Menu
▾
▴
Re: [Unity-idm-discuss] Facebook authentication failing
|
From: Krzysztof B. <kb...@un...> - 2017-04-21 20:25:12
|
Hi Shiraz, W dniu 21.04.2017 o 10:42, Shiraz Memon pisze: > Hi Krzysztof, > > I (and also other users) am unable to authenticate myself using my > facebook id. Can you check whether facebook has changed something lately > in their flow. Yeah - they changed the access token format. Workaround: instead of builit in type facebook use custom with the following settings (the additional ones after the empty line should be good without any change - maybe besides the 'fb' in key): unity.oauth2.client.providers.fb.type=custom unity.oauth2.client.providers.fb.clientId=YOURID unity.oauth2.client.providers.fb.clientSecret=YOUR SECRET unity.oauth2.client.providers.fb.translationProfile=YOURPROFILE unity.oauth2.client.providers.fb.name=Facebook unity.oauth2.client.providers.fb.authEndpoint=https://www.facebook.com/dialog/oauth unity.oauth2.client.providers.fb.accessTokenEndpoint=https://graph.facebook.com/oauth/access_token unity.oauth2.client.providers.fb.profileEndpoint=https://graph.facebook.com/me/ unity.oauth2.client.providers.fb.accessTokenFormat=standard unity.oauth2.client.providers.fb.scopes=email unity.oauth2.client.providers.fb.iconUrl=file:../common/img/external/FB-small.png unity.oauth2.client.providers.fb.clientAuthenticationMode=secretPost The standard config will be fixed in the next release. Thanks Krzysztof > > Inline image 1 > > logs: > > 2017-04-21 10:38:38,725 [qtp1655072591-1752] DEBUG > unity.server.oauth.RedirectRequestHandler - Starting OAuth redirection > to OAuth provider > https://www.facebook.com/dialog/oauth?response_type=code&client_id=xxxx66787708245&redirect_uri=https%3A%2F%2Funity.eudat-aai.fz-juelich.de%3A8443%2Funitygw%2Foauth2ResponseConsumer&scope=email&state=5d2049a5-9aa1-4d43-b5e6-103b90c349cb > > 2017-04-21 10:38:38,973 [qtp1655072591-1757] DEBUG > unity.server.oauth.ResponseConsumerServlet - Received OAuth response > with valid state 5d2049a5-9aa1-4d43-b5e6-103b90c349cb, redirecting to > /admin/admin > 2017-04-21 10:38:39,138 [qtp1655072591-1758] DEBUG > unity.server.oauth.OAuth2RetrievalUI - RetrievalUI received OAuth response > 2017-04-21 10:38:39,139 [qtp1655072591-1758] DEBUG > unity.server.oauth.OAuth2Verificator - Exchanging authorization code > for access token with request to: > https://graph.facebook.com/oauth/access_token > 2017-04-21 10:38:39,685 [qtp1655072591-1758] DEBUG > unity.server.oauth.OAuth2Verificator - Received answer: 200 > 2017-04-21 10:38:39,685 [qtp1655072591-1758] DEBUG > unity.server.oauth.OAuth2RetrievalUI - OAuth2 authorization code > verification or processing failed > pl.edu.icm.unity.server.authn.AuthenticationException: Problem during > user information retrieval > at > pl.edu.icm.unity.oauth.client.OAuth2Verificator.getRemotelyAuthenticatedInput(OAuth2Verificator.java:244) > > at > pl.edu.icm.unity.oauth.client.OAuth2Verificator.verifyOAuthAuthzResponse(OAuth2Verificator.java:209) > > at > pl.edu.icm.unity.oauth.client.web.OAuth2RetrievalUI.onAuthzAnswer(OAuth2RetrievalUI.java:268) > > at > pl.edu.icm.unity.oauth.client.web.OAuth2RetrievalUI.refresh(OAuth2RetrievalUI.java:329) > > at > pl.edu.icm.unity.webui.authn.SelectedAuthNPanel$PrimaryAuthenticationResultCallbackImpl.refresh(SelectedAuthNPanel.java:432) > > at > pl.edu.icm.unity.webui.authn.SelectedAuthNPanel.refresh(SelectedAuthNPanel.java:500) > > at > pl.edu.icm.unity.webui.authn.AuthenticationUI.refresh(AuthenticationUI.java:364) > > at com.vaadin.ui.UI.doRefresh(UI.java:731) > at > com.vaadin.server.communication.UIInitHandler.reinitUI(UIInitHandler.java:261) > > at > com.vaadin.server.communication.UIInitHandler.getBrowserDetailsUI(UIInitHandler.java:168) > > at > com.vaadin.server.communication.UIInitHandler.synchronizedHandleRequest(UIInitHandler.java:74) > > at > com.vaadin.server.SynchronizedRequestHandler.handleRequest(SynchronizedRequestHandler.java:41) > > at > com.vaadin.server.VaadinService.handleRequest(VaadinService.java:1409) > at com.vaadin.server.VaadinServlet.service(VaadinServlet.java:364) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) > at > org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:848) > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1772) > > at > pl.edu.icm.unity.webui.authn.InvocationContextSetupFilter.doFilter(InvocationContextSetupFilter.java:73) > > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1759) > > at > pl.edu.icm.unity.webui.authn.AuthenticationFilter.gotoNotProtectedResource(AuthenticationFilter.java:190) > > at > pl.edu.icm.unity.webui.authn.AuthenticationFilter.doFilter(AuthenticationFilter.java:78) > > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1759) > > at > org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582) > at > org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:224) > > at > org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) > > at > org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512) > at > org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) > > at > org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) > > at > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) > > at org.eclipse.jetty.server.Dispatcher.forward(Dispatcher.java:199) > at org.eclipse.jetty.server.Dispatcher.forward(Dispatcher.java:74) > at > pl.edu.icm.unity.webui.authn.AuthenticationFilter.forwardtoAuthn(AuthenticationFilter.java:173) > > at > pl.edu.icm.unity.webui.authn.AuthenticationFilter.doFilter(AuthenticationFilter.java:124) > > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1759) > > at > pl.edu.icm.unity.server.utils.HiddenResourcesFilter.doFilter(HiddenResourcesFilter.java:49) > > at > org.eclipse.jetty.servlet.ServletHandler$CachedChain.doFilter(ServletHandler.java:1759) > > at > org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:582) > at > org.eclipse.jetty.server.session.SessionHandler.doHandle(SessionHandler.java:224) > > at > org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1180) > > at > org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:512) > at > org.eclipse.jetty.server.session.SessionHandler.doScope(SessionHandler.java:185) > > at > org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1112) > > at > org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141) > > at > org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:213) > > at > org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) > > at > org.eclipse.jetty.rewrite.handler.RewriteHandler.handle(RewriteHandler.java:335) > > at > org.eclipse.jetty.server.handler.gzip.GzipHandler.handle(GzipHandler.java:426) > > at > org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:134) > > at org.eclipse.jetty.server.Server.handle(Server.java:534) > at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:320) > at > org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:251) > at > org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283) > > at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:110) > at > org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:220) > at > org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:283) > > at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:110) > at > org.eclipse.jetty.io.SelectChannelEndPoint$2.run(SelectChannelEndPoint.java:93) > > at > org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.executeProduceConsume(ExecuteProduceConsume.java:303) > > at > org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.produceConsume(ExecuteProduceConsume.java:148) > > at > org.eclipse.jetty.util.thread.strategy.ExecuteProduceConsume.run(ExecuteProduceConsume.java:136) > > at > org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:671) > > at > org.eclipse.jetty.util.thread.QueuedThreadPool$2.run(QueuedThreadPool.java:589) > > at java.lang.Thread.run(Thread.java:745) > Caused by: pl.edu.icm.unity.server.authn.AuthenticationException: Access > token answer received doesn't contain 'access_token' parameter. > at > pl.edu.icm.unity.oauth.client.OAuth2Verificator.getAccessTokenAndProfilePlain(OAuth2Verificator.java:404) > > at > pl.edu.icm.unity.oauth.client.OAuth2Verificator.getRemotelyAuthenticatedInput(OAuth2Verificator.java:241) > > ... 62 more > Cheers, > Shiraz > -- > Shiraz Memon > Federated Systems and Data > Jülich Supercomputing Centre (JSC) > > Phone: +49 2461 61 6899 > Fax: +49 2461 61 6656 > > > ------------------------------------------------------------------------------------------------ > ------------------------------------------------------------------------------------------------ > Forschungszentrum Juelich GmbH > 52425 Juelich > Sitz der Gesellschaft: Juelich > Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498 > Vorsitzender des Aufsichtsrats: MinDir Dr. Karl Eugen Huthmacher > Geschaeftsfuehrung: Prof. Dr.-Ing. Wolfgang Marquardt (Vorsitzender), > Karsten Beneke (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt, > Prof. Dr. Sebastian M. Schmidt > ------------------------------------------------------------------------------------------------ > ------------------------------------------------------------------------------------------------ > > > > ------------------------------------------------------------------------------ > Check out the vibrant tech community on one of the world's most > engaging tech sites, Slashdot.org! http://sdm.link/slashdot > > > > _______________________________________________ > Unity-idm-discuss mailing list > Uni...@li... > https://lists.sourceforge.net/lists/listinfo/unity-idm-discuss > |
