Rookye23

No that’s correct. The api/http.php file redirects the request to the proper channels. Definitely seems like a setup issue as you have a custom port but don’t have the site config setup correctly for that.

Cheers.

Hello, I have not solved the problem, I want to be able to access osticket through Microsoft365 with the Oauth2 plugin.
I'm not an expert, I'm forgetting something.
I leave you the information to see if you can help me.

When I login through 365 I appear to be logged in, but I am redirected back to the home page and do not enter the agent panel.

The authentication if it is being done through Microsoft 365

This is the content of the login errors access.log

When I log in with a local user it does redirect to the path https://soporte.ticket.com:6971/scp/tickets.php?queue=1&dir=1&sort=10"

These are the details of my operating system

Distributor ID: Debian
Description:    Debian GNU/Linux 10 (buster)
Release:        10
Codename:       buster

Version of osTicket installed

This is the Azure configuration, but I'm not sure if the Redirect URI configured in Azure is correct.

Rewrite module is enabled and working

sudo apache2ctl -M | grep rewrite
 rewrite_module (shared)

This is the content of the .htaccess directory /var/www/html/osticket/upload/api/.htaccess

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.*/api)
RewriteRule ^(.*)$ %1/http.php/$1 [L]

</IfModule>

This is the content of the apache2 configuration directory /etc/apache2/apache2.conf

<Directory />
        Options FollowSymLinks
        AllowOverride All
        Require all granted
</Directory>

<Directory /usr/share>
        AllowOverride None
        Require all granted
</Directory>

<Directory /var/www/>
        Options Indexes FollowSymLinks
        AllowOverride All
        Require all granted
</Directory>

This is the content of the apache2 port configuration directory /etc/apache2/ports.conf

Listen 82
<IfModule ssl_module>
        Listen 6971
</IfModule>

<IfModule mod_gnutls.c>
        Listen 6971
</IfModule>

This is the directory contents of the vhost-ssl file directory /etc/apache2/sites-available/osticket-ssl.conf

<IfModule mod_ssl.c>
        <VirtualHost *:6971>
                ServerName soporte.ticket.com:6971
                ServerAdmin rambo@ticket.com

                DocumentRoot /var/www/html/osticket/upload/

                ErrorLog ${APACHE_LOG_DIR}/error.log
                CustomLog ${APACHE_LOG_DIR}/access.log combined

                SSLEngine on
                SSLCertificateFile /etc/ssl/private/soporte.ticket.com.crt
                SSLCertificateKeyFile /etc/ssl/private/soporte.ticket.com.key

                <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                SSLOptions +StdEnvVars
                </FilesMatch>
                <Directory /usr/lib/cgi-bin>
                                SSLOptions +StdEnvVars
                </Directory>
                <Directory /var/www/html/osticket>
                        Options FollowSymlinks
                        AllowOverride All
                        Require all granted
                </Directory>
        </VirtualHost>
</IfModule>

This is the directory contents of the vhost file directory /etc/apache2/sites-available/osticket.conf

<VirtualHost *:82>
        ServerName soporte.ticket.com:6971
        ServerAdmin rambo@ticket.com

        DocumentRoot /var/www/html/osticket/upload
        RewriteEngine On

        ErrorLog ${APACHE_LOG_DIR}/osticket.log
        CustomLog ${APACHE_LOG_DIR}/osticket_access.log combined

        <Directory /var/www/html/osticket>
                Options FollowSymlinks
                AllowOverride All
                Require all granted
        </Directory>

</VirtualHost>

Thank you very much for your help

    Rookye23

    I would need to see your app registration. Also do you have the cURL root certificate installed/enabled for PHP?

    Cheers.

      Rookye23 When I login through 365 I appear to be logged in, but I am redirected back to the home page and do not enter the agent panel.

      Are you clicking on the log in as an agent to start the login process?

        Hello KevinTheJedi curl I have it installed and enabled

        it's my php.ini

        in the directory I have the certificate

        Hello ntozier I log in via 365

        the agent user I have configured the method 635

        in the database the agent backend is as follows

        I meant you should check the url and see if you were in the correct space for an Agent to sign in.
        Agent area url ends with /scp/login.php
        User area url ends with /login.php

        I also noticed from your Apache configs (both p82 and p6971) you have:
        DocumentRoot /var/www/html/osticket/upload/

        and both have:
        <Directory /var/www/html/osticket>
        Options FollowSymlinks
        AllowOverride All
        Require all granted
        </Directory>

        /upload/ does not seem to be included for "AllowOverride All"

          Hello ntozier

          Ok I understand, for the login with an agent I am in the correct path /scp/login.php

          I have modified the configuration of the vhost files to include upload as in DocumentRoot

          But it still doesn't work, when I login with 365 it redirects me to the url https://soporte.ticket.com:6971/

          <IfModule mod_ssl.c>
                  <VirtualHost *:6971>
                          ServerName soporte.ticket.com:6971
                          ServerAdmin rambo@ticket.com
          
                          DocumentRoot /var/www/html/osticket/upload/
          
                          ErrorLog ${APACHE_LOG_DIR}/error.log
                          CustomLog ${APACHE_LOG_DIR}/access.log combined
          
                          SSLEngine on
                          SSLCertificateFile /etc/ssl/private/soporte.ticket.com.crt
                          SSLCertificateKeyFile /etc/ssl/private/soporte.ticket.com.key
          
                          <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                          SSLOptions +StdEnvVars
                          </FilesMatch>
                          <Directory /usr/lib/cgi-bin>
                                          SSLOptions +StdEnvVars
                          </Directory>
                          <Directory /var/www/html/osticket/upload>
                                  Options FollowSymlinks
                                  AllowOverride All
                                  Require all granted
                          </Directory>
                  </VirtualHost>
          </IfModule>
          <VirtualHost *:82>
                  ServerName soporte.ticket.com:6971
                  ServerAdmin rambo@ticket.com
          
                  DocumentRoot /var/www/html/osticket/upload
                  RewriteEngine On
          
                  ErrorLog ${APACHE_LOG_DIR}/osticket.log
                  CustomLog ${APACHE_LOG_DIR}/osticket_access.log combined
          
                  <Directory /var/www/html/osticket/upload>
                          Options FollowSymlinks
                          AllowOverride All
                          Require all granted
                  </Directory>
          
          </VirtualHost>

            Rookye23

            I noticed in your plugin config you have the default "common" endpoints. Are you sure you chose the right endpoints? Go to the app registration, click Overview tab, click Endpoints button, see what the top two endpoints are (should be the only two OAuth2 endpoints), and compare to see if they match your endpoints in the plugin config.

            Cheers.

              9 days later

              Rookye23

              When you are redirected to the client portal that means something isn’t right. I’m not sure what’s going on in your case without more debug info.

              Cheers.

              Write a Reply...