OAuth application approval fails for Jetpack site #5847
Comments
jeherve
added
[Feature] WPCOM API
[Pri] Normal
[Type] Bug
|
@cfinke Did you find a workaround to this? |
|
No, I haven't investigated it any further since submitting the bug report. |
|
I am seeing this with a Google OAuth2 library on https://artiss.blog/ but it is working for everyone else who is testing. Of note:
cc @dartiss |
@dartiss Is that the Authy plugin on your self-hosted site? What happens when you deactivate that plugin? |
|
We did some more debugging. It was actually the Two-Factor plugin that he was using, and disabling the plugin didn't help. A couple things I noticed while debugging:
|
|
Could he check if there are any blocked calls in his CloudFlare interface, in the "Network" tab? |
|
Did you mean the interface on the CloudFlare website itself? In which case my Network tab only gives me switchable options - there are no references to any blocks. |
|
That's odd. I assumed the failed calls from Calypso would show up there. Would you mind enabling Thanks! |
|
I've done that. For the first couple of attempts I got errors to say that it couldn't connect with Jetpack at all. After trying to re-authorise again from scratch I finally got the "someone may be trying to trick you into giving them access to your site" error. The debug log can be found at https://cloudup.com/cGTnFDZp90S. |
|
Could you try to deactivate the PollDaddy plugin and give it another try? |
|
FWIW I just installed the PollDaddy plugin and am still able to connect to my site on Pressable |
|
I deactivated it but it's still the same error. |
|
Hm. I'm out of ideas here I'm afraid. I'd suggest pausing CloudFlare for a bit to try without it, just to be sure. If that doesn't help either, we'll need to look deeper. |
|
Can you generate a new debug log after deactivating PollDaddy? Or possibly deactivating all plugins (other than Jetpack) and seeing if that works? |
|
we are also getting the same error "Someone may be trying to trick you into giving them access to your site. Or it could be you just encountered a bug :). Either way, please close this window." for one my user's wordpress site http://coxhypnotherapy.com/ during oauth2 flow. any solution for this ? |
|
@somprabhsharma we're still getting to the bottom of this. From what we can tell the |
Steps to reproduce the issue
What I expected
What happened instead
I was redirected to the URL https://www.chrisfinke.com/wp-login.php?action=jetpack_json_api_authorization&redirect_to=[long]&data=[misc]&token=[blah]×tamp=[timestamp]&nonce=[nonce]&body-hash&signature=[sig] (Parameters redacted) and I saw an error screen that said, "Someone may be trying to trick you into giving them access to your site. Or it could be you just encountered a bug :). Either way, please close this window." Since I wasn't trying to trick myself, it must be a bug :).
I disconnected Jetpack and reconnected it with a different account and tried logging in with that account, and that did not work either.
The login process does work for regular WordPress.com blogs, so it doesn't appear to be a problem in Amazon's OAuth implementation.
This was on Jetpack 4.4.2 and WordPress 4.7.
The text was updated successfully, but these errors were encountered: