Lost session after Google Auth redirect

I have just started developing a plugin that allows users to login via google accounts. And now I have an error. Once the user authenticates through the google account, after redirecting to the landing page or account dashboard, the login session is lost and the user continues to be redirected back to the login page.
Git source here
Please help me fix this.
Thank you.

I have checked how the registerUserSession of the Validation class function works , and found it unusual that with the regular login method, after calling SessionManager::getManager(), the session_status() function will return PHP_SESSION_ACTIVE, but for with a redirect from google oauth, then after calling SessionManager::getManager(), the session_status() function will return PHP_SESSION_NONE, which seems that the session was not working properly.
Can someone help me to solve this problem, please.
Thank.

1 Like

Hi @taphuocanh,

I developed an OpenID Plugin (https://github.com/leibniz-psychology/openid) which I wanted to put into the Plugin gallery in the next days. It supports Google, Microsoft, AppleID, Orcid and a custom provider like Keycloak. Feel free to test it. It currently supports OJS/OPS/OMP 3.2 and 3.3.

Regards,
Ronny

1 Like

Hi @RBoelter
It’s a wonderful plugin. I have tested it with OJS 3.2.1.2 and could configure it easily with google and orcid. Yet, I have trouble with the Microsoft and apple configuration. I manage to set up OAuth with Microsoft azure yet it gives me the error and could not use to login.

But the most important question I want to ask is:
If an author doesn’t want to register using any of these registering options but creating an account through the normal registering process; Can the author register without using the Oauth ID configured options?
Because I could not see if the author is allowed to register otherwise.
see the website where I have enabled the plugin: Register | Basic Journal of Management Extended

Thanks

Hello @seisense,

you are right, at the moment it is only possible to register using an OpenID provider. I forgot to implement the default registration because our use case is that our users need to register via our keycloak, but I think I should re-enable the default registration as well. I will fix this as soon as possible before I put the plugin in the gallery.

Hi @RBoelter ,
OJS: 3.3.0.3
Php: 7.4.15
Just wanted to highlite an issue here regarding the Oauth Plugin
When I use the signin with google option.
1

It does not allow the user to register as a reviewer because that option does not appear. Yet when the author use the option " Register Account (without Oauth), this option appears as below. See the screenshot below:
2

Thanks and looking forward to the fix.

Hi @seisense,

thanks for reporting. I will fix this as soon as possible.
I will also check the PHP warning you sent me via PM.

Hi,

Release Release for OJS/OMP/OPS 3.3.0-x · leibniz-psychology/openid · GitHub should solve all issues. :wink:

1 Like

@RBoelter ,
I have upgraded to OJS 3.3.0.5 and now I found the following PHP Fatal and warnings:

[15-Apr-2021 15:48:06 Asia/Riyadh] PHP Warning:  require(plugins/generic/openid/vendor/autoload.php): failed to open stream: No such file or directory in /home/seisense/journal.seisense.com/plugins/generic/openid/handler/OpenIDHandler.inc.php on line 3
[15-Apr-2021 15:48:06 Asia/Riyadh] PHP Fatal error:  require(): Failed opening required 'plugins/generic/openid/vendor/autoload.php' (include_path='.:/opt/alt/php74/usr/share/pear') in /home/seisense/journal.seisense.com/plugins/generic/openid/handler/OpenIDHandler.inc.php on line 3

This might need your attention.
Thanks

Hi @seisense,
unfortunately, I cannot reproduce this issue because everything works on my 3.3.0.5 test system. I tested it manually and the CI test looks also fine. (Actions · leibniz-psychology/openid · GitHub). It seems that the vendor folder or vendor/autoload.php is missing in your plugin folder, could you please check this? The vendor folder should be in the plugins/generic/openid/.

@RBoelter
Yes, vendor folder is missing from the plugin. I updated the OJS from cPanel with Softaculous. Before the update it was working fine. What should I do now?
Thanks

@seisense You can download the latest version from github (Release Release for OJS/OMP/OPS 3.3.0-x · leibniz-psychology/openid · GitHub) (.tar.gz) and extract it to your plugins/generic folder or reinstall it via website -> plugins. I don`t know what happened during the update process, but it seems that Softaculous deleted this folder. The problem is that I have to use phpseclib to parse the JWT certificate, and this lib is included via composer, therefore the vendor folder is mandatory.

@RBoelter , thanks for the support. I have upgraded the plugin from within OJS and it has resolved the issue now.
Thanks once again for your positive and prompt support.

1 Like