Welcome to Geeklog, Anonymous Thursday, November 28 2024 @ 07:39 pm EST
Geeklog Forums
Post-Install Oauth for Twitter/LinkedIn Login Error
Page navigation
I see the Twitter and LinkedIn login options on my main page.
But when I click on either, I am presented with this error:
Unfortunately, an error has occurred rendering this page. Please try again later.
And the tail end of my error.log clearly shows why this is:
Mon 01 Nov 2010 19:50:00 EDT - 2 - require_once(HTTP/OAuth.php): failed to open stream: No such file or directory @ /var/www/ssl.hackdefendr.com/geeklog/system/pear/HTTP/OAuth/Consumer.php line 24
My question is ... Why is this plugin not obeying the standard geeklog path for finding the necessary dependencies to run?
The files are where they should be, per the Readme.txt file:
./system/pear/HTTP/OAuth.php
./plugins/OAuth_in_Geeklog/system/pear/HTTP/OAuth.php
Am I missing something?
I already know, that editing every single file in this plugin and putting the full path to those require_once calls does work, but I shouldn't have to edit all those files.
Thanks,
Jeff
:helpme:
--
J. Singleton, BS Information Security
HackDefendr Security
Cyber Security, Vulnerability, & Social Behavior Research
Laugh
The OAuth files you are using is a hack of Geeklog and not a plugin so the files are not stored in standard locations. There is no reason to create a "OAuth_in_Geeklog" directory under the plugins directory.
To install this hack (for most installs of Geeklog) unzip the OAuth file. Once unzip you will find a OAuth_in_Geeklog directory. Copy the contents of this directory into the root of your website. Most of the files being copied will replace current versions of the files.
One of the Geeklog Core Developers.
HackDefendr
The pear files should be in the "/system/pear/" directory located in the root of the website (with all of the other pear files).
The OAuth files you are using is a hack of Geeklog and not a plugin so the files are not stored in standard locations. There is no reason to create a "OAuth_in_Geeklog" directory under the plugins directory.
To install this hack (for most installs of Geeklog) unzip the OAuth file. Once unzip you will find a OAuth_in_Geeklog directory. Copy the contents of this directory into the root of your website. Most of the files being copied will replace current versions of the files.
Ok...Ignore the fact that I extracted the zip file into my geeklog system plugins folder. I have all the files in the correct location per the Readme.txt file. When I enabled oauth in the lib-common.php file...I do see the option to log in using Twitter or LinkedIn.
When I click on the Twitter login link...that is when I see the error page and when I see the File Not Found errors in the error.log.
Why is this hack not able to properly find the pear file in /system/pear where I have them? See below where the require_once is not finding the file OAuth.php under HTTP -- WHICH IS under /system/pear where it should be.
At present time...this Hack does not work for me on v1.7.0.
--
J. Singleton, BS Information Security
HackDefendr Security
Cyber Security, Vulnerability, & Social Behavior Research
HackDefendr
Have you changed the Pear settings in the Geeklog Configuration? (about 2/3 the way down on the first page)
No change other than to Enable it...
--
J. Singleton, BS Information Security
HackDefendr Security
Cyber Security, Vulnerability, & Social Behavior Research
Laugh
Having it set to false, Geeklog will use the "Path Pear" location. Either way, whatever Pear files you are using they need to be updated.
Tom
One of the Geeklog Core Developers.
HackDefendr
If "Have Pear" is set to true that means you have pear installed somewhere on the server and Geeklog will use the setting found in php.ini for the location. You will have to make sure that location has the updated pear files.
Having it set to false, Geeklog will use the "Path Pear" location. Either way, whatever Pear files you are using they need to be updated.
Tom
Sorry...but no matter how I have it set in Configuration, I get the same error. This hack is just not finding its dependencies for some reason. The files are there, exactly where the Readme.txt instructed. But the error shown in the error.log really can't be disputed. I don't have any custom pear settings in my php.ini...Geeklog is the only app I have that would use pear.
Tue 02 Nov 2010 19:46:50 EDT - 2 - require_once(HTTP/OAuth.php): failed to open stream: No such file or directory @ /var/www/ssl.hackdefendr.com/geeklog/system/pear/HTTP/OAuth/Consumer.php line 24
# pwd
/var/www/ssl.hackdefendr.com/geeklog
# ls system/pear/HTTP/
OAuth/ OAuth.php Request/ Request.php Request2/ Request2.php
The files are there...what more can I do/say?
--
J
--
J. Singleton, BS Information Security
HackDefendr Security
Cyber Security, Vulnerability, & Social Behavior Research
Laugh
Obviously it found the file at /system/pear/HTTP/OAuth/Consumer.php but not the one at /system/pear/HTTP/OAuth.php
I am a windows guy not linux, maybe the file is corrupt?
Maybe it has something to do with the path specified on line 24 in consumer.php. Can you edit the file and put the full path to OAuth.php?
Anyone else have any ideas?
Tom
One of the Geeklog Core Developers.
HackDefendr
I am not sure what is going on then.
Obviously it found the file at /system/pear/HTTP/OAuth/Consumer.php but not the one at /system/pear/HTTP/OAuth.php
I am a windows guy not linux, maybe the file is corrupt?
Maybe it has something to do with the path specified on line 24 in consumer.php. Can you edit the file and put the full path to OAuth.php?
Anyone else have any ideas?
Tom
I can edit the file and resolve that one error.
