Topic on Extension talk:OpenID Connect

Error: redirect_uri_mismatch

5 comments 20:45, 31 October 2018 5 years ago
5
Summary by Cindy.cicalese

Fixed format of redirect URL

Jainam.mehta (talkcontribs)

400. That’s an error.

Error: redirect_uri_mismatch

The redirect URI in the request, 

does not match the ones authorized for the OAuth client. 

implemented OpenID Connect with  PluggableAuth

not able to configure stuck from last 3 days on above error.

CONNECTION: keep-alive

UPGRADE-INSECURE-REQUESTS: 1

[caches] cluster: EmptyBagOStuff, WAN: mediawiki-main-default, stash: db-replicated, message: SqlBagOStuff, parser: EmptyBagOStuff, session: SqlBagOStuff

[caches] LocalisationCache: using store LCStoreCDB

[session] Session "9beliv3oc7v4u04reduto5m6khu9dpgv" requested without UserID cookie

[DBConnection] Connected to database 0 at 'localhost'.

[SQLBagOStuff] Connection 351 will be used for SqlBagOStuff

Fully initialised

[session] SessionBackend "9beliv3oc7v4u04reduto5m6khu9dpgv" data dirty due to dirty(): OpenIDConnectClient->requestAuthorization/session_commit/MediaWiki\Session\PHPSessionHandler->write/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "9beliv3oc7v4u04reduto5m6khu9dpgv" data dirty due to dirty(): OpenIDConnectClient->requestAuthorization/session_commit/MediaWiki\Session\PHPSessionHandler->write/MediaWiki\Session\Session->set/MediaWiki\Session\SessionBackend->dirty

[session] SessionBackend "9beliv3oc7v4u04reduto5m6khu9dpgv" save: dataDirty=1 metaDirty=0 forcePersist=0

[DBPerformance] Expectation (writes <= 0) by MediaWiki::main not met:

query-m: REPLACE INTO `ops_objectcache` (keyname,value,exptime) VALUES ('X')

#0 C:\xampp\htdocs\trunk\oim\includes\libs\rdbms\TransactionProfiler.php(215): TransactionProfiler->reportExpectationViolated('writes', 'query-m: REPLAC...')

#1 C:\xampp\htdocs\trunk\oim\includes\libs\rdbms\database\Database.php(958): TransactionProfiler->recordQueryCompletion('query-m: REPLAC...', 1502213335.2084, true, 2)

#2 C:\xampp\htdocs\trunk\oim\includes\libs\rdbms\database\Database.php(870): Database->doProfiledQuery('REPLACE INTO `o...', 'REPLACE /* SqlB...', true, 'SqlBagOStuff::s...')

#3 C:\xampp\htdocs\trunk\oim\includes\libs\rdbms\database\Database.php(2148): Database->query('REPLACE INTO `o...', 'SqlBagOStuff::s...')

#4 C:\xampp\htdocs\trunk\oim\includes\libs\rdbms\database\DatabaseMysqlBase.php(486): Database->nativeReplace('`ops_objectcach...', Array, 'SqlBagOStuff::s...')

#5 C:\xampp\htdocs\trunk\oim\includes\objectcache\SqlBagOStuff.php(365): DatabaseMysqlBase->replace('objectcache', Array, Array, 'SqlBagOStuff::s...')

#6 C:\xampp\htdocs\trunk\oim\includes\objectcache\SqlBagOStuff.php(380): SqlBagOStuff->setMulti(Array, 1502216935)

#7 C:\xampp\htdocs\trunk\oim\includes\libs\objectcache\CachedBagOStuff.php(65): SqlBagOStuff->set('trunk_wiki_db-o...', Array, 1502216935, 1)

#8 C:\xampp\htdocs\trunk\oim\includes\session\SessionBackend.php(737): CachedBagOStuff->set('trunk_wiki_db-o...', Array, 1502216935, 1)

#9 C:\xampp\htdocs\trunk\oim\includes\session\Session.php(616): MediaWiki\Session\SessionBackend->save()

#10 C:\xampp\htdocs\trunk\oim\includes\session\PHPSessionHandler.php(320): MediaWiki\Session\Session->save()

#11 [internal function]: MediaWiki\Session\PHPSessionHandler->write('9beliv3oc7v4u04...', 'a:7:{s:14:"wsTo...')

