Oauth2 authentification - issue with Microsoft

Re: Oauth2 authentification - issue with Microsoft

by Damyon Wiese -
Number of replies: 1

Thanks for posting the screenshots and urls - they helped me diagnose this problem. 


By replacing the code parameter with "a" characters and testing different lengths I was able to determine there is a configuration problem in your Apache server that is preventing this from working. OAuth works by passing long unguessable tokens around, so it requires very long url parameters. 


You can see the problem is reflected by different error message responses from these 2 urls:


Not working                                                                                                                         

https://sciences-humaines.ca/admin/oauth2callback.php?code=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa&state=%2fauth%2foauth2%2flogin.php%3fwantsurl%3dhttps%253A%252F%252Fsciences-humaines.ca%252F%26sesskey%3dmrEzQAXrNR%26id%3d8&session_state=33fa8ec5-de7d-4e16-a8d6

                                                                                                                                    

Working                                                                                                                             

https://sciences-humaines.ca/admin/oauth2callback.php?code=aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa&state=%2fauth%2foauth2%2flogin.php%3fwantsurl%3dhttps%253A%252F%252Fsciences-humaines.ca%252F%26sesskey%3dmrEzQAXrNR%26id%3d8&session_state=33fa8ec5-de7d-4e16-a8d6


I googled this problem for you and this is the most likely answer: 

http://www.php.net/manual/en/reserved.variables.get.php#101469


Cheers, Damyon

Average of ratings: Useful (1)
In reply to Damyon Wiese

Re: Oauth2 authentification - issue with Microsoft

by Yvan Urunuela -

Thanks a lot Damyon, it works!


For those who get the same problem, some information (I'm not an expert but it could help):

- As Damyon said, the problem is the lenght of the URL (number of characters). The Php Suhosin patch has a defaut limit of 512 characters for get parameters. In my case, the URL had more than 900...
- To fix the problem, you have to change the suhosin.get.max_value_length = <limit> in the php.ini, for example suhosin.get.max_value_length = 2000
- In my case, I was not able to change it by myself (I changed the php.ini in Cpanel but nothing happens), I had to ask the web hosting team to do it for me (check with your web hosting service).

Thanks Damyon and Adam for your precious help.

Average of ratings: Useful (1)