-
Notifications
You must be signed in to change notification settings - Fork 69
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cannot add Friendica account anymore. #569
Comments
I just checked if adding an account at mastodon.social works with current code: yes, it does. |
@yvolk I downgraded to 59.10, re-added the account - which worked - and upgraded to 59.15 afterwards - which left it working, on the same Friendica instance. So it feels like this is somehow related to changes in between 59.10 and 59.15 for the initial signup / auth procedere? Any info I can provide to debug this? |
@kr428 The problem is probably related to this improvement of compatibility with OAuth 2.0 specification. That fix may affect services that followed Mastodon's implementation instead. See #561 In order for me look at this, I need to have a test account at a Friendica server having the latest development version. Could you provide such an account for me? |
Squeet.me is on dev, but not the current one. |
Hi @annando , I checked Squeet.me and I don't see any registration link there.
and instead of an HTML response gets this:
Probably this is caused by addition of "client_id" to the Access Token Request as required by OAuth 2.0 spec, see my comment #561 (comment) Friendica code should be adapted to handle this normally as this conforms to the spec. |
Yeah, since squeet.me now has around 5,000 users, at some point in time I closed the registration. BTW: I just saw that you still has got a test account on my machine that I use for developing: pirati.ca. |
Yes, I tried pirati.ca yesterday also. Didn't remember that it is also yours :-) ...Oops, and after your profile update in AndStatus your profile was changed to some "Kai ..." :-( |
I try to work on it this weekend. So possibly you can even test it before I created the PR. |
I just saw that on creating the app the I made a fix for this. But still it doesn't work. AndStatus is posting to According to https://docs.joinmastodon.org/methods/oauth/#token the |
@annando Thank you for information.
See the metadata for these attempts:
|
@annando I would suggest for Friendica to support standard OAuth 2.0 also, not only Mastodon's custom variant |
What about the missing |
@annando Oh, I see that you mentioned "client_secret". Please see below. |
Regarding failure due to absence of client_secret.
I think we better not add client_secret here because it's not even an optional parameter, see https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.3 BTW mastodon.social server does work without client_secret here. |
Concerning the
and: https://www.oauth.com/oauth2-servers/access-tokens/client-credentials/
So for me it seems as if the |
@annando Aha-ha :-) I've started to remember that we had similar discussions some time ago... And yes, I see that you and me discussed exactly the same thing two years ago :-) Please see this comment from the thread I was reffering to: #530 (comment) |
AFAIK that discussion had been about where to fetch these values, see the code here: |
I see where I think the bug is. From your code:
Since recently AndStatus started to post client_id in the request body of the "Access Token Request", which is allowed according to the specification. But I see that your code, seeing this "client_id" in the body, doesn't even try to look in the header, where both client_id and client_secret, I think, are still present (I didn't change that). |
The PR is merged. It should work now again. |
I tested that I can add an account at pirati.ca (as a Mastodon Social Network). And can post... |
59.15 from fdroid seems to have issues adding Friendica 2022.12 accounts. Chose Mastodon, entered my instance name (loma.ml) and ended up with "entity could not be processed". Known problem?
The text was updated successfully, but these errors were encountered: