That means you didn't add offline_access
as an API Permission in the App Registration in Azure AD. You must also grant Admin Consent to all the API Permissions as well. Please go back and follow our documentation thoroughly.
Cheers.
That means you didn't add offline_access
as an API Permission in the App Registration in Azure AD. You must also grant Admin Consent to all the API Permissions as well. Please go back and follow our documentation thoroughly.
Cheers.
Thanks KenvinTheJedi, I made a typing error: office_access instead of offline_access
So now it's ok !
Hi Everyone,
I've worked with OSTicket Support and they suggested I ask in this forum. I'm having the same problem
I've checked the .htaccess file and I have Rewrite and Override set. But still no luck. I've also installed a GUI on the CentOS 7 box that OSTicket lives on. Tested the OAuth directly from the server and still no luck.
I enabled debug level logging for rewrite using the following:
LogLevel alert rewrite:trace2
Below is the logging message I received, but I'm not sure what to do to correct my issue. Can anyone help?
Error_log
[Fri Dec 30 13:39:44.765192 2022] [rewrite:trace1] [pid 206250] mod_rewrite.c(470): [client 10.240.19.213:51944] x.x.x.x - - [Y.Y.Y.Y/sid#556ca722e8a8][rid#556ca75035d0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/api/auth, referer: https://login.microsoftonline.com/
[Fri Dec 30 13:57:43.899825 2022] [rewrite:trace1] [pid 207010] mod_rewrite.c(470): [client 127.0.0.1:55786] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca731f960/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/emails.php
[Fri Dec 30 13:57:44.004601 2022] [rewrite:trace1] [pid 207010] mod_rewrite.c(470): [client 127.0.0.1:55786] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75035d0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/login.php
[Fri Dec 30 13:57:44.215526 2022] [rewrite:trace1] [pid 206996] mod_rewrite.c(470): [client 127.0.0.1:55798] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74ff5b0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/logo.php, referer: https://localhost/osTicket/scp/login.php
[Fri Dec 30 13:57:44.228605 2022] [rewrite:trace1] [pid 207209] mod_rewrite.c(470): [client 127.0.0.1:55802] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74fd5a0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/logo.php, referer: https://localhost/osTicket/scp/css/login.css
[Fri Dec 30 13:57:53.584321 2022] [rewrite:trace1] [pid 207010] mod_rewrite.c(470): [client 127.0.0.1:55804] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca7311f60/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/login.php, referer: https://localhost/osTicket/scp/login.php
[Fri Dec 30 13:57:53.729597 2022] [rewrite:trace1] [pid 207196] mod_rewrite.c(470): [client 127.0.0.1:55806] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75015c0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/emails.php, referer: https://localhost/osTicket/scp/login.php
[Fri Dec 30 13:57:53.983910 2022] [rewrite:trace1] [pid 207196] mod_rewrite.c(470): [client 127.0.0.1:55806] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74ff5b0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/logo.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:57:53.988137 2022] [rewrite:trace1] [pid 206670] mod_rewrite.c(470): [client 127.0.0.1:55808] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca755a380/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/autocron.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:57:54.146078 2022] [rewrite:trace1] [pid 207196] mod_rewrite.c(470): [client 127.0.0.1:55806] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74fb590/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/images/oscar-favicon-16x16.png, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:57:56.898967 2022] [rewrite:trace1] [pid 207196] mod_rewrite.c(470): [client 127.0.0.1:55806] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75015c0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/images/tip_arrow.png, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:57:56.902903 2022] [rewrite:trace1] [pid 207196] mod_rewrite.c(470): [client 127.0.0.1:55806] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74fb590/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:57:57.486096 2022] [rewrite:trace1] [pid 207239] mod_rewrite.c(470): [client 127.0.0.1:55810] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74ff1b0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:57:57.620463 2022] [rewrite:trace1] [pid 206699] mod_rewrite.c(470): [client 127.0.0.1:55812] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca7558370/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:04.112410 2022] [rewrite:trace1] [pid 207209] mod_rewrite.c(470): [client 127.0.0.1:55828] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75015c0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:21.112771 2022] [rewrite:trace1] [pid 207010] mod_rewrite.c(470): [client 127.0.0.1:55846] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75015c0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:21.238845 2022] [rewrite:trace1] [pid 207196] mod_rewrite.c(470): [client 127.0.0.1:55848] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75035d0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:27.056258 2022] [rewrite:trace1] [pid 206840] mod_rewrite.c(470): [client 127.0.0.1:55852] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75055e0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:27.182384 2022] [rewrite:trace1] [pid 206670] mod_rewrite.c(470): [client 127.0.0.1:55854] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca7558370/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/emails.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:42.267115 2022] [rewrite:trace1] [pid 207239] mod_rewrite.c(470): [client Y.Y.Y.Y:38984] Y.Y.Y.Y - - [Y.Y.Y.Y/sid#556ca722e8a8][rid#556ca73146e0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/api/auth, referer: https://login.microsoftonline.com/
[Fri Dec 30 13:58:50.887274 2022] [rewrite:trace1] [pid 206996] mod_rewrite.c(470): [client 127.0.0.1:55894] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75015c0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/emails.php
[Fri Dec 30 13:58:51.123663 2022] [rewrite:trace1] [pid 206996] mod_rewrite.c(470): [client 127.0.0.1:55894] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75561e0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/css/tooltip.css, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:54.070290 2022] [rewrite:trace1] [pid 206691] mod_rewrite.c(470): [client 127.0.0.1:55912] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca7311f60/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:54.201511 2022] [rewrite:trace1] [pid 206996] mod_rewrite.c(470): [client 127.0.0.1:55914] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74fd5a0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:56.180817 2022] [rewrite:trace1] [pid 206996] mod_rewrite.c(470): [client 127.0.0.1:55914] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75561e0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/images/icons/alert.png, referer: https://localhost/osTicket/scp/css/scp.css?1d8b790
[Fri Dec 30 13:59:02.374930 2022] [rewrite:trace1] [pid 207344] mod_rewrite.c(470): [client 127.0.0.1:55916] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74ff1b0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:59:02.529961 2022] [rewrite:trace1] [pid 206670] mod_rewrite.c(470): [client 127.0.0.1:55918] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75015c0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/emails.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:59:10.804795 2022] [rewrite:trace1] [pid 206840] mod_rewrite.c(470): [client Y.Y.Y.Y:39022] Y.Y.Y.Y - - [Y.Y.Y.Y/sid#556ca722e8a8][rid#556ca74fd5a0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/api/auth, referer: https://login.microsoftonline.com/
Sounds like you have other Apache configurations blocking rewriting for this site. The main thing is making sure you have AllowOverride All
in the site config.
You can google “how to enable url rewriting for Apache centos7” or “Apache url rewriting enabled but not working” for further information.
Cheers.
Hi Kevin,
I have confirmed that AllowOverride All is set on all conf files. I've checked multiple articles and I went from having not found to Internal 500 Error.
When I get this message in the GUI. I see this in the /var/log/httpd/error_log
'[Fri Dec 30 16:08:10.016201 2022] [rewrite:trace1] [pid 215986] mod_rewrite.c(470): [client XXX- - [X.X.X.X/sid#564f86685f60][rid#564f869571e0/initial] pass through /osTicket/api/auth/oauth2, referer: https://login.microsoftonline.com/
[Fri Dec 30 16:08:10.016673 2022] [core:alert] [pid 215986] [client x.x.x.x:41628] /var/www/html/osTicket/api/.htaccess: AllowOverride not allowed here, referer: https://login.microsoftonline.com/'
any other ideas? I've insured AllowOverride All is in all config to the point that it broke OSTicket at first, but above is the closest I got. I also checked /var/log/messages but nothing helpful there.
Thanks for any advice!
Matt
It’s saying AllowOverride
is not allowed within the /var/www/html/osTicket/api/.htaccess
file. So it seems like you edited the .htaccess files that osTicket ships with. You are not supposed to edit any of the osTicket files. Please restore these files to vanilla and retest.
Cheers.
Also, here is the post that describes what they had to do to get it working:
Cheers.
I had the same issue and couldn't get the apache2 URL Rewrite to work in Ubuntu . The thing that finally fixed it was enabling it in the main apache config, not just the site config.
Steps:
1) sudo nano /etc/apache2/apache2.conf
2) Find
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
3) replace AllowOverride None with AllowOverride All
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
4) Restart apache
sudo systemctl restart apache2
System Specifics:
osTicket Version 1.17-git (?) — 8fbc7ee is available
Web Server Software Apache/2.4.52 (Ubuntu)
MySQL Version 8.0.32
PHP Version 8.2.1
Hi, I too am getting the error.
However, in my case the directory / file don't actually exist on the server
The plugin is enabled, and has been for some time.
I get this after setting up the Auth:
Should I remove and re-install the Plugin?
Currently running Version 1.17.2
Centos V7, using httpd that ships with Centos
Is it possible I have missed a step somewhere during the Plugin install?
