URLs and Callbacks guide

Catalyst_Testaccount

June 2018 in Drupal

Hi,

I'm having trouble setting up OneAll on our staging site which is a bit more strict than my local development environment.

I've autodetected API Communication and verified the API Settings. All is green in the settings page.

I go to the login page and the oneall icons are there. When I click one, Facebook for example, the popup appears I'm presented with the fb form. I fill up the form and I get the 'You have logged in via Facebook message.' Then I get redirected to the homepage and I'm not logged in.

The expected behavior is I get redirected to the account creation page.

Our theory is that the server is too strict so here's what we did.

So currently I can see that the the drupal site calls https://[subdomain].api.oneall.com. and Oneall calls back from https://[subdomain].api.oneall.com to https://mydrupalsite.com/social_login/callback.
We allowed outgoing calls via 80 and 443 and allowed incoming calls from the IP of https://[subdomain].api.oneall.com.

I've been trying to find a page in your guides related to the related to making a login attempt using the Drupal 8 module.

Is this using the standard https?
Are there any other callback urls related to this?

I haven't seen any logs in Drupal so I'm a bit lost.

Best Answer

Claude_SchlesserAdministratorOneAll Team

June 2018 edited June 2018 Answer ✓

Hello,

if you have no $_POST data, then you might have installed a Drupal module (e.g. Security Kit) which blocks offsite POST requests from our API to your server. Please check the settings of the security plugin and whitelist the following domain for offsite requests:

*.api.oneall.com

Answers

Catalyst_TestaccountMember

June 2018 edited June 2018
So upon further investigating here's the callback that I'm getting in the drupal access logs:

25/Jun/2018:15:50:27 +1200] "GET /social_login/callback?origin=http%3A//mywebsite.com/user/login HTTP/1.0" 302 248 "http://subdomain.api.oneall.com/socialize/redirect.html?provider_connection_token=[token removed]" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36"

[25/Jun/2018:15:50:29 +1200] "GET / HTTP/1.0" 200 89095 "http://subdomain.api.oneall.com/socialize/redirect.html?provider_connection_token=[token removed]" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36"

I was curious why there was no post so I added some debug logging to SocialLoginController.php:

\Drupal::logger('social_login_debugging')->warning(print_r($_POST, TRUE)); \Drupal::logger('social_login_debugging')->warning(print_r($_GET, TRUE));

and this gave me the following respectively:

Array () Array ( [origin] => http://mywebsite.com/user/login )
Catalyst_TestaccountMember

June 2018

Further updates here: https://www.drupal.org/project/social_login/issues/2981679

Just so we don't double up.

Thanks Claude for graciously replying to both!

Welcome!

Please sign in to your OneAll account to ask a new question or to contribute to the discussions.

Please click on the link below to connect to the forum with your OneAll account.

Ask a question

Information

Documentation

URLs and Callbacks guide

Best Answer

Answers

Welcome!

Information

Products & Services

Categories