Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cannot connect to Office365 using the Azure Portal (AADSTS50011: The reply URL specified in the request does not match the reply URLs) #6

Closed
oanat opened this issue Apr 24, 2020 · 9 comments
Assignees
Milestone

Comments

@oanat
Copy link

oanat commented Apr 24, 2020

Steps to reproduce:

  • install the Office365 app on a local XWiki (I tested 11.9)
  • configure OAuth on the Azure Portal for localhost:
    ** register XWiki app:

RegisterAppStep2

** click on "Authentication">"Switch to the old experience"

** add the Redirect URI:
Screenshot 2020-04-24 at 15 23 59

** add Permissions:
AllPermissions

** Go to "Certificates and Secrets" and generate a New Client Secret

Result:
AADSTS50011: The reply URL specified in the request does not match the reply URLs configured for the application: 'a01b7f50-a47d-4ead-8c42-b707d9b37b56'.

@polx
Copy link

polx commented Sep 14, 2020

@oanat : It seems to me that the message is just indicating the redirect-URL is incorrect. Remember that the redirect URL is calculated in a possibly slightly different method that the browser. Using the network inspector allows you to read the parameters of the URLs to where the browser was sent.

@polx
Copy link

polx commented Sep 14, 2020

First, I noticed that there's more install instructions to include: Under authentication, some implicit grant flows need to be activated (ID-tokens).
I then emptied the set of possible web-sites from the authentication, then added again the web application with my xwiki URL.
I then could embed by URL.

We definitely have a weak documentation and probably a bug at MS.

@polx
Copy link

polx commented Sep 15, 2020

So, I could reproduce the bug and solved it by removing the part
+ "?state=${state}"
from the line 189 of /xwiki/bin/edit/Office365/Groovy?editor=wiki&force=1 (this needs superadmin).

I'll note that my installation procedure is as follows:

  • Azure AD: Register applications : Add application
    • web-app: insert your URL <....>/xwiki/bin/view/Office365/OAuth
  • back to Authentication: implicit grant: allow id-tokens
  • certificate and secrets: create secret and copy somewhere secure (it won't be shown anymore)
  • API permissions: it's enough to add: MS Graph: Delegated Permission: Files.ReadWrite, Sites.ReadWrite.All, User.Read: search and check checkboxes

Could you test this before I make a release or should I cut an RC?
I should also test as another user as the main user on the office tenancy.

I don't feel very confident with this app yet and the debug flag is on per default and seems to be horribly verbose to the user (but not to the admin!).

thanks

paul

@oanat
Copy link
Author

oanat commented Sep 15, 2020

@polx Thanks for the investigation. A release for RC would be best as we would have to test on some private environments as well.

polx added a commit that referenced this issue Sep 15, 2020
@polx polx self-assigned this Sep 15, 2020
@polx polx changed the title Cannot connect to Office365 using the Azure Portal Cannot connect to Office365 using the Azure Portal (AADSTS50011: The reply URL specified in the request does not match the reply URLs) Sep 16, 2020
polx added a commit that referenced this issue Sep 17, 2020
Cannot connect to Office365 using the Azure Portal (AADSTS50011: The reply URL specified in the request does not match the reply URLs) #6 should be fixed.
@polx polx added this to the 1.5 milestone Sep 17, 2020
@polx
Copy link

polx commented Sep 17, 2020

Hello @oanat ,
1.5-RC1 is released and should be accessible to you to test.
Please confirm.
paul

@oanat
Copy link
Author

oanat commented Sep 17, 2020

Great, thanks @polx !

@oanat
Copy link
Author

oanat commented Sep 17, 2020

@polx Looks better. I don't have any file inside my free Office365 account to test, however I can use the macro and search without any errors:
Screenshot 2020-09-17 at 16 56 01

@oanat
Copy link
Author

oanat commented Sep 29, 2020

I managed to make the search and all other features work with the 1.5-RC1 version of the app and my Azure configuration. The search did not seems to work when I was testing on localhost (so HTTP which is permitted by the Azure Portal). The search results were displayed correctly when I switched to a HTTPS wiki.

@polx
Copy link

polx commented Sep 29, 2020

Release 1.5 is ready and available with this fix. Thanks.

@polx polx closed this as completed Sep 29, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

2 participants