Added a permanent user named: click_to_connect@cheetah_cp1 with pass click_to_connect
2. Changed the "only allowed devices" option on permanent user dvdwalt
3. Changed the click to connect settings on the dynamic login page of Struisbaai:
- suffix of nasid instead of ssid
- facebook settings to enable, record, id and secret, auto create voucher, residence inn realm, 1024MB profile
4. Changed the Exit Mesh settings in the Cheetah Mesh to my IP in both the RADIUS server and de UAM URL fields and also made sure my IP is in the facebook app URL on developer.facebook.com and added *.facebook.* to the walled garden
5. Did not touch the proxy settings in the Exit Mesh, for I don't know what it does exactly.
6. Left the Coova Specific config items like they are: dnsparanoia
7. Tested the radius server via the test tool to check if all users come through correctly, and they do.
8. Yet, still I receive this error upon connecting and trying to authenticate with Facebook:

hotspot not responding to status queries
Does anyone have any idea which step I am missing or doing wrong? And if you would be so kind, would someone allow me to see their working setup including a working social login? This is giving me headaches haha.

Thanks!

Last edit: Steven Kusters 2016-02-15

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Steven Kusters - 2016-02-15

Turning off the proxy did give me the first facebook login ever.
This workflow unfortunately opens up safari on iPhone, outside of the captive portal popup, so the workflow never completes and the Facebook user data which is hereby retrieved from the user is not inserted in the social login database.

But now on to the real problem: what are the exact steps of achieving this on my own, without using the example mesh?

Last edit: Steven Kusters 2016-02-15

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

And I finally found the bug:
This is the error page that is shown by CakePHP upon logging in to facebook to authenticate:

CakePHP: the rapid development php framework

Database Error
Error: SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near 'countain' at line 1

SQL Query: countain

Notice: If you want to customize this error message, create rd_cake/View/Errors/pdo_error.ctp

Stack Trace
CORE/Cake/Model/Datasource/DboSource.php line 461 → PDOStatement->execute(array)
CORE/Cake/Model/Datasource/DboSource.php line 427 → DboSource->_execute(string, array)
CORE/Cake/Model/Datasource/DboSource.php line 669 → DboSource->execute(string, array, array)
CORE/Cake/Model/Datasource/DboSource.php line 612 → DboSource->fetchAll(string, array, array)
CORE/Cake/Model/Model.php line 827 → DboSource->query(string, array, Voucher)
APP/Controller/ThirdPartyAuthsController.php line 93 → Model->__call(string, array)
APP/Controller/ThirdPartyAuthsController.php line 93 → Voucher->countain()

Above, the error is shown, when drilling down, this is the issue:

APP/Controller/ThirdPartyAuthsController.php line 93 → Voucher->countain()

                if($type == 'voucher'){
                    $this->Voucher = ClassRegistry::init('Voucher');
                    $this->Voucher->countain();

                   ...

