Hi, I am trying to connect two drupals using oauth. I am unclear about some of the fields in oauthconnector setup and the callback URL in the oauthloginprovider. If this is documented somewhere, could you give a link? I couldn't find anything.

I have two drupal 7 instances on my work machine running at localhost. One has the oauthloginprovider at http://localhost/~rkoberg/pfcc/www and the other has the oauthconnector running at http://localhost/~rkoberg/oauth-client/www

I have the default setup for oauthloginprovider and assume the base URL for oauthconnector configuration is http://localhost/~rkoberg/pfcc/www/oauthlogin/api/user

I have setup a test user called TestOauth. I created a consumer for this user at http://localhost/~rkoberg/pfcc/www/user/80/oauth/consumer/2

On that edit page, I not sure what to use for the callback URL. I have tried a few including (really just guessing from some other messages here) http://localhost/~rkoberg/oauth-client/www/oauth/authorized/2/1 http://localhost/~rkoberg/oauth-client/www/oauth/authorized/2 http://localhost/~rkoberg/oauth-client/www/oauth/authorized http://localhost/~rkoberg/oauth-client/www/oauth http://localhost/~rkoberg/oauth-client/www

What should be used for the callback URL on the provider drupal instance?

Moving on - back on the oauthconnector client instance - now at http://localhost/~rkoberg/oauth-client/www/admin/structure/oauthconnecto... what should I be using in the Mapping section for:

"USER ID
A resource containing a unique ID for the user.
Resource *

The URL of the API resource representing the authorized user."

Should I be using a "POST request"?

and:

"Field *"

Should I be using "Field is a CSS selector"?

and what should I use for "Field to match on user profile"

?

Comments

RobKoberg’s picture

RobKoberg commented

I have gotten a little further. I put the connector block on my pages from http://localhost/~rkoberg/oauth-client/www/admin/structure/block. I had to enable permissions for anonymous (actually enabled for all users - don't know what is appropriate):

* Sync local profile with connections
* Connect with Durpal PFCC provider

On the provider, for anonymous, I enabled:

* Authorize OAuth consumers in OAuth login

Which permissions should be set up and how on the oauthconnector and oauthloginprovider?

I set the Base URL for the connector to be: http://localhost/~rkoberg/pfcc/www/ (the docroot of the provider). Clicking on the connector button now takes me to a login page on the provider drupal instance. It directs me to the following URL: http://localhost/~rkoberg/pfcc/www/user/login?destination=/~rkoberg/pfcc...

Trying to login there give a 404 looking for this: The requested page "/~rkoberg/pfcc/www//~rkoberg/pfcc/www/oauth/authorize?oauth_callback=http%3A//localhost/~rkoberg/oauth-client/www/oauth/authorized&oauth_token=X62qUF2WQScoNc5dEwBTcW27dQzmvUwJ" could not be found.

At this point I am logged into the provider, if I go to its docroot: http://localhost/~rkoberg/pfcc/www/ - but I am not logged into the connector.

This is really confusing... Any help?

RobKoberg’s picture

RobKoberg commented

One correction that fixes the 404 after login. I had the callback URL wrong in the provider user's settings consumer setting. It should have been and is now:

http://localhost/~rkoberg/oauth-client/www/oauth/authorized

Now I get redirected to the docroot of the provider site, but not redirected back to the connector site. If I do not log out and go to the connector site, I am not authenticated. If I click on the Connect with button again, I get the following error messages:

"You are not authorized to allow external services access to this system."
"Warning: Cannot modify header information - headers already sent by (output started at /Users/rkoberg/Sites/pfcc/www/includes/common.inc:2608) in drupal_send_headers() (line 1243 of /Users/rkoberg/Sites/pfcc/www/includes/bootstrap.inc)."

Is this a bug?

dineshcooper’s picture

dineshcooper commented

Provider Setup

URL
http://192.168.2.100/njsapi/provider/

Modules
OAuth 6.x-3.0-beta4
OAuth Login Provider 6.x-1.1
OAuth Provider UI 6.x-3.0-beta4
Services 6.x-3.1

Permissions:
oauth authorize any consumers anon and auth
oauth authorize consumers in oauthlogin anon and auth
oauth register any consumers anon and auth
oauth register consumers in oauthlogin anon and auth

User called test with consumer settings:

Consumer name: test_consumer
Callback url: http://192.168.2.100/njsapi/client/oauth/authorized/1
(this url was provided on the client side when I added a connector)
Application context: OAuth login
Key: xxxxxxxx
Secret: xxxxxxxx

Client Setup

URL
http://192.168.2.100/njsapi/client/

OAuth 6.x-3.0-beta4
OAuth Connector 6.x-1.x-dev
Connector 6.x-1.x-dev
Http Client 6.x-2.3
Http Client OAuth 6.x-2.3 (is packaged with Http Client)

Permissions:
oauth authorize any consumers anon and auth
oauth register any consumers anon and auth

Connector config

$provider = new stdClass;
$provider->disabled = FALSE; /* Edit this to true to make a default provider disabled initially */
$provider->name = 'test';
$provider->title = 'test';
$provider->url = 'http://192.168.2.100/njsapi/provider/';
$provider->consumer_advanced = array(
  'signature method' => 'HMAC-SHA1',
  'authentication realm' => '',
  'request token endpoint' => '/oauth/request_token',
  'authorization endpoint' => '/oauth/authorize',
  'access token endpoint' => '/oauth/access_token',
);
$provider->mapping = array(
  'fields' => array(
    'uid' => array(
      'resource' => 'http://192.168.2.100/njsapi/provider/oauthlogin/api/user/info',
      'method post' => 1,
      'field' => 'uid',
      'querypath' => FALSE,
    ),
    'real name' => array(
      'resource' => 'http://192.168.2.100/njsapi/provider/oauthlogin/api/user/info',
      'method post' => 1,
      'field' => 'name',
      'querypath' => FALSE,
    ),
    'avatar' => array(
      'resource' => '',
      'method post' => 0,
      'field' => '',
      'querypath' => FALSE,
    ),
  ),
  'format' => 'php',
);

Connector block enabled

NOTE - the trailing slash on $provider->url - I was experiencing the same issues as above until I added that slash

I can go to client and click on "connect with test" and if I am logged in to an account on the provider side already i get redirected back to the client and logged in with a username of the form oauthconnector_test__1

If I am not logged in on the provider side I get to the provider login form - after I login I get a 404 as I get redirected incorrectly to http://192.168.2.100/njsapi/provider//njsapi/provider/oauth/authorize?oa... (if I fix the url to be http://192.168.2.100/njsapi/provider/oauth/authorize?oauth_token=xxxxxxxxxx) I get redirected to the client correctly and authenticated.

So everything seems to work fine with this setup apart from the login url destination query parameter.

Edit: On provider edit oauthlogin service and enable application/x-www-form-urlencoded under Request Parsing in the Server settings tab.

sharique’s picture

sharique commented

@dineshcooper, thanks for writing detailed instructions.

I followed it for D7 but it does authenticate user when return to client, though it gives message "The application has been authorized".

PrabhuG’s picture

PrabhuG commented

Setup: D7:
Client as : oauthconnector
Server as : oauth2_server,services_views

And i came to an end where the site says "The application has been authorized". While debugging, i saw that $response is not updated. So, using hook_oauthconnector_fetch_field_value_alter, I've updated the proper value of $response.
Then the system is working as expected (that is, new account is created after successful login ). But i don't think it is proper way.

function *modulename*_oauthconnector_fetch_field_value_alter(&$response, $info, $context) {
if($context['field']['field']=='uid')
{
$response = $info[0]['uid'];
}
}