Welcome to Geeklog, Anonymous Saturday, December 21 2024 @ 09:18 am EST
Geeklog Forums
oAuth remote login does not show
Status: offline
remy
Forum User
Full Member
Registered: 06/09/03
Posts: 162
Location:Rotterdam & Bonn
When I first installed GL 2.0.0, these buttons for remote login were available, but I disabled them. Now, having registered with LinkedIn for remote authentication, I cannot enable them any more. They just don't show any more.
I see the following oddities:
-- In the config screens, I was used to seeing a error when I enable f.i. Twitter without filling in the secret keys. This is gone too: whatever I modify, it's okay.
-- geeklog.net allows for remote auth, but only in the user-function-block. If you are forced to login, the remote options are sometimes not complete (just facebook and twitter).
-- I read a comment that you should insert the secret keys in the oAuth classes too. And I 've read a comment saying that this is not necessary any more. The install docs does not mention anything about that. I'm confused.
Anybody having the same experiences? Or a hint where to look for what?
I see the following oddities:
-- In the config screens, I was used to seeing a error when I enable f.i. Twitter without filling in the secret keys. This is gone too: whatever I modify, it's okay.
-- geeklog.net allows for remote auth, but only in the user-function-block. If you are forced to login, the remote options are sometimes not complete (just facebook and twitter).
-- I read a comment that you should insert the secret keys in the oAuth classes too. And I 've read a comment saying that this is not necessary any more. The install docs does not mention anything about that. I'm confused.
Anybody having the same experiences? Or a hint where to look for what?
12
6
Quote
Status: offline
remy
Forum User
Full Member
Registered: 06/09/03
Posts: 162
Location:Rotterdam & Bonn
Found the cause, but had to analyse security.lib first.
It turns out that, when new_user_registration is disabled OR new_users go into the submission queue for moderation, the remote oauth services are not enabled.
Having these configs fixed and in a correct balance with security, it turns out that a user account is activated. This lacks a email-address and there is no service name (@linkedin in my case). Not sure if GL will use email services of linkedin for sending notifications.
The documentation only mentions that a temporary account with a adjusted username is created. Both statements are false: the account is infinite and the full name is used as the username. This must clash very soon.
The documentation mentions that such user is added to the group remote-users only. Also not true. I find the user in the groups All-users AND in Logged-in users (even when the user logged out!!).
Though the user cannot change the password, I wonder if that can abused.
Can anybody shine a light on above troubles? Should I file bugs, feature-request?
It turns out that, when new_user_registration is disabled OR new_users go into the submission queue for moderation, the remote oauth services are not enabled.
Having these configs fixed and in a correct balance with security, it turns out that a user account is activated. This lacks a email-address and there is no service name (@linkedin in my case). Not sure if GL will use email services of linkedin for sending notifications.
The documentation only mentions that a temporary account with a adjusted username is created. Both statements are false: the account is infinite and the full name is used as the username. This must clash very soon.
The documentation mentions that such user is added to the group remote-users only. Also not true. I find the user in the groups All-users AND in Logged-in users (even when the user logged out!!).
Though the user cannot change the password, I wonder if that can abused.
Can anybody shine a light on above troubles? Should I file bugs, feature-request?
7
8
Quote
antiqueone
Anonymous
I have exactly the same problem as Remy. I am using Geeklog 2.0.0.
Is there any fix for this?
Is there any fix for this?
9
6
Quote
All times are EST. The time is now 09:18 am.
- Normal Topic
- Sticky Topic
- Locked Topic
- New Post
- Sticky Topic W/ New Post
- Locked Topic W/ New Post
- View Anonymous Posts
- Able to post
- Filtered HTML Allowed
- Censored Content