Changing it to ->contain(); fixes the issue

[internal function] → ThirdPartyAuthsController->opauth_complete()
CORE/Cake/Controller/Controller.php line 490 → ReflectionMethod->invokeArgs(ThirdPartyAuthsController, array)
CORE/Cake/Routing/Dispatcher.php line 193 → Controller->invokeAction(CakeRequest)
CORE/Cake/Routing/Dispatcher.php line 167 → Dispatcher->_invoke(ThirdPartyAuthsController, CakeRequest)
APP/Plugin/Opauth/Controller/OpauthAppController.php line 138 → Dispatcher->dispatch(CakeRequest, CakeResponse)
[internal function] → OpauthAppController->callback()
CORE/Cake/Controller/Controller.php line 490 → ReflectionMethod->invokeArgs(OpauthController, array)
CORE/Cake/Routing/Dispatcher.php line 193 → Controller->invokeAction(CakeRequest)
CORE/Cake/Routing/Dispatcher.php line 167 → Dispatcher->_invoke(OpauthController, CakeRequest)
APP/webroot/index.php line 92 → Dispatcher->dispatch(CakeRequest, CakeResponse)
CakePHP: the rapid development php framework
(default) 4 queries took 1 ms
Nr  Query   Error   Affected    Num. rows   Took (ms)
1   SELECT `DynamicPair`.`id`, `DynamicPair`.`name`, `DynamicPair`.`value`, `DynamicPair`.`priority`, `DynamicPair`.`dynamic_detail_id`, `DynamicPair`.`user_id`, `DynamicPair`.`created`, `DynamicPair`.`modified`, `DynamicDetail`.`id`, `DynamicDetail`.`name`, `DynamicDetail`.`available_to_siblings`, `DynamicDetail`.`icon_file_name`, `DynamicDetail`.`phone`, `DynamicDetail`.`fax`, `DynamicDetail`.`cell`, `DynamicDetail`.`email`, `DynamicDetail`.`url`, `DynamicDetail`.`street_no`, `DynamicDetail`.`street`, `DynamicDetail`.`town_suburb`, `DynamicDetail`.`city`, `DynamicDetail`.`country`, `DynamicDetail`.`lat`, `DynamicDetail`.`lon`, `DynamicDetail`.`user_id`, `DynamicDetail`.`t_c_check`, `DynamicDetail`.`t_c_url`, `DynamicDetail`.`redirect_check`, `DynamicDetail`.`redirect_url`, `DynamicDetail`.`slideshow_check`, `DynamicDetail`.`seconds_per_slide`, `DynamicDetail`.`connect_check`, `DynamicDetail`.`connect_username`, `DynamicDetail`.`connect_suffix`, `DynamicDetail`.`connect_delay`, `DynamicDetail`.`connect_only`, `DynamicDetail`.`created`, `DynamicDetail`.`modified`, `DynamicDetail`.`user_login_check`, `DynamicDetail`.`voucher_login_check`, `DynamicDetail`.`auto_suffix_check`, `DynamicDetail`.`auto_suffix`, `DynamicDetail`.`usage_show_check`, `DynamicDetail`.`usage_refresh_interval`, `DynamicDetail`.`theme`, `DynamicDetail`.`register_users`, `DynamicDetail`.`lost_password`, `DynamicDetail`.`social_enable`, `DynamicDetail`.`social_temp_permanent_user_id`, `DynamicDetail`.`coova_desktop_url`, `DynamicDetail`.`coova_mobile_url`, `DynamicDetail`.`mikrotik_desktop_url`, `DynamicDetail`.`mikrotik_mobile_url`, `DynamicDetail`.`default_language` FROM `rd`.`dynamic_pairs` AS `DynamicPair` LEFT JOIN `rd`.`dynamic_details` AS `DynamicDetail` ON (`DynamicPair`.`dynamic_detail_id` = `DynamicDetail`.`id`) WHERE ((((`DynamicPair`.`name` = 'q') AND (`DynamicPair`.`value` = '/cake2/rd_cake/webroot/auth/facebook'))) OR (((`DynamicPair`.`name` = 'uamip') AND (`DynamicPair`.`value` = '10.1.0.1'))) OR (((`DynamicPair`.`name` = 'uamport') AND (`DynamicPair`.`value` = '3990'))) OR (((`DynamicPair`.`name` = 'nasid') AND (`DynamicPair`.`value` = 'cheetah_cp1'))) OR (((`DynamicPair`.`name` = 'pathname') AND (`DynamicPair`.`value` = '%2Frd_login%2Fcc%2Fd%2Findex_green.html'))) OR (((`DynamicPair`.`name` = 'hostname') AND (`DynamicPair`.`value` = '191.101.251.136'))) OR (((`DynamicPair`.`name` = 'protocol') AND (`DynamicPair`.`value` = 'http%3A'))) OR (((`DynamicPair`.`name` = 'social_login') AND (`DynamicPair`.`value` = '1')))) ORDER BY `DynamicPair`.`priority` DESC LIMIT 1      1   1   0
