Yes. When I tried with the original 'request token URL', OM redirect to an ''internal error page''. 🙁 I have take the another URL on ''google identity platform'' page.
________________________________ De : Maxim Solodovnik <[email protected]> Envoyé : lundi 30 mars 2020 09:54 À : Openmeetings user-list <[email protected]> Objet : Re: google oauth2 error Well It seems you have changed "Request token URL" to inaccessible URL https://www.googleapis.com/oauth2/token originally was https://accounts.google.com/o/oauth2/token On Mon, 30 Mar 2020 at 16:41, Ruben ALLITTEH <[email protected]<mailto:[email protected]>> wrote: catalina.out file DEBUG 03-30 08:31:53.284 o.a.o.w.c.OmWebSocketPanel:63 [io-5443-exec-16] - Sending WebSocket PING DEBUG 03-30 08:32:21.174 o.a.o.w.p.a.SignInPage:174 [io-5443-exec-14] - redirectUrl=https://accounts.google.com/o/oauth2/auth?redirect_uri=https%3A%2F%2Fmedia.trstech.net%3A5443%2Fopenmeetings%2Foauth%2F2&response_type=code&client_id=oooooooo.apps.googleusercontent.com&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile DEBUG 03-30 08:32:21.771 o.a.o.w.p.a.SignInPage:96 [io-5443-exec-12] - OAuthServer=OAuthServer [id=2, name=Google, iconUrl=https://www.google.com/images/google_favicon_128.png, enabled=true, clientId=oooooooo.apps.googleusercontent.com<http://oooooooo.apps.googleusercontent.com>, clientSecret=**************, requestKeyUrl=https://accounts.google.com/o/oauth2/auth?redirect_uri={$redirect_uri}&response_type=code&client_id={$client_id}&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile<https://accounts.google.com/o/oauth2/auth?redirect_uri=%7B$redirect_uri%7D&response_type=code&client_id=%7B$client_id%7D&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile>, requestTokenUrl=https://www.googleapis.com/oauth2/token, requestTokenAttributes=code={$code}&client_id={$client_id}&client_secret={$client_secret}&redirect_uri={$redirect_uri}&grant_type=authorization_code, requestTokenMethod=POST, requestInfoUrl=https://www.googleapis.com/oauth2/v1/userinfo?access_token={$access_token}<https://www.googleapis.com/oauth2/v1/userinfo?access_token=%7B$access_token%7D>, mapping={firstname=given_name, address.email=email, login=email, lastname=family_name}, isDeleted()=false] DEBUG 03-30 08:32:21.771 o.a.o.w.p.a.SignInPage:104 [io-5443-exec-12] - OAuth response code=4/yAHRB1V3MhQcAL-_SQNz8P84Txo7Qq8bWZit0YQbDljbqGLohW8xO_VFK9JZ8_IhuceRYy3JOqxlKKO0Kx0HEtM ERROR 03-30 08:32:21.835 o.a.o.w.p.a.SignInPage:116 [io-5443-exec-12] - OAuth2 login error java.io.FileNotFoundException: https://www.googleapis.com/oauth2/token at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1915) at java.base/sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1515) at java.base/sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:250) at org.apache.openmeetings.web.pages.auth.SignInPage.getToken(SignInPage.java:268) at org.apache.openmeetings.web.pages.auth.SignInPage.<init>(SignInPage.java:105) at jdk.internal.reflect.GeneratedConstructorAccessor632.newInstance(Unknown Source) at java.base/jdk.internal.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.base/java.lang.reflect.Constructor.newInstance(Constructor.java:490) at org.apache.wicket.session.DefaultPageFactory.newPage(DefaultPageFactory.java:171) at org.apache.wicket.session.DefaultPageFactory.newPage(DefaultPageFactory.java:99) at org.apache.wicket.DefaultMapperContext.newPageInstance(DefaultMapperContext.java:94) at org.apache.wicket.core.request.handler.PageProvider$Provision.getPage(PageProvider.java:369) at org.apache.wicket.core.request.handler.PageProvider.getPageInstance(PageProvider.java:170) at org.apache.wicket.request.handler.render.PageRenderer.getPage(PageRenderer.java:78) at org.apache.wicket.request.handler.render.WebPageRenderer.respond(WebPageRenderer.java:231) at org.apache.wicket.core.request.handler.RenderPageRequestHandler.respond(RenderPageRequestHandler.java:202) at org.apache.wicket.request.cycle.RequestCycle$HandlerExecutor.respond(RequestCycle.java:917) at org.apache.wicket.request.RequestHandlerExecutor.execute(RequestHandlerExecutor.java:63) at