#12 C:\xampp\htdocs\trunk\oim\extensions\OpenIDConnect\vendor\jumbojett\openid-connect-php\OpenIDConnectClient.php(471): session_commit()

#13 C:\xampp\htdocs\trunk\oim\extensions\OpenIDConnect\vendor\jumbojett\openid-connect-php\OpenIDConnectClient.php(286): OpenIDConnectClient->requestAuthorization()

#14 C:\xampp\htdocs\trunk\oim\extensions\OpenIDConnect\OpenIDConnect.class.php(151): OpenIDConnectClient->authenticate()

#15 C:\xampp\htdocs\trunk\oim\extensions\PluggableAuth\PluggableAuthLogin.php(45): OpenIDConnect->authenticate(NULL, NULL, NULL, NULL, NULL)

#16 C:\xampp\htdocs\trunk\oim\includes\specialpage\SpecialPage.php(522): PluggableAuthLogin->execute(NULL)

#17 C:\xampp\htdocs\trunk\oim\includes\specialpage\SpecialPageFactory.php(576): SpecialPage->run(NULL)

#18 C:\xampp\htdocs\trunk\oim\includes\MediaWiki.php(283): SpecialPageFactory::executePath(Object(Title), Object(RequestContext))

#19 C:\xampp\htdocs\trunk\oim\includes\MediaWiki.php(851): MediaWiki->performRequest()

#20 C:\xampp\htdocs\trunk\oim\includes\MediaWiki.php(512): MediaWiki->main()

#21 C:\xampp\htdocs\trunk\oim\index.php(43): MediaWiki->run()

#22 {main}

[session] Saving all sessions on shutdown

[DBReplication] LBFactory::getChronologyProtector: using request info {

    "IPAddress": "180.211.111.116",

    "UserAgent": "Mozilla\/5.0 (Windows NT 10.0; WOW64; rv:55.0) Gecko\/20100101 Firefox\/55.0",

    "ChronologyProtection": false

}

[DBConnection] Closing connection to database 'localhost'.

Edited 17:32, 8 August 2017 6 years ago
Cindy.cicalese (talkcontribs)

When you configure your identity provider, it asks for a redirect URI. You need to set that to the full URL to the Special:PluggableAuthLogin page. The exact format of that URL will depend upon your configuration. You need to figure out what URI it is actually sending and configure your endpoint to match that. If you need further help, please provide the version of all relevant software, including the PHP OpenID Connect library.

01:41, 9 August 2017 6 years ago
Jainam.mehta (talkcontribs)

Hello @Cindy.cicalese thanks you so much for your answer in Google OAuth provider in credential tab i have set

http://<wiki URL>/index.php/Special:UserLogin

http://<wiki URL>/index.php/Special:UserLogin

above 2 as Authorised redirect URIs and that started working !

i have one query will OpenID Connect Library works with custom Authorization provider we have custom requirements to use Open Source tools to make SSO for MediaWiki and ServiceNow so our Customer can login with same credentials.

it would be really great of you if you can guide me to configure OpenID_Connect for Open SSO Provider like, http://www.josso.org/ or some other Open SSO.

Thank you

05:28, 9 August 2017 6 years ago
Cindy.cicalese (talkcontribs)

I'm glad to hear that it is working now.

The page you point to for JSSO states that it supports OpenID Connect, so assuming that it is an accurate implementation of the spec, you should be able to configure the OpenID Connect extension to work with it. If for any reason that does not work, JSSO also claims to support SAML, so you could try the SimpleSAMLphp extension.

11:12, 9 August 2017 6 years ago
Jainam.mehta (talkcontribs)

@Cindy.cicalese Thank you so much for answering my query regarding JOSSO. I will try implementing it with MediaWiki and update here so others can take reference.

I have seen Extension:SimpleSAMLphp also but there is very less description on how to implement with MediaWiki.

As I am new to MediaWiki so it might be difficult to understand.

Thank you.

12:53, 9 August 2017 6 years ago
Retrieved from "https://www.mediawiki.org/wiki/Topic:Tvuzfnczdmy6jkcz"