2   SELECT `DynamicDetailSocialLogin`.`id`, `DynamicDetailSocialLogin`.`dynamic_detail_id`, `DynamicDetailSocialLogin`.`profile_id`, `DynamicDetailSocialLogin`.`realm_id`, `DynamicDetailSocialLogin`.`name`, `DynamicDetailSocialLogin`.`enable`, `DynamicDetailSocialLogin`.`record_info`, `DynamicDetailSocialLogin`.`key`, `DynamicDetailSocialLogin`.`secret`, `DynamicDetailSocialLogin`.`type`, `DynamicDetailSocialLogin`.`extra_name`, `DynamicDetailSocialLogin`.`extra_value`, `DynamicDetailSocialLogin`.`created`, `DynamicDetailSocialLogin`.`modified` FROM `rd`.`dynamic_detail_social_logins` AS `DynamicDetailSocialLogin` WHERE `DynamicDetailSocialLogin`.`dynamic_detail_id` = (3)        1   1   0
3   SELECT `DynamicPair`.`id`, `DynamicPair`.`name`, `DynamicPair`.`value`, `DynamicPair`.`priority`, `DynamicPair`.`dynamic_detail_id`, `DynamicPair`.`user_id`, `DynamicPair`.`created`, `DynamicPair`.`modified`, `DynamicDetail`.`id`, `DynamicDetail`.`name`, `DynamicDetail`.`available_to_siblings`, `DynamicDetail`.`icon_file_name`, `DynamicDetail`.`phone`, `DynamicDetail`.`fax`, `DynamicDetail`.`cell`, `DynamicDetail`.`email`, `DynamicDetail`.`url`, `DynamicDetail`.`street_no`, `DynamicDetail`.`street`, `DynamicDetail`.`town_suburb`, `DynamicDetail`.`city`, `DynamicDetail`.`country`, `DynamicDetail`.`lat`, `DynamicDetail`.`lon`, `DynamicDetail`.`user_id`, `DynamicDetail`.`t_c_check`, `DynamicDetail`.`t_c_url`, `DynamicDetail`.`redirect_check`, `DynamicDetail`.`redirect_url`, `DynamicDetail`.`slideshow_check`, `DynamicDetail`.`seconds_per_slide`, `DynamicDetail`.`connect_check`, `DynamicDetail`.`connect_username`, `DynamicDetail`.`connect_suffix`, `DynamicDetail`.`connect_delay`, `DynamicDetail`.`connect_only`, `DynamicDetail`.`created`, `DynamicDetail`.`modified`, `DynamicDetail`.`user_login_check`, `DynamicDetail`.`voucher_login_check`, `DynamicDetail`.`auto_suffix_check`, `DynamicDetail`.`auto_suffix`, `DynamicDetail`.`usage_show_check`, `DynamicDetail`.`usage_refresh_interval`, `DynamicDetail`.`theme`, `DynamicDetail`.`register_users`, `DynamicDetail`.`lost_password`, `DynamicDetail`.`social_enable`, `DynamicDetail`.`social_temp_permanent_user_id`, `DynamicDetail`.`coova_desktop_url`, `DynamicDetail`.`coova_mobile_url`, `DynamicDetail`.`mikrotik_desktop_url`, `DynamicDetail`.`mikrotik_mobile_url`, `DynamicDetail`.`default_language` FROM `rd`.`dynamic_pairs` AS `DynamicPair` LEFT JOIN `rd`.`dynamic_details` AS `DynamicDetail` ON (`DynamicPair`.`dynamic_detail_id` = `DynamicDetail`.`id`) WHERE ((((`DynamicPair`.`name` = 'uamip') AND (`DynamicPair`.`value` = '10.1.0.1'))) OR (((`DynamicPair`.`name` = 'uamport') AND (`DynamicPair`.`value` = '3990'))) OR (((`DynamicPair`.`name` = 'nasid') AND (`DynamicPair`.`value` = 'cheetah_cp1'))) OR (((`DynamicPair`.`name` = 'social_login') AND (`DynamicPair`.`value` = '1')))) ORDER BY `DynamicPair`.`priority` DESC LIMIT 1        1   1   1
4   SELECT `DynamicDetailSocialLogin`.`id`, `DynamicDetailSocialLogin`.`dynamic_detail_id`, `DynamicDetailSocialLogin`.`profile_id`, `DynamicDetailSocialLogin`.`realm_id`, `DynamicDetailSocialLogin`.`name`, `DynamicDetailSocialLogin`.`enable`, `DynamicDetailSocialLogin`.`record_info`, `DynamicDetailSocialLogin`.`key`, `DynamicDetailSocialLogin`.`secret`, `DynamicDetailSocialLogin`.`type`, `DynamicDetailSocialLogin`.`extra_name`, `DynamicDetailSocialLogin`.`extra_value`, `DynamicDetailSocialLogin`.`created`, `DynamicDetailSocialLogin`.`modified` FROM `rd`.`dynamic_detail_social_logins` AS `DynamicDetailSocialLogin` WHERE `DynamicDetailSocialLogin`.`dynamic_detail_id` = (3)

