sgomez / simplesamlphp-module-oauth2 Goto Github PK

Commit #1329f63f3b1a6580c10e99924bc7ae5c327f8235
hooks/hook_frontpage.php:12
'href' => SimpleSAML\Module::getModuleURL('oauth2/registry.php'),

Seems to be leading to: PHP Fatal error: Cannot redeclare class SimpleSAML_Module in Module.php.

Changing this back fixes the issue.
'href' => SimpleSAML_Module::getModuleURL('oauth2/registry.php'),

Hi,

when i try to install the module via composer (composer.phar require sgomez/simplesamlphp-module-oauth2 ~1.0) a new instance/installation of simplesamlphp is created @ /home/username/vendor/simplesamlphp/simplesamlphp

Is there an option to install the module to an existing simplesaml installation resp. to a different path?

Many thanks,
Martin

Dear Gomez,

I installed the ~1.0 branch as described in the Readme at an 1.14.14 Version of SimpleSAML. After creating the database which apparantly worked out (SQLite Database file is present) its stated to configure the module on the Federation Tab. When I try to do this I get redirected so often, that the browser stops the process.
In the Serverlog I see the following for access_log

In error_log is nothing.
Where to start trying to debug this? I created the certs as stated and the config file I tried admin and default-sp as authentication source, both with the same result.
Before installing the plugin I could log in and out without troubles.

Regards Martin

JFYI..
I have created a nodejs passport strategy that based on your implementation.
https://github.com/misi/passport-ssp

Hi @sgomez

I cant get the attributes configured in the config file, the module not save this info in the "attributes" in the database and my SP app can't receive this in the userinfo.php response. I use LDAP auth source.

Hi.
Today I tried to login, but had some problem. After some debugging, realised problem is 'simplesaml/module.php/oauth2/userinfo.php' endpoint. It was working perfect yesterday.

I tried to test using postman, it returns error displayed in the image:

Twig is not mentioned in the README, nor does it install with composer. I'm assuming it needs to be added in one of those two places.
However, once installed with composer, it does not seem to load the files OOTB.

Caused by: Exception: Template: Could not find template file [oauth2:registry_list] at [/srv/simplesamlphp/modules/oauth2/templates/registry_list]
Backtrace:
3 /srv/simplesamlphp/lib/SimpleSAML/XHTML/Template.php:659 (SimpleSAML_XHTML_Template::findTemplatePath)
2 /srv/simplesamlphp/lib/SimpleSAML/XHTML/Template.php:576 (SimpleSAML_XHTML_Template::show)
1 /srv/simplesamlphp/modules/oauth2/www/registry.php:39 (require)
0 /srv/simplesamlphp/www/module.php:137 (N/A)

Hi
I've started using this module, it just works.

Using grant_type of code to generate new access_token, returns refresh_token also. I tried to get new access_token using grant_type of refresh_token with the same endpoint, but response was "unsupported_grant_type".

My question is how to use refresh_token to generate new access_token. Is it even possible? If yes, how to do it, what is endpoint and which parameters should I use?

Hello,

I successfully installed and configured the module and DBAL.

My deployment by default uses the new Twig UI.

Issue 1: the "Create client" link is not displayed when using the new admin module in Twig. It is shown when disabling new UI.

Issue 2: on old UI, upon clicking the Create client link, an error is thrown:

Caused by: Exception: Template: Could not find template file [oauth2:registry_list] at [/...baseurl/modules/oauth2/templates/registry_list]
Backtrace:
4 lib/SimpleSAML/XHTML/Template.php:639 (SimpleSAML\XHTML\Template::findTemplatePath)
3 lib/SimpleSAML/XHTML/Template.php:545 (SimpleSAML\XHTML\Template::show)
2 modules/oauth2/www/registry.php:39 (require)
1 lib/SimpleSAML/Module.php:254 (SimpleSAML\Module::process)

Looking at this templates directory, I find exclusively .twig files:

$ ls
registry_edit.twig registry_list.twig registry_new.twig

But twig templates only come into play when using new UI. In which I don't get to click the link that takes me there...

What am I missing here?

First, I might be going about this all wrong, if I am please feel free to say so and close this issue.

I currently use simpleSAMLPHP in my application and we want to use globus auth (https://docs.globus.org/api/auth/)

I was wondering if you could give me any guidance on how to set this up.

I am able to get simplesamlphp installed and setup with this module, but am uncertain on how to actually setup the authsource to be able to use globus

Hello,

Using print_r($e); in exception handling is a security problem, since the whole world can read it, and access private information in calls parameters.

You should use the integrated error reporter of simplesamlphp, which is pretty good at logging, or if you really need to display such stuff in your module, you should only do this if DEBUG is TRUE in global configuration.

It is present in those files:
https://github.com/sgomez/simplesamlphp-module-oauth2/blob/master/www/access_token.php
https://github.com/sgomez/simplesamlphp-module-oauth2/blob/master/www/authorize.php
https://github.com/sgomez/simplesamlphp-module-oauth2/blob/master/www/userinfo.php

Does you're module (or are their plans to) support JSON Web Tokens as an authentication method?

Hello,

Can this be used on the SP side of SimpleSAMLPHP or is it restricted to being used on the IDP side?

-- Anthony

Maybe there are plans for including a short description of how this module works?