The other side of this is for site builders. Will we get stuck on older versions of CMS because a module we're using doesn't get updated, as was frequently the case back in Drupal 5, 6, 7? I would like to see a category of contributed modules that includes some kind of guarantee that they will get updated along with Core releases and will not be abandoned. Indeed, I believe this is necessary for the long term success of Drupal-CMS.
The implications of this is that there needs to be some sort of committee, that would define a process so that if a developer is no longer able to maintain a module, they can facilitate finding someone else who will. This along with #6 above.
Success!! Patch -2 worked. Patch -3 resulted in "Invalid State".
I agree with your logic for Patch -3, if a "me" is returned then check to see if it matches.
I will continue to engage the discussion group about what is the correct thing here:
On a token request Post
- Is "me" required?
- Is "me" optional?
- Is "me" not allowed?
Thanks once again for your quick turn around on this.
Just installed 1.2.6 - Success!! Thank you for the quick turn around on this.
Just tried 1.2.5 . Still getting this
Problem 1
- ext-sodium is present at version 8.3.16 and cannot be modified by Composer
- Root composer.json requires drupal/indieweb ^1.25 -> satisfiable by drupal/indieweb[1.25.0].
- drupal/indieweb[1.25.0] cannot be installed as that would require removing ext-sodium[8.3.16]. drupal/indieweb replaces ext-sodium and thus cann
ot coexist with it.My php info shows
sodium support enabled
libsodium headers version 1.0.18
libsodium library version 1.0.18
Let me know if there is something else you'd like me to check.
Sorry,
my initial comment said you had to change your .info.yml file for D11, but that's not correct as Composer doesn't look at that. Its your composer.json that will need
"require": {
"drupal/core": "^10.3 || ^11"
},For D11. But I noticed most contrib modules do not declare a dependency on core in their composer.json files, so maybe you can just leave it out.
I will try installing the Dev release soon. Thanks.
I couldn't install dev either
composer require 'drupal/indieweb:1.x-dev@dev'
Problem 1
- ext-sodium is present at version 8.3.16 and cannot be modified by Composer
- Root composer.json requires drupal/indieweb 1.x-dev@dev -> satisfiable by drupal/indieweb[1.x-dev (alias of dev-1.x)].
- drupal/indieweb 1.x-dev is an alias of drupal/indieweb dev-1.x and thus requires it to be installed too.
- drupal/indieweb[dev-1.x, 1.x-dev] cannot be installed as that would require removing ext-sodium[8.3.16]. drupal/indieweb replaces ext-sodium and thus cannot coexist with it.As near as I can tell sodium is not a PHP module, but is baked in to PHP 8.3
This seems to work
protected function retrieveUncachedJwks(string $url) {
$local_path = $this->generateLocalCachePath($url);
$data = (string) \Drupal::httpClient()->get($url)->getBody();
dpm($data);
$file = \Drupal::service('file.repository')->writeData($data, $local_path, FileSystemInterface::EXISTS_REPLACE);
return $file->getFileUri();
/** @noinspection PhpUnnecessaryLocalVariableInspection
$saved_path =
system_retrieve_file(
$url,
$local_path,
FALSE,
FileSystemInterface::EXISTS_REPLACE
);
return $saved_path;
*/
}
I got it working with one mod
src/Plugin/Oauth2Client/Oauth2ClientPluginBase.php
public function getProvider(): AbstractProvider {
return new GenericProvider(
[
...
'pkceMethod' => \League\OAuth2\Client\Provider\GenericProvider::PKCE_METHOD_S256,
],However I am not storing and retrieving the code as per the documentation
From the documentation - https://oauth2-client.thephpleague.com/usage/
$provider = new \League\OAuth2\Client\Provider\GenericProvider([
// ...
// other options
// ...
'pkceMethod' => \League\OAuth2\Client\Provider\GenericProvider::PKCE_METHOD_S256
]);The PKCE code needs to be used between requests and therefore be saved and restored, usually via the session. In the example above this is done as follows:
// Store the PKCE code after the `getAuthorizationUrl()` call.
$_SESSION['oauth2pkceCode'] = $provider->getPkceCode();
// ...
// Restore the PKCE code before the `getAccessToken()` call.
$provider->setPkceCode($_SESSION['oauth2pkceCode']);