Last edit: Steven Kusters 2016-02-15

Steven Kusters - 2016-02-15

There is one more bug, relating to Oauth on Facebook when retrieving the email address of the user to insert into the social user table:

According to this StackOverflow Atricle: http://stackoverflow.com/questions/5707189/facebook-oauth-retrieve-user-email it is impossible to retrieve email the normal way via me->email. You need to actually request the email and ask permission for this information.

Could you please include these fixes into the codebase? Unfortunately I am not yet skilled enough in PHP to do it myself, otherwise I'd have been glad to do it.

The bugged code can be found in this file:
/usr/share/nginx/html/cake2/rd_cake/Plugin/Opauth/Strategy/Facebook/FacebookStrategy.php

Thanks again!

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Le Minh - 2016-02-17

Hello Steven,

please help me on this problem.

after login to facebook i have this

ThirdPartyAuthsController::opauth_complete() - APP/Controller/ThirdPartyAuthsController.php, line 158
ReflectionMethod::invokeArgs() - [internal], line ??
Controller::invokeAction() - CORE/Cake/Controller/Controller.php, line 490
Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 193
Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 167
OpauthAppController::callback() - APP/Plugin/Opauth/Controller/OpauthAppController.php, line 138
ReflectionMethod::invokeArgs() - [internal], line ??
Controller::invokeAction() - CORE/Cake/Controller/Controller.php, line 490
Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 193
Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 167
[main] - APP/webroot/index.php, line 92

Notice (8): Undefined variable: extra_value [APP/Controller/ThirdPartyAuthsController.php, line 158]
Code Context

ThirdPartyAuthsController::opauth_complete() - APP/Controller/ThirdPartyAuthsController.php, line 158
ReflectionMethod::invokeArgs() - [internal], line ??
Controller::invokeAction() - CORE/Cake/Controller/Controller.php, line 490
Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 193
Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 167
OpauthAppController::callback() - APP/Plugin/Opauth/Controller/OpauthAppController.php, line 138
ReflectionMethod::invokeArgs() - [internal], line ??
Controller::invokeAction() - CORE/Cake/Controller/Controller.php, line 490
Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 193
Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 167
[main] - APP/webroot/index.php, line 92

Notice (8): Undefined variable: extra_name [APP/Controller/ThirdPartyAuthsController.php, line 158]
Code Context

ThirdPartyAuthsController::opauth_complete() - APP/Controller/ThirdPartyAuthsController.php, line 158
ReflectionMethod::invokeArgs() - [internal], line ??
Controller::invokeAction() - CORE/Cake/Controller/Controller.php, line 490
Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 193
Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 167
OpauthAppController::callback() - APP/Plugin/Opauth/Controller/OpauthAppController.php, line 138
ReflectionMethod::invokeArgs() - [internal], line ??
Controller::invokeAction() - CORE/Cake/Controller/Controller.php, line 490
Dispatcher::_invoke() - CORE/Cake/Routing/Dispatcher.php, line 193
Dispatcher::dispatch() - CORE/Cake/Routing/Dispatcher.php, line 167
[main] - APP/webroot/index.php, line 92

how to solve it

Thanks

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Le Minh - 2016-02-17

problem from from the link http://x.x.x.x/cake2/rd_cake/auth/callback

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Steven Kusters - 2016-02-19
  
  Hello Le Minh,
  
  Since the system tries to store all kinds of information in the database, there is something going wrong here. I didn't get this working yet, but still need to update to the latest revision to check this.
  
  I have to say though, that when I check the database, my field extra_name is always empty.
  
  Let me first update to last revision, and then I'll let you know what I find.
  
  KR
  Steven
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
  - Steven Kusters - 2016-02-22
    
    Le Minh,
    Haven't had the time to follow this up yet. Have you found a solution to your specific problem or should we still look into this together?
    
    Kind Regards
    
    If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Hi Steven any update on above error

Hi Sameer,
I know it took over a month for me to reply, but I got the facebook issue figured out now.

The info in this post is a compilation of info already available here, so the code is not mine personally.

You need to take 3 steps to complete this.
I must add on beforehand: I am using phpmyadmin on my server and have in fact a root password in place when manipulating the database for security reasons.

