Oauth plugin wrong callback url

Feedback
1

Hi all,

I’m on 2019.12 NG-Client running on Tomcat 9 Ubuntu trying to authorise my users to send email via their google-based email accounts. I’m using the oauth plugin. Servoy connects to Google, shows the authorisation screen, but then the user clicks to allow, the Google redirects to a URL with one extra level in it:

https://<mydomain>:8443/<mysolution>/<mysolution>/solutions/<mysolution>/index.html?code=<some_very_long_code>&scope=https://mail.google.com/&https:=&<mydomain>:8443=<mysolution>&solutions=<mysolution>&m=google_oauth_callback

It should be

https://<mydomain>:8443/<mysolution>/solutions/...

So Tomcat throws an error because the url is not valid.

The code is:

function authorise_sending_email() {
	plugins.oauth.serviceBuilder(CLIENT_ID)
	.clientSecret(CLIENT_SECRET)
	.deeplink('google_oauth_callback')
	.callback(google_oauth_callback, 30)
	.scope('https://mail.google.com/')
	.build(plugins.oauth.OAuthProviders.GOOGLE);
}

Any idea of where I may have gone wrong?

2

That’s weird.
What does
application.getServerURL()
return?

3

Did you set anything for servoy.context.path on the admin page?

4

emera:
Did you set anything for servoy.context.path on the admin page?

I have left it blank because I could not find out what to put in there.

5

emera:
That’s weird.
What does
application.getServerURL()
return?

Thanks for the leads.
I need to wait until the users have stopped working before I can deploy a version where I get the value of application.getServerURL();

6

swingman:

emera:
Did you set anything for servoy.context.path on the admin page?

I have left it blank because I could not find out what to put in there.

You don’t have to put anything in there, we were wondering where does the duplicated path come from…

7

application.getServerURL() gives the exact context on the Tomcat server:

https://<domain>:8443/<solution-name>/

The solution is on:

https://<domain>:8443/<solution-name>/solutions/<solution-name>
8

I renamed my .war file to something different than my solution name and tried authenticating.
Still got the war name twice in the callback url…

https://<domain>:8443/ANYTHING/ANYTHING/solutions/<solution-name>
9

we finally found the problem, created a case for it https://support.servoy.com/browse/SVY-14985

it was a redirect problem of deeplink urls (the one that google comes back with, not the one you specify) when having a context in the url

10

Hi Johan,

Thanks for locating and fixing this bug.

For anyone else about to embark on switching to oAuth for email authentication;
I followed the Servoy oAuth Youtube video and Patrick’s post on this forum.
With this bug out of the way, it will be reasonably simple to implement.

Christian

11

Does this mean that that this would work without the fix if I rename my .war to ROOT.war so it deploys on Tomcat without a context?

Christian

12

yes without a context it should work.