org.apache.wicket.request.cycle.RequestCycle.execute(RequestCycle.java:283) at org.apache.wicket.request.cycle.RequestCycle.processRequest(RequestCycle.java:254) at org.apache.wicket.request.cycle.RequestCycle.processRequestAndDetach(RequestCycle.java:222) at org.apache.wicket.protocol.ws.AbstractUpgradeFilter.processRequestCycle(AbstractUpgradeFilter.java:71) at org.apache.wicket.protocol.http.WicketFilter.processRequest(WicketFilter.java:207) at org.apache.wicket.protocol.http.WicketFilter.doFilter(WicketFilter.java:300) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:202) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:96) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:607) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:139) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:678) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:74) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:343) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:408) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:66) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:853) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1587) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128) at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.base/java.lang.Thread.run(Thread.java:834) ________________________________ De : Maxim Solodovnik <[email protected]<mailto:[email protected]>> Envoyé : lundi 30 mars 2020 09:23 À : Openmeetings user-list <[email protected]<mailto:[email protected]>> Objet : Re: google oauth2 error This usually mean there are FS permissions issue Please check catalina.out (if it is up-to-date) :) On Mon, 30 Mar 2020 at 16:22, Ruben ALLITTEH <[email protected]<mailto:[email protected]>> wrote: I don't have 'openmeetings.log' on my server. I just have 'catalina.log', 'manager.log', 'access.log' ________________________________ De : Maxim Solodovnik <[email protected]<mailto:[email protected]>> Envoyé : lundi 30 mars 2020 08:55 À : Openmeetings user-list <[email protected]<mailto:[email protected]>> Objet : Re: google oauth2 error I believe you need to check `openmeetings.log` instead of `access log` (share with care, might contain sensitive info) On Mon, 30 Mar 2020 at 15:51, Ruben ALLITTEH <[email protected]<mailto:[email protected]>> wrote: openmeetings access log when I tried to connect with google [30/Mar/2020:08:31:53 +0000] "GET /openmeetings/?2-1.0-main~container-main-ws~panel&_=1585556656659 HTTP/1.1" 200 254 [30/Mar/2020:08:32:21 +0000] "POST /openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage?5-1.-signin-signin&code=4/yAHgY9d6rq0pQglpTuTnolJVRiwPL7k2WVsASikk3omcolBKbQqS4lH2U6HmRGGOsrMLs1YsBYUR1d4GakgBMXk&scope=email+profile+https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile+openid&authuser=0&prompt=none&oauthid=2 HTTP/1.1" 302 - [30/Mar/2020:08:32:21 +0000] "GET /openmeetings/oauth/2?code=4/yAHRB1V3MhQcAL-_SQNz8P84Txo7Qq8bWZit0YQbDljbqGLohW8xO_VFK9JZ8_IhuceRYy3JOqxlKKO0Kx0HEtM&scope=email+profile+https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile+openid&authuser=0&prompt=none HTTP/1.1" 200 18243 [30/Mar/2020:08:32:22 +0000] "GET /openmeetings/css/custom.css HTTP/1.1" 304 - [30/Mar/2020:08:32:22 +0000] "GET /openmeetings/css/theme_om/jquery-ui.min.css HTTP/1.1" 200 31071 [30/Mar/2020:08:32:22 +0000] "GET /openmeetings/css/theme.min.css HTTP/1.1" 200 45367 [30/Mar/2020:08:32:22 +0000] "GET /openmeetings/wicket/resource/com.googlecode.wicket.kendo.ui.resource.KendoUIJavaScriptResourceReference/kendo.ui.core.min.js.map HTTP/1.1" 304 - [30/Mar/2020:08:32:22 +0000] "GET /openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage?6--forget-form-captcha-captcha&code=4/yAHRB1V3MhQcAL-_SQNz8P84Txo7Qq8bWZit0YQbDljbqGLohW8xO_VFK9JZ8_IhuceRYy3JOqxlKKO0Kx0HEtM&scope=email+profile+https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile+openid&authuser=0&prompt=none&oauthid=2 HTTP/1.1" 200 28265 [30/Mar/2020:08:32:22 +0000] "GET /openmeetings/css/images/logo.png HTTP/1.1" 304 - [30/Mar/2020:08:32:22 +0000] "GET /openmeetings/css/theme_om/images/ui-icons_3d80b3_256x240.png