So there is an actual step 0: you need to sudo apt-get install phpmyadmin
I assume you are using a root password for mysql too.
Follow this guide for installation of phpmyadmin with mysql and nginx on ubuntu:
https://www.digitalocean.com/community/tutorials/how-to-install-and-secure-phpmyadmin-with-nginx-on-an-ubuntu-14-04-server
When this is done, and you are logged in with the root user in phpmyadmin (yes I am aware of the security implications here, but this makes things easier for the moment, and since I am asuming you are testing this on a dev environment first, there shouldn't be any problem, now would there ;) )

Step 1: changing the FacebookStrategy.php file

change directory to your webroot
$ cd ./cake2/rd_cake/Plugin/Opauth/Strategy/Facebook

rename the old strategy file
$ mv FacebookStrategy.php FacebookStrategy.php.old

make new file and edit it:
$ touch FacebookStrategy.php

put the following in the file by using nano or vi or your favorite editor
$ nano FacebookStrategy.php

<?php
/**
 * Facebook strategy for Opauth
 * based on https://developers.facebook.com/docs/authentication/server-side/
 * 
 * More information on Opauth: http://opauth.org
 * 
 * @copyright    Copyright © 2012 U-Zyn Chua (http://uzyn.com)
 * @link         http://opauth.org
 * @package      Opauth.FacebookStrategy
 * @license      MIT License
 */

class FacebookStrategy extends OpauthStrategy{

    /**
     * Compulsory config keys, listed as unassociative arrays
     * eg. array('app_id', 'app_secret');
     */
    public $expects = array('app_id', 'app_secret');

    /**
     * Optional config keys with respective default values, listed as associative arrays
     * eg. array('scope' => 'email');
     */
    public $defaults = array(
        'redirect_uri' => '{complete_url_to_strategy}int_callback',
    'scope' => 'email,publish_actions'
    );

    /**
     * Auth request
     */
    public function request(){
        $url = 'https://www.facebook.com/dialog/oauth';
        $params = array(
            'client_id' => $this->strategy['app_id'],
            'redirect_uri' => $this->strategy['redirect_uri']
        );

        if (!empty($this->strategy['scope'])) $params['scope'] = $this->strategy['scope'];
        if (!empty($this->strategy['state'])) $params['state'] = $this->strategy['state'];
        if (!empty($this->strategy['response_type'])) $params['response_type'] = $this->strategy['response_type'];
        if (!empty($this->strategy['display'])) $params['display'] = $this->strategy['display'];
        if (!empty($this->strategy['auth_type'])) $params['auth_type'] = $this->strategy['auth_type'];

        $this->clientGet($url, $params);
    }

    /**
     * Internal callback, after Facebook's OAuth
     */
    public function int_callback(){
        if (array_key_exists('code', $_GET) && !empty($_GET['code'])){
            $url = 'https://graph.facebook.com/oauth/access_token';
            $params = array(
                'client_id' =>$this->strategy['app_id'],
                'client_secret' => $this->strategy['app_secret'],
                'redirect_uri'=> $this->strategy['redirect_uri'],
                'code' => trim($_GET['code'])
            );
            $response = $this->serverGet($url, $params, null, $headers);

            parse_str($response, $results);

            if (!empty($results) && !empty($results['access_token'])){
                $me = $this->me($results['access_token']);

                $this->auth = array(
                    'provider' => 'Facebook',
                    'uid' => $me->id,
                    'info' => array(
                        'name' => $me->name,
                        'image' => 'https://graph.facebook.com/'.$me->id.'/picture?type=square'
                    ),
                    'credentials' => array(
                        'token' => $results['access_token'],
                        'expires' => date('c', time() + $results['expires'])
                    ),
                    'raw' => $me
                );

                if (!empty($me->email)) $this->auth['info']['email'] = $me->email;
                if (!empty($me->username)) $this->auth['info']['nickname'] = $me->username;
                if (!empty($me->first_name)) $this->auth['info']['first_name'] = $me->first_name;
                if (!empty($me->last_name)) $this->auth['info']['last_name'] = $me->last_name;
                if (!empty($me->location)) $this->auth['info']['location'] = $me->location->name;
                if (!empty($me->link)) $this->auth['info']['urls']['facebook'] = $me->link;
                if (!empty($me->website)) $this->auth['info']['urls']['website'] = $me->website;
                if (!empty($me->gender)) $this->auth['info']['gender'] = $me->gender;
                if (!empty($me->locale)) $this->auth['info']['locale'] = $me->locale;
                if (!empty($me->timezone)) $this->auth['info']['timezone'] = $me->timezone;

