Hello KevinTheJedi

This is what I have configured in the plugin

And I have left the vhost as clean as possible.

I have modrewrite enabled, which I'm missing

in my directories I don't have the path to api/auth/oauth2

I might be configuring the wrong redirect url in Azure ?.

Thanks

    Rookye23

    No that’s correct. The api/http.php file redirects the request to the proper channels. Definitely seems like a setup issue as you have a custom port but don’t have the site config setup correctly for that.

    Cheers.

    Hello, I have not solved the problem, I want to be able to access osticket through Microsoft365 with the Oauth2 plugin.
    I'm not an expert, I'm forgetting something.
    I leave you the information to see if you can help me.

    When I login through 365 I appear to be logged in, but I am redirected back to the home page and do not enter the agent panel.

    The authentication if it is being done through Microsoft 365

    This is the content of the login errors access.log

    When I log in with a local user it does redirect to the path https://soporte.ticket.com:6971/scp/tickets.php?queue=1&dir=1&sort=10"

    These are the details of my operating system

    Distributor ID: Debian
    Description:    Debian GNU/Linux 10 (buster)
    Release:        10
    Codename:       buster

    Version of osTicket installed

    This is the Azure configuration, but I'm not sure if the Redirect URI configured in Azure is correct.

    Rewrite module is enabled and working

    sudo apache2ctl -M | grep rewrite
     rewrite_module (shared)

    This is the content of the .htaccess directory /var/www/html/osticket/upload/api/.htaccess

    <IfModule mod_rewrite.c>
    
    RewriteEngine On
    
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_URI} (.*/api)
    RewriteRule ^(.*)$ %1/http.php/$1 [L]
    
    </IfModule>

    This is the content of the apache2 configuration directory /etc/apache2/apache2.conf

    <Directory />
            Options FollowSymLinks
            AllowOverride All
            Require all granted
    </Directory>
    
    <Directory /usr/share>
            AllowOverride None
            Require all granted
    </Directory>
    
    <Directory /var/www/>
            Options Indexes FollowSymLinks
            AllowOverride All
            Require all granted
    </Directory>

    This is the content of the apache2 port configuration directory /etc/apache2/ports.conf

    Listen 82
    <IfModule ssl_module>
            Listen 6971
    </IfModule>
    
    <IfModule mod_gnutls.c>
            Listen 6971
    </IfModule>

    This is the directory contents of the vhost-ssl file directory /etc/apache2/sites-available/osticket-ssl.conf

    <IfModule mod_ssl.c>
            <VirtualHost *:6971>
                    ServerName soporte.ticket.com:6971
                    ServerAdmin rambo@ticket.com
    
                    DocumentRoot /var/www/html/osticket/upload/
    
                    ErrorLog ${APACHE_LOG_DIR}/error.log
                    CustomLog ${APACHE_LOG_DIR}/access.log combined
    
                    SSLEngine on
                    SSLCertificateFile /etc/ssl/private/soporte.ticket.com.crt
                    SSLCertificateKeyFile /etc/ssl/private/soporte.ticket.com.key
    
                    <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                    SSLOptions +StdEnvVars
                    </FilesMatch>
                    <Directory /usr/lib/cgi-bin>
                                    SSLOptions +StdEnvVars
                    </Directory>
                    <Directory /var/www/html/osticket>
                            Options FollowSymlinks
                            AllowOverride All
                            Require all granted
                    </Directory>
            </VirtualHost>
    </IfModule>

    This is the directory contents of the vhost file directory /etc/apache2/sites-available/osticket.conf

    <VirtualHost *:82>
            ServerName soporte.ticket.com:6971
            ServerAdmin rambo@ticket.com
    
            DocumentRoot /var/www/html/osticket/upload
            RewriteEngine On
    
            ErrorLog ${APACHE_LOG_DIR}/osticket.log
            CustomLog ${APACHE_LOG_DIR}/osticket_access.log combined
    
            <Directory /var/www/html/osticket>
                    Options FollowSymlinks
                    AllowOverride All
                    Require all granted
            </Directory>
    
    </VirtualHost>

    Thank you very much for your help

      Rookye23

      I would need to see your app registration. Also do you have the cURL root certificate installed/enabled for PHP?

      Cheers.

        Rookye23 When I login through 365 I appear to be logged in, but I am redirected back to the home page and do not enter the agent panel.

        Are you clicking on the log in as an agent to start the login process?

          Hello KevinTheJedi curl I have it installed and enabled

          it's my php.ini

          in the directory I have the certificate

          Hello ntozier I log in via 365

          the agent user I have configured the method 635

          in the database the agent backend is as follows

          I meant you should check the url and see if you were in the correct space for an Agent to sign in.
          Agent area url ends with /scp/login.php
          User area url ends with /login.php

          I also noticed from your Apache configs (both p82 and p6971) you have:
          DocumentRoot /var/www/html/osticket/upload/

          and both have:
          <Directory /var/www/html/osticket>
          Options FollowSymlinks
          AllowOverride All
          Require all granted
          </Directory>

          /upload/ does not seem to be included for "AllowOverride All"

            Hello ntozier

            Ok I understand, for the login with an agent I am in the correct path /scp/login.php

            I have modified the configuration of the vhost files to include upload as in DocumentRoot

            But it still doesn't work, when I login with 365 it redirects me to the url https://soporte.ticket.com:6971/

            <IfModule mod_ssl.c>
                    <VirtualHost *:6971>
                            ServerName soporte.ticket.com:6971
                            ServerAdmin rambo@ticket.com
            
                            DocumentRoot /var/www/html/osticket/upload/
            
                            ErrorLog ${APACHE_LOG_DIR}/error.log
                            CustomLog ${APACHE_LOG_DIR}/access.log combined
            
                            SSLEngine on
                            SSLCertificateFile /etc/ssl/private/soporte.ticket.com.crt
                            SSLCertificateKeyFile /etc/ssl/private/soporte.ticket.com.key
            
                            <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                            SSLOptions +StdEnvVars
                            </FilesMatch>
                            <Directory /usr/lib/cgi-bin>
                                            SSLOptions +StdEnvVars
                            </Directory>
                            <Directory /var/www/html/osticket/upload>
                                    Options FollowSymlinks
                                    AllowOverride All
                                    Require all granted
                            </Directory>
                    </VirtualHost>
            </IfModule>
            <VirtualHost *:82>
                    ServerName soporte.ticket.com:6971
                    ServerAdmin rambo@ticket.com
            
                    DocumentRoot /var/www/html/osticket/upload
                    RewriteEngine On
            
                    ErrorLog ${APACHE_LOG_DIR}/osticket.log
                    CustomLog ${APACHE_LOG_DIR}/osticket_access.log combined
            
                    <Directory /var/www/html/osticket/upload>
                            Options FollowSymlinks
                            AllowOverride All
                            Require all granted
                    </Directory>
            
            </VirtualHost>

              Rookye23

              I noticed in your plugin config you have the default "common" endpoints. Are you sure you chose the right endpoints? Go to the app registration, click Overview tab, click Endpoints button, see what the top two endpoints are (should be the only two OAuth2 endpoints), and compare to see if they match your endpoints in the plugin config.

              Cheers.

                9 days later

                Rookye23

                When you are redirected to the client portal that means something isn’t right. I’m not sure what’s going on in your case without more debug info.

                Cheers.

                Write a Reply...