HTTP/1.1" 304 - [30/Mar/2020:08:32:23 +0000] "GET /openmeetings/wicket/resource/com.googlecode.wicket.kendo.ui.theme.Initializer/kendo.default.mobile.min.css.map HTTP/1.1" 304 - [30/Mar/2020:08:32:23 +0000] "GET /openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage?6-1.0-&code=4/yAHRB1V3MhQcAL-_SQNz8P84Txo7Qq8bWZit0YQbDljbqGLohW8xO_VFK9JZ8_IhuceRYy3JOqxlKKO0Kx0HEtM&scope=email+profile+https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile+openid&authuser=0&prompt=none&oauthid=2&code%3D4=yAHRB1V3MhQcAL-_SQNz8P84Txo7Qq8bWZit0YQbDljbqGLohW8xO_VFK9JZ8_IhuceRYy3JOqxlKKO0Kx0HEtM&scope%3Demail%2Bprofile%2Bhttps%3A=%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email%2Bhttps%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile%2Bopenid&authuser%3D0=&prompt%3Dnone=&_=1585557141478 HTTP/1.1" 200 80 [30/Mar/2020:08:32:23 +0000] "GET /openmeetings/wicket/bookmarkable/org.apache.openmeetings.web.pages.auth.SignInPage?6-1.0-signin&code=4/yAHRB1V3MhQcAL-_SQNz8P84Txo7Qq8bWZit0YQbDljbqGLohW8xO_VFK9JZ8_IhuceRYy3JOqxlKKO0Kx0HEtM&scope=email+profile+https://www.googleapis.com/auth/userinfo.email+https://www.googleapis.com/auth/userinfo.profile+openid&authuser=0&prompt=none&oauthid=2&navigatorAppName=Netscape&navigatorAppVersion=5.0%20(Windows)&navigatorAppCodeName=Mozilla&navigatorCookieEnabled=true&navigatorJavaEnabled=false&navigatorLanguage=fr&navigatorPlatform=Win32&navigatorUserAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A74.0)%20Gecko%2F20100101%20Firefox%2F74.0&screenWidth=1536&screenHeight=864&screenColorDepth=24&utcOffset=0&utcDSTOffset=0&browserWidth=1536&browserHeight=539&hostname=media.trstech.net&codebase=https%3A%2F%2Fmedia.trstech.net%3A5443%2Fopenmeetings%2Foauth%2F2&settings=%5Bobject%20Object%5D&_=1585557141479 HTTP/1.1" 200 80 [30/Mar/2020:08:32:23 +0000] "GET /openmeetings/?2-1.0-main~container-main-ws~panel&_=1585556656660 HTTP/1.1" 200 254 Cordialement, Ruben ALLITTEH ________________________________ De : Maxim Solodovnik <[email protected]<mailto:[email protected]>> Envoyé : dimanche 29 mars 2020 00:18 À : Openmeetings user-list <[email protected]<mailto:[email protected]>> Objet : Re: google oauth2 error Hello, Google OAuth works on demo https://om.alteametasoft.com:8443/next/ Can you check openmeetings.log? On Sat, 28 Mar 2020 at 21:57, Ruben ALLITTEH <[email protected]<mailto:[email protected]>> wrote: Hello ! I’m trying to configure oauth2 google for openmeetings 5.0.0-M2 I have activated ID client oauth2 with client ID and secret. However authentication don’t working, once you are authenticated with google oauth2, openmeetings redirect to the sign-in page My current configuration Name : Google Client_id : ooooooooooooooooooooooooooo Client_secret : **************** Redirect_URI : https://media.trstech.net:5443/openmeetings/oauth/2 Request Key URL : https://accounts.google.com/o/oauth2/auth?redirect_uri={$redirect_uri}&response_type=code&client_id={$client_id}&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile<https://accounts.google.com/o/oauth2/auth?redirect_uri=%7b$redirect_uri%7d&response_type=code&client_id=%7b$client_id%7d&scope=https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.email+https%3A%2F%2Fwww.googleapis.com%2Fauth%2Fuserinfo.profile> Request token URL : https://oauth2.googleapis.com/tokeninfo?id_token={$code}&client_id={$client_id}&client_secret={$client_secret}&redirect_uri={$redirect_uri}&grant_type=authorization_code<https://oauth2.googleapis.com/tokeninfo?id_token=%7b$code%7d&client_id=%7b$client_id%7d&client_secret=%7b$client_secret%7d&redirect_uri=%7b$redirect_uri%7d&grant_type=authorization_code> Request token attributes : code={$code}&client_id={$client_id}&client_secret={$client_secret}&redirect_uri={$redirect_uri}&grant_type=authorization_code Request info URL : https://www.googleapis.com/auth/userinfo?access_token={$access_token}<https://www.googleapis.com/auth/userinfo?access_token=%7b$access_token%7d> Have anyone running google oauth2 with OM 5.0.0-M2 ? -- WBR Maxim aka solomax -- WBR Maxim aka solomax -- WBR Maxim aka solomax -- WBR Maxim aka solomax