                /**
                 * Missing optional info values
                 * - description
                 * - phone: not accessible via Facebook Graph API
                 */

                $this->callback();
            }
            else{
                $error = array(
                    'provider' => 'Facebook',
                    'code' => 'access_token_error',
                    'message' => 'Failed when attempting to obtain access token',
                    'raw' => $headers
                );

                $this->errorCallback($error);
            }
        }
        else{
            $error = array(
                'provider' => 'Facebook',
                'code' => $_GET['error'],
                'message' => $_GET['error_description'],
                'raw' => $_GET
            );

            $this->errorCallback($error);
        }
    }

    /**
     * Queries Facebook Graph API for user info
     *
     * @param string $access_token 
     * @return array Parsed JSON results
     */
    private function me($access_token){
        $me = $this->serverGet('https://graph.facebook.com/me', 
            array('access_token' => $access_token,
             'fields' => 'id,name,first_name,last_name,email,locale,timezone,gender'
            ),
            null, $headers);
        if (!empty($me)){
            return json_decode($me);
        }
        else{
            $error = array(
                'provider' => 'Facebook',
                'code' => 'me_error',
                'message' => 'Failed when attempting to query for user information',
                'raw' => array(
                    'response' => $me,
                    'headers' => $headers
                )
            );

            $this->errorCallback($error);
        }
    }
}

This enables all data to be retrieved from the Facebook Profile of the authenticating user

next, you'll need to insert a new proccedure in your MySQL database

go to the setup folder with the database scripts
$ cd /cake2/rd_cake/Setup/Db/

new file in there, you can either edit the existing file or copy mine
$ touch change_encoding_social_users.sql

copy this into the file

drop procedure if exists add_social_logins;

delimiter //
create procedure add_social_logins()
begin

set names utf8;
if not exists (select * from information_schema.columns
    where table_name = 'social_login_users' and table_schema = 'rd') then
        CREATE TABLE `social_login_users` (
                `id` int(11) NOT NULL AUTO_INCREMENT,
                `provider` enum('Facebook','Google','Twitter') DEFAULT 'Facebook',
                `uid` varchar(100) NOT NULL DEFAULT '',
                `name` varchar(100) NOT NULL DEFAULT '',
                `first_name` varchar(100) NOT NULL DEFAULT '',
                `last_name` varchar(100) NOT NULL DEFAULT '',
                `email` varchar(100) NOT NULL DEFAULT '',
                `image` varchar(100) NOT NULL DEFAULT '',
                `locale` varchar(5) NOT NULL DEFAULT '',
                `timezone` tinyint(3) NOT NULL DEFAULT '0',
                `date_of_birth` date DEFAULT NULL,
                `gender` enum('male','female') DEFAULT 'male',
                `last_connect_time` datetime DEFAULT NULL,
                `extra_name` varchar(100) NOT NULL DEFAULT '',
                `extra_value` varchar(100) NOT NULL DEFAULT '',
                `created` datetime NOT NULL,
                `modified` datetime NOT NULL,
                PRIMARY KEY (`id`)
        ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
end if;

if not exists (select * from information_schema.columns
    where table_name = 'social_login_user_realms' and table_schema = 'rd') then
        CREATE TABLE `social_login_user_realms` (
                `id` int(11) NOT NULL AUTO_INCREMENT,
                `social_login_user_id` int(11) DEFAULT NULL,
                `realm_id` int(11) DEFAULT NULL,
                `created` datetime NOT NULL,
                `modified` datetime NOT NULL,
                PRIMARY KEY (`id`)
        ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
end if;

end//

delimiter ;
call add_social_logins;

you insert the procedure into the database, and notice the -p flag since we have a root password in place (if you have no rootpassword, this insert can work without the flag, but the database manipulation later on will be harder)
$ mysql -u root -p rd < /webroot/cake2/rd_cake/Setup/Db/change_encoding_social_users.sql

step 2:
decomment the encoding line in the default section of the following file
$ nano /cake2/rd_cake/Config/database.php

public $default = array(
                'datasource' => 'Database/Mysql',
                'persistent' => false,
                'host' => 'localhost',
                'login' => 'rd',
                'password' => 'rd',
                'database' => 'rd',
                'prefix' => '',
               'encoding' => 'utf8',
        );

