Failed Authentication (sort of)

  • Steve P (UK)

    (@stevepalmeratwordpress)


    6 years, 1 month ago

    Hi Everyone

    I’m new to WordPress but am learning pretty fast, having just moved all my blogs from Blogger to WordPress. I’ve since added plenty of plugins and yours is the latest. I can see it’s very powerful and I’d like to get it working – but I can’t.

    I’ve been through the setup process, but If I try and add a Google Album, it pops up an error message pointing back to the setup/authentication screen – I suspect I have created an error here, somewhere.

    I get all the way through the process (Google Client ID and the Google Secret are all OK) but when it comes to the token stage, and try and get it, the token is ‘undefined’
    is that normal? Is that what is stopping it functioning?

    The screen then suggests that I use ‘Google Photos Refresh Token Getter’, but I am not seeing that option anywhere.

    Does any of this make sense? Is there any other data I can provide you with to get your excellent plugin working?

    I tried ‘re-authenticating’ but I still get ‘undefined’ for the token – and the plugin is is still unable to find any of my Albums.

    I’d appreciate any help.

    Thanks

    Steve

Viewing 15 replies - 16 through 30 (of 78 total)
  • Thread Starter Steve P (UK)

    (@stevepalmeratwordpress)

    OK SSL turned off – check

    Removed echo – print_r statements

    Refreshed the blog post but it’s still failing, although the refresh token error message has changed, I think?

    Anyway, best get some sleep – I’m off to my ‘day job’ now anyway, so perhaps pick it up again tomorrow.

    Again, THANKS for all your help. This plugin has so much potential for me and I would like to get it all working.

    All the best

    Steve

    Thread Starter Steve P (UK)

    (@stevepalmeratwordpress)

    ‘Morning’ Sayontan

    We said we might pick this up again today. How are you placed? I have about an hour before I need to leave for work. Anything useful I can do at this end to try and nail this issue?

    Thanks

    Steve

    Plugin Author Sayontan Sinha

    (@sayontan)

    Hi Steve,
    I am at a team dinner right now. Any chance you might be able to connect during your evening? I am guessing you are based out of Europe?

    Thread Starter Steve P (UK)

    (@stevepalmeratwordpress)

    Cheers Sayontan

    Yes, of course, I’ll be home from around 6pm UK time. It’s currently 5.30am here.

    Catch you later.

    Thanks again. Hope we can solve this as I’m really looking forward to using your Plugin.

    Regards

    Steve

    Plugin Author Sayontan Sinha

    (@sayontan)

    Hi Steve,
    I wanted to confirm a few things when you start today:

    1. When you obtained your credentials from Google Playground, did you use your own credentials? Or did you use Google’s credentials?
    2. Are you still able to create a gallery in the back-end?
    Thread Starter Steve P (UK)

    (@stevepalmeratwordpress)

    Hi Sayontan

    Should be home in front of the PC around 6pm UK time. Just leaving work now

    When you obtained your credentials from Google Playground, did you use your own credentials? Or did you use Google’s credentials?

    I think I used ‘own credentials’ because I think that’s what was suggested in the workaround. How can I tell?

    Are you still able to create a gallery in the back-end?
    Sorry, that’ question is above my pay-grade ?? I don’t know what that means.

    Plugin Author Sayontan Sinha

    (@sayontan)

    Sorry, that’ question is above my pay-grade ?? I don’t know what that means.

    Oh – what I meant was, are you still able to use the shortcode builder to generate the shortcode all the way up to the end?

    Thread Starter Steve P (UK)

    (@stevepalmeratwordpress)

    Yes and I can actually see the Google photos icon in a box in the post

    Does that help us?

    Steve

    Thread Starter Steve P (UK)

    (@stevepalmeratwordpress)

    Hi Sayontan.

    I’m home now (5.30PM UK), near the PC. Happy to follow your suggestions…

    Plugin Author Sayontan Sinha

    (@sayontan)

    OK, so I was going through the code that handles authentication on both, the front-end and the back-end. I don’t see any difference between the two – both methods invoke the same call, perform_back_end_authentication. So let’s try putting in some debug statements.

    Go to the file wp-content/plugins/photonic/extensions/Photonic_OAuth2_Processor.php, line 138. You will see this:

    if (!empty($token)) {
	$this->access_token = $token['oauth_token'];
}

    Put the following statements both, above, and below this block:

    print_r($photonic_authentication);
print_r($token);

    My hunch is that one of your other plugins is messing with some URL parameter, particularly since you are able to execute it from your post-edit screen, but not on the front-end.

    Thread Starter Steve P (UK)

    (@stevepalmeratwordpress)

    Sorry, I can’t find the string… here’s the php file

    <?php

abstract class Photonic_OAuth2_Processor extends Photonic_Processor {
	public $scope, $response_type, $client_id, $client_secret, $state, $access_token;

	function __construct() {
		parent::__construct();
	}

	public abstract function authentication_url();

	public abstract function access_token_url();

	public function redirect_url() {
		return get_site_url();
	}

	public function get_authorization_url($args = array()) {
		$url = add_query_arg('test', 'test');
		$url = remove_query_arg('test', $url);
		$parameters = array_merge(array(
			'response_type' => $this->response_type,
			'redirect_uri' => $this->redirect_url(),
			'client_id' => $this->client_id,
			'scope' => $this->scope,
			'access_type' => 'offline',
			'state' => md5($this->client_secret.$this->provider).'::'.urlencode($url),
		), $args);
		return $this->authentication_url()."?".$this->build_query($parameters);
	}

	/**
	 * Takes an OAuth request token and exchanges it for an access token.
	 *
	 * @param $request_token
	 */
	function get_access_token($request_token) {
		$code = $request_token['code'];
		$state_args = explode('::', $request_token['state']);
		$secret = md5($this->client_secret, false);

		if ($state_args[0] == md5($this->client_secret.$this->provider)) {
			$url = urldecode($state_args[1]);
			$response = Photonic::http($this->access_token_URL(), 'POST', array(
				'code' => $code,
				'grant_type' => 'authorization_code',
				'client_id' => $this->client_id,
				'client_secret' => $this->client_secret,
				'redirect_uri' => $this->redirect_url(),
			));
			if (is_wp_error($response)) {
				$url = add_query_arg('error', $response->get_error_code(), $url);
			}
			else if ($response == null) {
				$url = add_query_arg('error', 'null', $url);
			}
			else {
				$body = $response['body'];
				$body = json_decode($body);

				if (isset($_COOKIE['photonic-' . $secret . '-oauth-token'])) {
					unset($_COOKIE['photonic-' . $secret . '-oauth-token']);
				}
				if (isset($_COOKIE['photonic-' . $secret . '-oauth-refresh-token']) && isset($body->refresh_token)) {
					unset($_COOKIE['photonic-' . $secret . '-oauth-refresh-token']);
				}
				if (isset($_COOKIE['photonic-' . $secret . '-oauth-token-type'])) {
					unset($_COOKIE['photonic-' . $secret . '-oauth-token-type']);
				}
				if (isset($_COOKIE['photonic-' . $secret . '-oauth-token-created'])) {
					unset($_COOKIE['photonic-' . $secret . '-oauth-token-created']);
				}
				if (isset($_COOKIE['photonic-' . $secret . '-oauth-token-expires'])) {
					unset($_COOKIE['photonic-' . $secret . '-oauth-token-expires']);
				}
				$cookie_expiration = 365 * 24 * 60 * 60;
				setcookie('photonic-' . $secret . '-oauth-token', $body->access_token, time() + $cookie_expiration, COOKIEPATH);
				if (isset($body->refresh_token)) {
					setcookie('photonic-' . $secret . '-oauth-refresh-token', $body->refresh_token, time() + $cookie_expiration, COOKIEPATH);
				}
				setcookie('photonic-' . $secret . '-oauth-token-type', $body->token_type, time() + $cookie_expiration, COOKIEPATH);
				setcookie('photonic-' . $secret . '-oauth-token-created', time(), time() + $cookie_expiration, COOKIEPATH);
				setcookie('photonic-' . $secret . '-oauth-token-expires', $body->expires_in, time() + $cookie_expiration, COOKIEPATH);
			}
		}
		else {
			$url = remove_query_arg(array('token', 'code', 'state'));
		}
		wp_redirect($url);
		exit();
	}

	function refresh_token($refresh_token) {
		$token = $this->get_access_token_from_refresh($refresh_token, false);
		if (!empty($token)) {
			$secret = md5($this->client_secret, false);
			if (isset($_COOKIE['photonic-' . $secret . '-oauth-token'])) {
				unset($_COOKIE['photonic-' . $secret . '-oauth-token']);
			}
			if (isset($_COOKIE['photonic-' . $secret . '-oauth-token-type'])) {
				unset($_COOKIE['photonic-' . $secret . '-oauth-token-type']);
			}
			if (isset($_COOKIE['photonic-' . $secret . '-oauth-token-created'])) {
				unset($_COOKIE['photonic-' . $secret . '-oauth-token-created']);
			}
			if (isset($_COOKIE['photonic-' . $secret . '-oauth-token-expires'])) {
				unset($_COOKIE['photonic-' . $secret . '-oauth-token-expires']);
			}
			$cookie_expiration = 365 * 24 * 60 * 60;
			setcookie('photonic-' . $secret . '-oauth-token', $token['oauth_token'], time() + $cookie_expiration, COOKIEPATH);
			setcookie('photonic-' . $secret . '-oauth-token-type', $token['oauth_token_type'], time() + $cookie_expiration, COOKIEPATH);
			setcookie('photonic-' . $secret . '-oauth-token-created', $token['oauth_token_created'], time() + $cookie_expiration, COOKIEPATH);
			setcookie('photonic-' . $secret . '-oauth-token-expires', $token['oauth_token_expires'], time() + $cookie_expiration, COOKIEPATH);
		}
	}

	/**
	 * @param $refresh_token
	 */
	public function perform_back_end_authentication($refresh_token) {
		$photonic_authentication = get_option('photonic_authentication');
		if (!isset($photonic_authentication)) {
			$photonic_authentication = array();
		}

		if (!isset($photonic_authentication[$this->provider]) && !empty($refresh_token)) {
			$token = $this->get_access_token_from_refresh($refresh_token, true);
		}
		else if (isset($photonic_authentication[$this->provider])) {
			$token = $photonic_authentication[$this->provider];
			if (isset($token)) {
				if ($this->is_token_expired($token)) {
					$token = $this->get_access_token_from_refresh($refresh_token, true);
				}
			}
		}

		if (!empty($token)) {
			$this->access_token = $token['oauth_token'];
		}
	}

	function get_access_token_from_refresh($refresh_token, $save) {
		$token = array();
		$response = Photonic::http($this->access_token_url(), 'POST', array(
			'client_id' => $this->client_id,
			'client_secret' => $this->client_secret,
			'refresh_token' => $refresh_token,
			'grant_type' => 'refresh_token'
		));

		if (!is_wp_error($response)) {
			$token = $this->parse_token($response);
			if (!empty($token)) {
				$token['client_id'] = $this->client_id;
			}
			if ($save) {
				$this->save_token($token);
			}
		}
		return $token;
	}

	function is_token_expired($token) {
		if (empty($token)) {
			return true;
		}
		if (!isset($token['oauth_token']) || !isset($token['oauth_token_created']) || !isset($token['oauth_token_expires'])) {
			return true;
		}
		if (!isset($token['client_id']) || (isset($token['client_id']) && $token['client_id'] !== $this->client_id)) {
			return true;
		}
		$current = time();
		if ($token['oauth_token_created'] + $token['oauth_token_expires'] < $current) {
			return true;
		}
		return false;
	}
}
    Plugin Author Sayontan Sinha

    (@sayontan)

    It is within the block that says perform_back_end_authentication

    Thread Starter Steve P (UK)

    (@stevepalmeratwordpress)

    OK, all done….

    Plugin Author Sayontan Sinha

    (@sayontan)

    Did you put in the two lines twice, once before and once after?

    Thread Starter Steve P (UK)

    (@stevepalmeratwordpress)

    Yes I did. But I’m not clear exactly where to put the second set. Tell me the exact script that it’s got to sit below (Be gentle, I’m not a techy!) ??

Viewing 15 replies - 16 through 30 (of 78 total)
  • The topic ‘Failed Authentication (sort of)’ is closed to new replies.