URL Rewriting is not enabled on your webserver. The file doesn't actually exist which is why you need URL Rewriting installed/enabled so that our .htaccess files can rewrite and direct the URL to the proper destination.
Cheers.
Thanks, it was already enabled - (/etc/httpd/conf.modules.d/00-base.conf in Centos)
It is working now regardless.
Just to add to this;
[root@tickets /]# httpd -M|grep write
rewrite_module (shared)
In (Centos) /etc/httpd/conf/httpd.conf
<Directory "/var/www/html/osticket"> # YOUR EXACT directory
AllowOverride All
Options FollowSymlinks
Require all granted
</Directory>
systemctl restart httpd
That worked for me - Explicitly defining the osticket directory was the key
Hi, I've been getting the same error. Before starting with URL rewrite and other suggested fixes, i wanted to know if it is necessary to setup remote mailbox and outgoing. I don't have them setup and i just want to implement simple OAuth with Microsoft login for which i have followed the necessary steps show in the authentication guide for Microsoft in osticket official docs.
yashbhardwaj
Remote Mailbox/Outgoing and SSO are two things, if you don't want to pull emails from MS365 then you don't need to set up the Mailbox part, just setup SSO something like this:
https://docs.osticket.com/en/latest/OAuth2/Microsoft%20Authentication%20(SSO)%20Guide.html
Hi, I have the same problem, when I authenticate with office.
I have apache modrewrite enabled.
In my virtual host as well as in apache2.conf I have the following
In the virtual host
Can you help me
I can't say for certain but it's probably due to your virtual site config rules. I would clear all the custom rules, make it default, reload/restart the webserver so the changes are applied, and retest.
Cheers.
Hello KevinTheJedi
This is what I have configured in the plugin
And I have left the vhost as clean as possible.
I have modrewrite enabled, which I'm missing
in my directories I don't have the path to api/auth/oauth2
I might be configuring the wrong redirect url in Azure ?.
Thanks
No that’s correct. The api/http.php file redirects the request to the proper channels. Definitely seems like a setup issue as you have a custom port but don’t have the site config setup correctly for that.
Cheers.
Hello, I have not solved the problem, I want to be able to access osticket through Microsoft365 with the Oauth2 plugin.
I'm not an expert, I'm forgetting something.
I leave you the information to see if you can help me.
When I login through 365 I appear to be logged in, but I am redirected back to the home page and do not enter the agent panel.
The authentication if it is being done through Microsoft 365
This is the content of the login errors access.log
When I log in with a local user it does redirect to the path https://soporte.ticket.com:6971/scp/tickets.php?queue=1&dir=1&sort=10"
These are the details of my operating system
Distributor ID: Debian
Description: Debian GNU/Linux 10 (buster)
Release: 10
Codename: buster
Version of osTicket installed
This is the Azure configuration, but I'm not sure if the Redirect URI configured in Azure is correct.
Rewrite module is enabled and working
sudo apache2ctl -M | grep rewrite
rewrite_module (shared)
This is the content of the .htaccess directory /var/www/html/osticket/upload/api/.htaccess
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.*/api)
RewriteRule ^(.*)$ %1/http.php/$1 [L]
</IfModule>
This is the content of the apache2 configuration directory /etc/apache2/apache2.conf
<Directory />
Options FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<Directory /usr/share>
AllowOverride None
Require all granted
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
This is the content of the apache2 port configuration directory /etc/apache2/ports.conf
Listen 82
<IfModule ssl_module>
Listen 6971
</IfModule>
<IfModule mod_gnutls.c>
Listen 6971
</IfModule>
This is the directory contents of the vhost-ssl file directory /etc/apache2/sites-available/osticket-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost *:6971>
ServerName soporte.ticket.com:6971
ServerAdmin rambo@ticket.com
DocumentRoot /var/www/html/osticket/upload/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/private/soporte.ticket.com.crt
SSLCertificateKeyFile /etc/ssl/private/soporte.ticket.com.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
<Directory /var/www/html/osticket>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
</IfModule>
This is the directory contents of the vhost file directory /etc/apache2/sites-available/osticket.conf
<VirtualHost *:82>
ServerName soporte.ticket.com:6971
ServerAdmin rambo@ticket.com
DocumentRoot /var/www/html/osticket/upload
RewriteEngine On
ErrorLog ${APACHE_LOG_DIR}/osticket.log
CustomLog ${APACHE_LOG_DIR}/osticket_access.log combined
<Directory /var/www/html/osticket>
Options FollowSymlinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>
Thank you very much for your help