Upgraded to HybridAuth 3.00 #87
Conversation
…e and Twitter * Upgraded HybridAuth from "2.11.0" to "2.15.1" * Added a specific endpoint for MS Live and Twitter (note that those endpoints need to be copied to the root of q2a) * Added function qa_open_login_get_provider_scope in qa-open-utils, that returns the scope for each provider (the default scope for Google, Live, was way too permissive). This function is used in both qa_open-login.php and qa-open-page-logins.php (instead of being duplicated as it used to be for facebook). This fixes https://www.question2answer.org/qa/76682/login-google-login-remove-asking-permission-delete-contacts
Mainly so that when upgrading to an future version of HybridAuth we should not override this file. Should fix issue alixandru#53
* Removed Hybrid (v2) * Added HybridAuth (v3) (without any changes) * Started some adaptions - not working
* Replaced most of the code of check_login() with code taken from HybridAuth3 examples * Fixed OP_baseSelected JS (used in user merge actions) so that it works with Donut theme (Donut replaces inputs with buttons) Note: the logins page still needs fixing.
* Removed the possibility to add a provider to an existing account from the logins page - apparently this has never really worked, and if it did, it won't anymore because of the restrictions imposed by OAuth providers on callback URLs (and absence of paramenters). It is still possible to merge two accounts based on the email. * Fixed the removal of a provider in the logins page * Fixed the compatibility with Donut (although we should add a proper option for dealing with Donut) - Donut does not use inputs and links but only buttons. * In the configuration form, removed the (obsolete) links to HybridAuth documentation - they were at best incomplete, outdated, and misleading. It's best for people to just google their provider and they shall find the correct answer. * The default callback URL is now the root URL - although that might change depending on the way URL are shown (neat vs not neat). Added a second fallback URL with index.php. Also added a warning when using HTTPS and HTTP * Added the icon of each provider in the admin form (that will work only if Bootstrap is enabled and the icon is declared in the CSS, which basically is the case with Donut)
* Included Bootstrap Social (see http://lipis.github.io/bootstrap-social/) - with a few changes to take precedence over Donut * Added a specific option for using Donut, that actually triggers the use of bootstrap-social (for bc) * Removed some specific code for Google button, that tend to mixup the style
|
See: amiyasahu/Donut#110 |
…authentication screen When cancelling the auth screen, we would be caught in an infinite loop, because a redirect would add the provider back in the URL, + the HybridAuth storage was not properly cleared. Note that Google does not seem to provide a way to cancel/deny the auth screen, which is not too cool.
|
Hello! Thanks again for the pull request. Due to the fact that I merged the other commits I need to manually fix the conflicts. I hope to be able to do that this weekend. I will get back to you soon. |
|
Thanks - do not hesitate to come back to me, I'll try to be reactive if
there's anything...!
Le sam. 31 août 2019 à 10:52, alixandru <notifications@github.com> a écrit :
… Hello! Thanks again for the pull request. Due to the fact that I merged
the other commits I need to manually fix the conflicts. I hope to be able
to do that this weekend. I will get back to you soon.
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#87?email_source=notifications&email_token=ADAAVDPXWGUTGMG7WTCO43LQHIWK7A5CNFSM4IQFEXLKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOD5TISTQ#issuecomment-526813518>,
or mute the thread
<https://github.com/notifications/unsubscribe-auth/ADAAVDIMXMMLJQLRTFCJSJDQHIWK7ANCNFSM4IQFEXLA>
.
|
* Use Hybridauth\Storage\Session to store the redirection path during the connection process * Also added the login buttons in the error HTML when on the ask form (if the form is not displayed because the user is not logged in)
Removed the buttons in the error message - this should not be done this way but by adding the widget in the "ask" question page.
|
Hello @alixandru, have you add time to review the changes ? Tell me if I can be of any help! |
|
Hi there. We recently upgraded our q2a instance to 1.8.5 at https://godotengine.org/qa/ and it seems that Open Login broke. We tried latest @bertrandgorge Does the current state of your Since @alixandru merged a partial state manually, the best would likely be to create a new dedicated branch for a PR that would be rebased on alixandru/master. We'd really love to have a functioning q2a-open-login matching latest q2a 1.8.5. Thanks! |
|
Hello @akien-mga ! I believe that this repo is not up to date with my last commits, probably because of me - my first attempts at providing a clean PR were not that great. You can check https://github.com/neayi/q2a-open-login as it functional for me and a bit ahead. Do not hesitate to contact me directly if you want to discuss it directly |
|
O plugin não está funcionando corretamente no Facebook e Google? Tem alguém usando com sucesso neles atualmente? |
Upgraded to HybridAuth 3.00 (https://github.com/hybridauth/hybridauth/releases/tag/v3.0.0)
Overall, the upgrade was not too complicated, I didn't have to change to many things. One main issue was the "associate providers" process, which didn't seem to work on the first place, and was quite problematic because it would require a callback URL with parameters, which many providers don't provide anymore.
Upgrade notes:
This patch has been tested against Twitter, Facebook and Google with success.