I have set up Google authoritative to allow for only a specific TLD to login, but I can't seem to adjust any permissions. How can I make a specific user a sysop? I want my user to to be sysop and EVERY other user to be read only with no access to special pages.
Extension talk:GoogleLogin
I have replicated this issue on two different system - one with MediaWiki 1.39.3 and one with 1.40.0 and both have the same issue: I get Error 500 whenever I upload a file or click on a file. If I comment out "wfLoadExtension( 'GoogleLogin' );" I no longer get Error 500.
Same problem on 1.39.8...
I was using extension:GoogleLogin very well.
But recently I recognized some error during account generation test and
[d43764523f7d0f77137e19b5] /w/index.php?title=%ED%8A%B9%EC%88%98:%EA%B3%84%EC%A0%95%EB%A7%8C%EB%93%A4%EA%B8%B0&returnto=%EB%8C%80%EB%AC%B8 Error from line 27 of /home/vince/www/w/extensions/GoogleLogin/includes/GoogleLogin.php: Class 'Google_Client' not found
All of these messages were shown. What can I do?
Can I use newer version of extension:GoogleLogin for MW 1.42?
This morning I started getting an error:
Oops, there was an error. Please go back and try again. Message: Cannot handle token prior to 2024-03-18T14:36:57+0000
According to everything I it's because the time synchronization on my server is off. I checked it against the google timesynch server and it's right on.
According to Stack Overlfow I can set some sort of leeway parameter that will allow some leeway in the time synchronization. Is there somewhere I can do that in this extension?
I found it in the file:
var/www/mediawiki/extensions/GoogleLogin/vendor/google/apiclient/src/AccessToken/Verify.php
modified:
$jwtClass::$leeway = 1;
to this:
$jwtClass::$leeway = 10;
After a few ten minutes after logging in, I log out.
The translatable messages of this extension mention Google+. I'm not an expert on this API, but from what I heard, the Google+ brand is retired. Is it still right to mention Google+ in the messages?
I believe you may be bold and provide a patch set removing Google+ from the messages.
It doesn't feel totally right... I could just replace "Google+" with "Google", but I'm not familiar at all with the API in question. Is it actually the same? Maybe the extension doesn't actually work with the current API? It's better if someone with relevant knowledge does it.
I was not sure about the exact message in question. Thank you for elaborating. Anyhow, it sounds like a task at Phabricator should be filed.
I am not sure if this extension is still being maintained, though. Moving to the PluggableAuth and OpenID Connect extension combo is probably better, but this is another story.
I created a google user account and submitted all the information, but I can't seem to use the Renameuser extension to rename the account without getting a login error. It gave me the account name Unknown user
I'm not sure if renaming users is possible once connected with SSO. I cannot tell, but I would not be surprised if it does not work and the error you are getting appears to support this.
You can’t sign in because this app sent an invalid request. You can try again later, or contact the developer about this issue. Learn more about this error
If you are a developer of this app, see error details.
Error 400: redirect_uri_mismatch
I set everything up according to the instructions provided
Did you localize the Redirect URI? You need to localize the namespace prefix if your instance is in whatever language. Another possible issue may be that you did not put the proper Redirce URI into your app configuration at Google.
That fixed it! Thanks
Getting this error after successful authentication.
Full stacktrace below.
Using:
MediaWiki version 1.37.2
PHP 7.4.28 (fpm-fcgi)
GoogleLogin: REL1_38 2022-08-31T06:12:06
I have found references to this sort of error as relating to a PHP version problem, but I don't want to jump into attempting to upgrade to PHP 8.1 as that may cause other problems. I have looked at earlier versions of the plugin but still see the keyword `static` used there. Not sure how to proceed. Any advice will be appreciated.
p.s. it may be relevant that I am not an experienced PHP developer (in case the solution is obvious to someone who is).
**************************
[148aa09dbbe238d574188361] /wiki/Special:UserLogin ParseError: syntax error, unexpected 'static' (T_STATIC)
Backtrace:
from /bitnami/mediawiki/extensions/GoogleLogin/vendor/psr/cache/src/CacheItemInterface.php(75)
#0 /opt/bitnami/mediawiki/vendor/composer/ClassLoader.php(428): Composer\Autoload\includeFile()
#1 [internal function]: Composer\Autoload\ClassLoader->loadClass()
#2 /bitnami/mediawiki/extensions/GoogleLogin/vendor/google/auth/src/Cache/Item.php(29): spl_autoload_call()
#3 /opt/bitnami/mediawiki/vendor/composer/ClassLoader.php(571): include(string)
#4 /opt/bitnami/mediawiki/vendor/composer/ClassLoader.php(428): Composer\Autoload\includeFile()
#5 [internal function]: Composer\Autoload\ClassLoader->loadClass()
#6 /bitnami/mediawiki/extensions/GoogleLogin/vendor/google/auth/src/Cache/MemoryCacheItemPool.php(62): spl_autoload_call()
#7 /bitnami/mediawiki/extensions/GoogleLogin/vendor/google/auth/src/Cache/MemoryCacheItemPool.php(45): Google\Auth\Cache\MemoryCacheItemPool->getItems()
#8 /bitnami/mediawiki/extensions/GoogleLogin/vendor/google/apiclient/src/AccessToken/Verify.php(194): Google\Auth\Cache\MemoryCacheItemPool->getItem()
#9 /bitnami/mediawiki/extensions/GoogleLogin/vendor/google/apiclient/src/AccessToken/Verify.php(105): Google\AccessToken\Verify->getFederatedSignOnCerts()
#10 /bitnami/mediawiki/extensions/GoogleLogin/vendor/google/apiclient/src/Client.php(814): Google\AccessToken\Verify->verifyIdToken()
#11 /bitnami/mediawiki/extensions/GoogleLogin/includes/Auth/GooglePrimaryAuthenticationProvider.php(414): Google\Client->verifyIdToken()
#12 /bitnami/mediawiki/extensions/GoogleLogin/includes/Auth/GooglePrimaryAuthenticationProvider.php(55): GoogleLogin\Auth\GooglePrimaryAuthenticationProvider->getVerifiedToken()
#13 /opt/bitnami/mediawiki/includes/auth/AuthManager.php(598): GoogleLogin\Auth\GooglePrimaryAuthenticationProvider->continuePrimaryAuthentication()
#14 /opt/bitnami/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(374): MediaWiki\Auth\AuthManager->continueAuthentication()
#15 /opt/bitnami/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(502): AuthManagerSpecialPage->performAuthenticationStep()
#16 /opt/bitnami/mediawiki/includes/htmlform/HTMLForm.php(718): AuthManagerSpecialPage->handleFormSubmit()
#17 /opt/bitnami/mediawiki/includes/specialpage/AuthManagerSpecialPage.php(435): HTMLForm->trySubmit()
#18 /opt/bitnami/mediawiki/includes/specialpage/LoginSignupSpecialPage.php(318): AuthManagerSpecialPage->trySubmit()
#19 /opt/bitnami/mediawiki/includes/specialpage/SpecialPage.php(647): LoginSignupSpecialPage->execute()
#20 /opt/bitnami/mediawiki/includes/specialpage/SpecialPageFactory.php(1366): SpecialPage->run()
#21 /opt/bitnami/mediawiki/includes/MediaWiki.php(314): MediaWiki\SpecialPage\SpecialPageFactory->executePath()
#22 /opt/bitnami/mediawiki/includes/MediaWiki.php(930): MediaWiki->performRequest()
#23 /opt/bitnami/mediawiki/includes/MediaWiki.php(564): MediaWiki->main()
#24 /opt/bitnami/mediawiki/index.php(53): MediaWiki->run()
#25 /opt/bitnami/mediawiki/index.php(46): wfIndexMain()
#26 {main}
Hello! The issue is because a dependency, psr-cache is being upgraded with PHP8 type annotation. To make it work, you can simply remove all these annotations. For reference, you can change the file to this version: /php-fig/cache/blob/1802493cb2032e070c30d6dbe091ce7edf5d5231/src/CacheItemInterface.php on GitHub
(I could not paste the full link since the spam filter won't let me post, sorry)
could you please elaborate on this. thank you
Hello! I turned on GoogleLogin capabilities shortly after creating a wiki. When I did so, the user I first created on install didn't have my email on it. Now I can't log in to that user while GoogleLogin is enabled, and my google user doesn't have admin privileges. I can't even use the UserRights special page because the @ symbol makes it think I'm going to a different wiki.
So even if I do turn off GoogleLogin for now, I still can't add that user as an Admin. And since the user was created I can't delete it and add the email to my user to "recreate"/link my google user to my admin account.
All of this to effectively say there is no admin on my wiki now as long as GoogleLogin is active. And one of the things I want to be able to do is restrict page creation for non admins.
Any help would be appreciated.