- πͺπΈSpain guardiola86
The latest merge request patch didn't work for me with version 5.2.3, so I'm using dev version with the latest commit for now.
Simple OAuth requires you to create public.key and private.key files. The League/OAuth2 library it uses requires those to have permissions of 400, 440, 600, or 660. This can cause issues in rare situations where setting the files to one of those permissions isn't possible.
For example when using Pantheon, the module lets you generate the keys in the sites/default/files/private directory, and tries to set them to 600, but something on the host side is enforcing a different and non-compatible set of file permissions. If you know what you're doing, and are comfortable for whatever reason bypassing these permissions it would be nice if there was a setting to be able to do.
Add a service container configuration flag:
parameters: simple_oauth.config: bypass_key_permission_check_UNSAFE: true
This keeps the option relatively hidden, people will likely try and resolve it by doing the correct thing first and change file permissions. But, if that's not an option and they start digging into the code to see if there's a setting or something (like I did) they're will be. Woot!
Then, when it's set, anytime we use either the private or public key in a way that would cause \League\OAuth2\Server\CryptKey to trigger it's permissions check, instead create our own instance of \League\OAuth2\Server\CryptKey and set the "check permissions" constructor argument to false.
It looks like were we currently pass the path to the key file, you can also pass an instance of \League\OAuth2\Server\CryptKey instead.
Fixed
5.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
The latest merge request patch didn't work for me with version 5.2.3, so I'm using dev version with the latest commit for now.