When I try from my Office365 account it works fine but when some clients try to login

<div class="snippet-clipboard-content notranslate position-relative overflow-auto" data-snippet-clip

Exception is raised by the ->user() method. <p

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

Found a fix for my issue, based on this: <a href="https://stackoverflow.com/a/38754821

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

Microsoft provider generates error for only some users - error AADSTS900144 about providers HOT 10 CLOSED

thepartnership-suman commented on September 26, 2024 2

Microsoft provider generates error for only some users - error AADSTS900144

from providers.

Comments (10)

ivalkenburg commented on September 26, 2024 1

{"error":"invalid_request","error_description":"AADSTS900144: The request body must contain the following parameter: 'code'. Trace ID: 2a44b1bc-f60b-405a-aa21-1397c4bbc200 Correlation ID: a585739a-1c4f-4cca-b318-08ffc71b95fd Timestamp: 2023-11-23 14:13:09Z","error_codes":[900144],"timestamp":"2023-11-23 14:13:09Z","trace_id":"2a44b1bc-f60b-405a-aa21-1397c4bbc200","correlation_id":"a585739a-1c4f-4cca-b318-08ffc71b95fd","error_uri":"https://login.microsoftonline.com/error?code=900144"}

is the full untruncated response i get back. This happens even though all the necessary is entered. This happens to some users, even using the same credentials.

from providers.

dallyger commented on September 26, 2024 1

Exception is raised by the ->user() method.

Dump of the full request:

GuzzleHttp\Psr7\Request {#313 ▼ // app/Http/Controllers/AuthController.php:29
  -method: "POST"
  -requestTarget: null
  -uri: GuzzleHttp\Psr7\Uri {#309 ▼
    -scheme: "https"
    -userInfo: ""
    -host: "login.microsoftonline.com"
    -port: null
    -path: "/common/oauth2/v2.0/token"
    -query: ""
    -fragment: ""
    -composedComponents: "https://login.microsoftonline.com/common/oauth2/v2.0/token"
  }
  -headers: array:4 [▼
    "User-Agent" => array:1 [▼
      0 => "GuzzleHttp/7"
    ]
    "Content-Type" => array:1 [▼
      0 => "application/x-www-form-urlencoded"
    ]
    "Host" => array:1 [▼
      0 => "login.microsoftonline.com"
    ]
    "Accept" => array:1 [▼
      0 => "application/json"
    ]
  ]
  -headerNames: array:4 [▼
    "user-agent" => "User-Agent"
    "content-type" => "Content-Type"
    "host" => "Host"
    "accept" => "Accept"
  ]
  -protocol: "1.1"
  -stream: GuzzleHttp\Psr7\Stream {#311 ▼
    -stream: stream resource @8 ▼
      wrapper_type: "PHP"
      stream_type: "TEMP"
      mode: "w+b"
      unread_bytes: 0
      seekable: true
      uri: "php://temp"
      options: []
    }
    -size: 219
    -seekable: true
    -readable: true
    -writable: true
    -uri: "php://temp"
    -customMetadata: []
  }
}

Request body dump (truncated):

"grant_type=authorization_code&client_id=...&client_secret=...&redirect_uri=...&scope=User.Read ◀" // app/Http/Controllers/AuthController.php:29

from providers.

SwithFr commented on September 26, 2024

Same for me !

from providers.

ivalkenburg commented on September 26, 2024

I got the same issue, and i have no clue why this is happening with some users.

Im at the point im just going to ditch this code and do my own implementation.

from providers.

atymic commented on September 26, 2024

Can you log the request query params? I'm using the provider in prod without issues.
Is it only happening for some users?

from providers.

thepartnership-suman commented on September 26, 2024

@atymic yes it is only happening for some users. how do I log the query params? I only do Socialite::driver($provider)->redirect();

from providers.

dallyger commented on September 26, 2024

Same issue here. was working yesterday, then it stopped working.

@atymic if I run dd($request->getUri()), I receive the following dump:

GuzzleHttp\Psr7\Uri {#309 ▼ // app/Http/Controllers/AuthController.php:28
  -scheme: "https"
  -userInfo: ""
  -host: "login.microsoftonline.com"
  -port: null
  -path: "/common/oauth2/v2.0/token"
  -query: ""
  -fragment: ""
  -composedComponents: "https://login.microsoftonline.com/common/oauth2/v2.0/token"
}

It seems like, there is no query attached at all.

from providers.

dallyger commented on September 26, 2024

Found a fix for my issue, based on this: https://stackoverflow.com/a/38754821/9337116

I've renamed the config option services.microsoft.tenant to services.microsoft.tenant_id in config/services.php for another Service and forgot, that it is used for this Provider too. Therefore it has used the fallback common instead of the real tenant id.

Reverting that back to the original name, fixed it in my case. So probably it is just a missing (but documented as optional) tenant id.

from providers.

atymic commented on September 26, 2024

@dallyger could you PR a fix to the docs? Thanks!

from providers.

dallyger commented on September 26, 2024

@atymic this is a fix for my specific use-case (just login, single tenant, no other features used). I do not really understand what is going on here, just that it works in my case. That is probably not enough to submit a PR.
However, I've tried to look into it and stumbled upon this comment (#1029 (comment)) in another issue.
It seems like that one commit from it (SocialiteProviders/Microsoft@ed3fd7f) is the exact changes you'd want. But cannot really confirm due to lack in knowledge. Maybe you can cherry-pick that?

from providers.

Microsoft provider generates error for only some users - error AADSTS900144 about providers HOT 10 CLOSED

Comments (10)

Related Issues (20)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent