Mantis Bugtracker          
testlink.org

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0008725TestLinkAuthenticationpublic2019-07-18 19:522019-07-19 15:18
Reportersqualou 
Assigned Tofman 
PrioritynormalSeveritymajorReproducibilityalways
StatusclosedResolutionno change required 
PlatformDockerOSLinuxOS VersionAWS Linux ECS
Product Version1.9.19 (2019 Q1) 
Fixed in Version 
Summary0008725: Google OAuth fails, missing / incomplete documntation
DescriptionHi,

I don't want to sound rude, english is not my first language so I apologies if I may be missing good manners, that's not the idea ;)

I'm trying to set up OAuth2 using gogole as auth provider. I've done it on 5 other products so I'm a bit used to the google console part.

I don't have a clue about php.

To sum it up : I *need* a working configuration example.

Especially the 'redirect_uri'

Right now, the best result I have is this message on login page when I try.


"An error occurred during getting token"

displayed on login page
Steps To ReproduceUse this configuration file, click on button 'login with google', see the message.

<?php

// Google
$tlCfg->OAuthServers = array();
$tlCfg->OAuthServers[1]['oauth_enabled'] = true;
$tlCfg->OAuthServers[1]['oauth_name'] = 'google';
$tlCfg->OAuthServers[1]['redirect_uri'] = 'https://testlink.mydomain.com/login.php?oauth=google'; [^]
// Get from /gui/themes/default/images
$tlCfg->OAuthServers[1]['oauth_icon'] = 'google.png';
$tlCfg->OAuthServers[1]['oauth_client_id'] = 'XXXXXXXXX-aaaaaaaaaaaaaaaaaaaaaabbb.apps.googleusercontent.com';
$tlCfg->OAuthServers[1]['oauth_client_secret'] = 'SECRETSECRET';
// Can be authorization_code (by default), client_credentials or password
$tlCfg->OAuthServers[1]['oauth_grant_type'] = 'authorization_code';
$tlCfg->OAuthServers[1]['oauth_url'] = 'https://accounts.google.com/o/oauth2/auth'; [^]
$tlCfg->OAuthServers[1]['token_url'] = 'https://accounts.google.com/o/oauth2/token'; [^]
// false => then the only user will be selected automatically (applied for google)
$tlCfg->OAuthServers[1]['oauth_force_single'] = false;
// the domain you want to whitelist
$tlCfg->OAuthServers[1]['oauth_domain'] = 'mydomain.com';
$tlCfg->OAuthServers[1]['oauth_profile'] = 'https://www.googleapis.com/oauth2/v1/userinfo'; [^]
$tlCfg->OAuthServers[1]['oauth_scope'] = 'https://www.googleapis.com/auth/userinfo.email [^] https://www.googleapis.com/auth/userinfo.profile'; [^]


?>



Additional Information

From the README on github I saw google auth was supported. (but did anyone read that readme and understood what to do about what ?)

From some old mantis tickets (2017) I tried to figure out a bit more.

'the config file' ... which is apparently "custom_config.inc.php" is not even mentioned in installation documentation. (not nowing about php, beieve me it's a bit strange to use source code files as configuration, so a pointer would be welcome :) )

I finally found 'custom_config.inc.php.google_oauth' example on github but ... looks like its content does not match the expected syntax, it has no result.

Finally looking inside main config file I managed to buid forementioned configuration file, with no idea what I should leave or not commneted out.

Tried dozen of combinations, to no result.

thank you !

TagsNo tags attached.
Database (MySQL,Postgres,etc)RDS Mysql
BrowserChromium
PHP Version
TestCaseID
QA Team - Task Workflow StatusTBD
Attached Files

- Relationships

-  Notes
(0029035)
squalou (reporter)
2019-07-18 19:57
edited on: 2019-07-18 20:02

I'm using 'bitnami' docker image
version 1.9.19-r145

(0029036)
squalou (reporter)
2019-07-18 20:12

Ok, looks like my issue resieds in lib/functions/oauth_providers/google.php

especially the way redirect_uri is taken, and it looks like it's fixed on testlink_1_9 brnch but not in my docker image.

Weird.

I still have

'redirect_uri' => isset($_SERVER['HTTPS']) ? 'https://' [^] : 'http://' [^] . $_SERVER[HTTP_HOST]. '/login.php?oauth=google',


If I replace by

'redirect_uri' => $authCfg['redirect_uri'],


works better...


Also, documentation / working example seems on its way on next version .. so feel free to close this as wont fix or duplicate or whatever

- Issue History
Date Modified Username Field Change
2019-07-18 19:52 squalou New Issue
2019-07-18 19:57 squalou Note Added: 0029035
2019-07-18 20:02 squalou Note Edited: 0029035 View Revisions
2019-07-18 20:12 squalou Note Added: 0029036
2019-07-19 15:18 fman QA Team - Task Workflow Status => TBD
2019-07-19 15:18 fman Status new => closed
2019-07-19 15:18 fman Assigned To => fman
2019-07-19 15:18 fman Resolution open => no change required



Copyright © 2000 - 2019 MantisBT Team
Powered by Mantis Bugtracker