New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
OAuth application approval fails for Jetpack site #5847
Comments
@cfinke Did you find a workaround to this? |
No, I haven't investigated it any further since submitting the bug report. |
I am seeing this with a Google OAuth2 library on https://artiss.blog/ but it is working for everyone else who is testing. Of note:
cc @dartiss |
@dartiss Is that the Authy plugin on your self-hosted site? What happens when you deactivate that plugin? |
We did some more debugging. It was actually the Two-Factor plugin that he was using, and disabling the plugin didn't help. A couple things I noticed while debugging:
|
Could he check if there are any blocked calls in his CloudFlare interface, in the "Network" tab? |
Did you mean the interface on the CloudFlare website itself? In which case my Network tab only gives me switchable options - there are no references to any blocks. |
That's odd. I assumed the failed calls from Calypso would show up there. Would you mind enabling Thanks! |
I've done that. For the first couple of attempts I got errors to say that it couldn't connect with Jetpack at all. After trying to re-authorise again from scratch I finally got the "someone may be trying to trick you into giving them access to your site" error. The debug log can be found at https://cloudup.com/cGTnFDZp90S. |
Could you try to deactivate the PollDaddy plugin and give it another try? |
FWIW I just installed the PollDaddy plugin and am still able to connect to my site on Pressable |
I deactivated it but it's still the same error. |
Hm. I'm out of ideas here I'm afraid. I'd suggest pausing CloudFlare for a bit to try without it, just to be sure. If that doesn't help either, we'll need to look deeper. |
Can you generate a new debug log after deactivating PollDaddy? Or possibly deactivating all plugins (other than Jetpack) and seeing if that works? |
we are also getting the same error "Someone may be trying to trick you into giving them access to your site. Or it could be you just encountered a bug :). Either way, please close this window." for one my user's wordpress site http://coxhypnotherapy.com/ during oauth2 flow. any solution for this ? |
@somprabhsharma we're still getting to the bottom of this. From what we can tell the |
Steps to reproduce the issue
What I expected
What happened instead
I was redirected to the URL https://www.chrisfinke.com/wp-login.php?action=jetpack_json_api_authorization&redirect_to=[long]&data=[misc]&token=[blah]×tamp=[timestamp]&nonce=[nonce]&body-hash&signature=[sig] (Parameters redacted) and I saw an error screen that said, "Someone may be trying to trick you into giving them access to your site. Or it could be you just encountered a bug :). Either way, please close this window." Since I wasn't trying to trick myself, it must be a bug :).
I disconnected Jetpack and reconnected it with a different account and tried logging in with that account, and that did not work either.
The login process does work for regular WordPress.com blogs, so it doesn't appear to be a problem in Amazon's OAuth implementation.
This was on Jetpack 4.4.2 and WordPress 4.7.
The text was updated successfully, but these errors were encountered: