Leaked Metadata

Issue created by @frymorgan
Comment over 1 year ago →
🇺🇸United States frymorgan
Patch to the above effect.

🇦🇺Australia imclean Tasmania

+++ b/src/Controller/MsLoginController.php
@@ -44,7 +44,7 @@ class MsLoginController extends ControllerBase {
   public function login() {
     $authorizationUrl = $this->azureProvider->getAuthorizationUrl([
-      'redirect_uri' => Url::fromRoute('phpmailer_oauth2.settings')->setAbsolute()->toString(),
+      'redirect_uri' => Url::fromRoute('phpmailer_oauth2.settings')->setAbsolute()->toString(TRUE),
       'scope' => $this->azureProvider->scope,
     ]);

Is the return type the same? Or should it be:

'redirect_uri' => Url::fromRoute('phpmailer_oauth2.settings')->setAbsolute()->toString(TRUE)->getGeneratedUrl()

Comment over 1 year ago →
🇦🇺Australia imclean Tasmania
Comment over 1 year ago →
🇺🇸United States frymorgan
Is the return type the same? Or should it be:

'redirect_uri' => Url::fromRoute('phpmailer_oauth2.settings')->setAbsolute()->toString(TRUE)->getGeneratedUrl()

toString(TRUE) returns a genreatedURL type, appending getGeneratedUrl() will return a string.

NB, the previous version (before the change in #3316295), after this patch also works. (Drupal 9.5, PHP 8.1)

With redirect_uri' => Url::fromRoute('phpmailer_oauth2.settings')->setAbsolute()->toString(TRUE)->getGeneratedUrl(), Azure returns an error because /admin/config/system/phpmailer-oauth2 is not the callback url defined in the Azure app.
Comment over 1 year ago →
🇦🇺Australia imclean Tasmania
Url::toString(TRUE) returns a GeneratedUrl object, appending getGeneratedUrl() will return a string.

Which is what is returned without this patch.

With redirect_uri' => Url::fromRoute('phpmailer_oauth2.settings')->setAbsolute()->toString(TRUE)->getGeneratedUrl(), Azure returns an error because /admin/config/system/phpmailer-oauth2 is not the callback url defined in the Azure app.

How does adding "TRUE" fix the error? It's the same (incorrect?) route being returned, just as a GeneratedUrl object instead of a string.
Status changed to Needs review over 1 year ago9:34pm 6 June 2023
Comment over 1 year ago →
🇨🇦Canada Nathan Tsai
Increasing the priority of this issue to "Major" because the module is currently unusable without a workaround.

I got the same error as above, but applying the patch allowed me to successfully generate the tokens:

Auth token retrieved.
Access token retrieved.
Refresh token retrieved.

I have no clue why returning a GeneratedUrl fixes the bug, though, hence the "Needs Review" status.

@frymorgan, perhaps you can speak more about this issue?
Comment over 1 year ago →
System Message

imclean → committed 6639991f on 1.0.x authored by frymorgan →
Issue #3344088 by frymorgan: Leaked Metadata
Status changed to Fixed over 1 year ago11:30pm 6 June 2023
Comment over 1 year ago →
🇦🇺Australia imclean Tasmania
the module is currently unusable without a workaround.

I don't fully understand why as we've used this module in the past without it. That said, it works for at least 2 people so I've committed it.
Comment over 1 year ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.
Status changed to Fixed about 1 year ago1:48pm 16 October 2023
Comment about 1 year ago →
🇺🇸United States frymorgan
Is the return type the same? Or should it be:

'redirect_uri' => Url::fromRoute('phpmailer_oauth2.settings')->setAbsolute()->toString(TRUE)->getGeneratedUrl()

Using getGeneratedUrl() is correct after all. Problem was the route should be phpmailer_oauth2.aad_callback, not phpmailer_oauth2.settings.

As it stands, it does not insert a redirect_url into the response at all, which works if the Azure app has only one Redirect URI.

Problem/Motivation

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

Comments & Activities