Problem is ... there are several require_once calls throughout this hack that makes it very tedious to do.
And doesn't make sense that is can find the consumer.php and not anything else. I really do have a fairly light install, so there isn't alot of customizations/plugins etc. I don't see where anything else is having these problems finding files.
I guess...if no one else has anything to add...I may just have to modify all the files to point directly to required files with a full path.
Having this OAuth method of logging in is something I want to have...so I will just have to make it work.
--
J. Singleton, BS Information Security
HackDefendr Security
Cyber Security, Vulnerability, & Social Behavior Research
Laugh
As I only test stuff on IIS if anyone else is having problems or have gotten it to work fine with Linux let me know.
Thanks
Tom
One of the Geeklog Core Developers.
HackDefendr
I am integrating this hack into Geeklog for version 1.8.0.
As I only test stuff on IIS if anyone else is having problems or have gotten it to work fine with Linux let me know.
Thanks
Tom
Maybe a better question would be....How does everything else in Geeklog find the necessary files to run? Is there a {system_path} variable like the {pear_path} one? Can this be set or called from the function in lib-security.php or lib-common.php?
--
J
--
J. Singleton, BS Information Security
HackDefendr Security
Cyber Security, Vulnerability, & Social Behavior Research
HackDefendr
--
J. Singleton, BS Information Security
HackDefendr Security
Cyber Security, Vulnerability, & Social Behavior Research
HackDefendr
--
J. Singleton, BS Information Security
HackDefendr Security
Cyber Security, Vulnerability, & Social Behavior Research
Roccivic
That said, none of the authentication methods actually work. For facebook, after being redirected to:
https://graph.facebook.com/oauth/authorize?client_id=xxxxxxxxxxxxxxx&redirect_uri=http%3A%2F%2Flocalhost%2Fgl%2Fpublic_html%2Fusers.php%3Foauth_login%3Dfacebook&scope=email%2Cuser_website%2Cuser_location%2Cuser_photos
all I get to see is:
"error": {
"type": "OAuthException",
"message": "Error validating application."
}
}
Literally. Not even a single html tag.
For Twitter and LinkedIn, Geeklog returns an error message: "Can not get URL for authentication."
No idea what any of this means...
Roccivic
If I fire it up with SSL, Geeklog crashes with the following symptom when I click on any of the login buttons:
EDIT: Now it's always throwing this error. Weird...
Anyway, I don't really need it to work. I just thought I'd give it a bash and see if I'd get the same error as the OP to help him out...
Laugh
In lib-common around line 37 make sure you have
error_reporting(E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR | E_USER_ERROR);
to allow your error to be bypassed (this is the standard Geeklog setting).
Some of the variables and constants are not defined in the hack which will be fixed when it is incorporated into core.
One of the Geeklog Core Developers.
HackDefendr
I definitely have SSL enabled in my PHP, so it has to be something else. I am going to check my error level to see if I can get more from the error.
# php -i | grep OpenSSL
OpenSSL support => enabled
OpenSSL Version => OpenSSL 1.0.0a 1 Jun 2010
I didn't get a chance to test my LinkedIn login as I have reached my maximum of failed login attempts.
Edit: I've got full debugging and error level on, but I'm not getting anything else besides:
System Message - 11/06 01:01
Can not get URL for authentication.
--
J
--
J. Singleton, BS Information Security
HackDefendr Security
Cyber Security, Vulnerability, & Social Behavior Research
HackDefendr
This seemed to have worked, as I was then redirected properly to my Twitter application and asked to allow/deny it...which, when Allowed, returns me back to my website.
BUT
I did not have SimpleXML built into my PHP, so it failed. I am currently rebuilding PHP with SimpleXML :rtfm: and will Edit/Update this post with the results.
Fatal error: Call to undefined function simplexml_load_string() in /var/www/ssl.hackdefendr.com/geeklog/system/classes/oauthhelper.class.php on line 151
--
J
--
J. Singleton, BS Information Security
HackDefendr Security
Cyber Security, Vulnerability, & Social Behavior Research
Roccivic
You must have your PHP Error reporting set to E_ALL (report all errors) in lib-common.php or the php.ini file.
In lib-common around line 37 make sure you have
error_reporting(E_ERROR | E_WARNING | E_PARSE | E_COMPILE_ERROR | E_USER_ERROR);
to allow your error to be bypassed (this is the standard Geeklog setting).
Some of the variables and constants are not defined in the hack which will be fixed when it is incorporated into core.
I did have error_reporting set to E_ALL as I forgot to return this to the default values after tracing an issue.
When I reverted to the defaults (with SSL enabled), I get the same error as before...
@HackDefender:
On my system "php -i | grep OpenSSL" doesn't mean much. It will return 'enabled' even when apache2 (and openssl) is down.
[sudo] password for roccivic:
#Stopping XAMPP for Linux 1.7.3a...
XAMPP: Stopping Apache with SSL...
XAMPP: Stopping MySQL...
XAMPP: Stopping ProFTPD...
XAMPP stopped.
roccivic@roccivic-pc:~$ php -i | grep OpenSSL
OpenSSL support => enabled
OpenSSL Library Version => OpenSSL 0.9.8k 25 Mar 2009
OpenSSL Header Version => OpenSSL 0.9.8k 25 Mar 2009
OpenSSL support => enabled
All you have to do to remove all speed limits in MySQL is:
Page navigation
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content