'encoding' => 'utf8',

step 3:
you now drop the two tables by hand in phpmyadmin:
social_users and social_users_realms

after they are dropped, you scroll up on the lefthand pane and you search the freshly added procedure and execute it.
you refresh the view (little green arrow in the upper left row of icons) and you check the new tables.

you're done

Dirk van der Walt - 2016-04-14

Hi Steven,

Great! Thanks for sharing this with us.

I've updated the SVN also to reflect these modifications. Lets hope this will solve some of the issues people were having.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Dhuka - 2016-03-17

hi,
i have same problem , I check the database, my field extra_name is always empty. so i face error lke this
Notice (8) Undefined variable: type [APP/Controller/ThirdPartyAuthsController.php, line 130]
Notice (8) Undefined variable: extra_value [APP/Controller/ThirdPartyAuthsController.php, line 130]
Notice (8) Undefined variable: extra_name [APP/Controller/ThirdPartyAuthsController.php, line 130]

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Diego Stellet - 2016-03-17

i have same problem ,to, so i face error lke this

Notice (8) Undefined variable: type [APP/Controller/ThirdPartyAuthsController.php, line 130]
Notice (8) Undefined variable: extra_value [APP/Controller/ThirdPartyAuthsController.php, line 130]
Notice (8) Undefined variable: extra_name [APP/Controller/ThirdPartyAuthsController.php, line 130]

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Alex Lock - 2016-04-19

thanks Steven for the guide. FYI, Dirk, after snv update finally facebook able to capture login info.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- sameer naik - 2016-04-26
  
  Hi
  please help me with this .to know the important steps to make this work
  
  Last edit: sameer naik 2016-04-26
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
  - Alex Lock - 2016-04-29
    
    hi .. im just went over step by step again the whole installtion with svn update.. beware of the sql db script as i have accidentally wipe out every single record... luckly it just few record at the moment.
    
    If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

sameer naik - 2016-04-26

Hi steven its not working for me getting same error .what cakephp version should i use

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Manos Xag - 2017-03-14

I get same error on svn 2083 on mobile login for Facebook. Desktop works ok.
Notice (8) Undefined variable: type [APP/Controller/ThirdPartyAuthsController.php, line 159]
Notice (8) Undefined variable: extra_value [APP/Controller/ThirdPartyAuthsController.php, line 159]
Notice (8) Undefined variable: extra_name [APP/Controller/ThirdPartyAuthsController.php, line 159]

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Zvezdelin Borisov - 2017-03-29
  
  Hi,
  Read here: https://github.com/opauth/facebook
  Simple replacement of old files wll resolve the problem. Keep the files owner.
  Best!
  Zvezdelin
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
  - Zvezdelin Borisov - 2017-03-29
    
    I have just seen that Dirk updated his code, so the problem is resolved in actual source, just update.
    
    If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Manos Xag - 2017-04-13

After 2 clean installations and numerous tries on setting the app...Issue still persists...Anyone else haveing this issue?

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
- Jordan Rejaud - 2017-06-01
  
  I'm still having this same issue, have you managed to resolve in Manos?
  
  If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Jordan Rejaud - 2017-05-23

Hi Manos, I am also still having the same issue:

Notice (8) Undefined variable: type [APP/Controller/ThirdPartyAuthsController.php, line 159]
Notice (8) Undefined variable: extra_value [APP/Controller/ThirdPartyAuthsController.php, line 159]
Notice (8) Undefined variable: extra_name [APP/Controller/ThirdPartyAuthsController.php, line 159]

even after getting the latest version via SVN.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Can't get Social Login to work

The professional way to manage your WiFi network using FreeRADIUS

Forums

Help

Can't get Social Login to work

Can't get Social Login to work

The professional way to manage your WiFi network using FreeRADIUS

Forums

Help

Can't get Social Login to work document.SUBSCRIPTION_OPTIONS = { "thing": "topic", "subscribed": false, "url": "subscribe", "icon": { "css": "fa fa-envelope-o" } };

Can't get Social Login to work