tsinfo88

That means you didn't add offline_access as an API Permission in the App Registration in Azure AD. You must also grant Admin Consent to all the API Permissions as well. Please go back and follow our documentation thoroughly.

Cheers.

Thanks KenvinTheJedi, I made a typing error: office_access instead of offline_access
So now it's ok !

2 months later

Hi Everyone,

I've worked with OSTicket Support and they suggested I ask in this forum. I'm having the same problem

I've checked the .htaccess file and I have Rewrite and Override set. But still no luck. I've also installed a GUI on the CentOS 7 box that OSTicket lives on. Tested the OAuth directly from the server and still no luck.

I enabled debug level logging for rewrite using the following:

LogLevel alert rewrite:trace2

Below is the logging message I received, but I'm not sure what to do to correct my issue. Can anyone help?

Error_log
[Fri Dec 30 13:39:44.765192 2022] [rewrite:trace1] [pid 206250] mod_rewrite.c(470): [client 10.240.19.213:51944] x.x.x.x - - [Y.Y.Y.Y/sid#556ca722e8a8][rid#556ca75035d0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/api/auth, referer: https://login.microsoftonline.com/
[Fri Dec 30 13:57:43.899825 2022] [rewrite:trace1] [pid 207010] mod_rewrite.c(470): [client 127.0.0.1:55786] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca731f960/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/emails.php
[Fri Dec 30 13:57:44.004601 2022] [rewrite:trace1] [pid 207010] mod_rewrite.c(470): [client 127.0.0.1:55786] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75035d0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/login.php
[Fri Dec 30 13:57:44.215526 2022] [rewrite:trace1] [pid 206996] mod_rewrite.c(470): [client 127.0.0.1:55798] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74ff5b0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/logo.php, referer: https://localhost/osTicket/scp/login.php
[Fri Dec 30 13:57:44.228605 2022] [rewrite:trace1] [pid 207209] mod_rewrite.c(470): [client 127.0.0.1:55802] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74fd5a0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/logo.php, referer: https://localhost/osTicket/scp/css/login.css
[Fri Dec 30 13:57:53.584321 2022] [rewrite:trace1] [pid 207010] mod_rewrite.c(470): [client 127.0.0.1:55804] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca7311f60/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/login.php, referer: https://localhost/osTicket/scp/login.php
[Fri Dec 30 13:57:53.729597 2022] [rewrite:trace1] [pid 207196] mod_rewrite.c(470): [client 127.0.0.1:55806] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75015c0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/emails.php, referer: https://localhost/osTicket/scp/login.php
[Fri Dec 30 13:57:53.983910 2022] [rewrite:trace1] [pid 207196] mod_rewrite.c(470): [client 127.0.0.1:55806] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74ff5b0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/logo.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:57:53.988137 2022] [rewrite:trace1] [pid 206670] mod_rewrite.c(470): [client 127.0.0.1:55808] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca755a380/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/autocron.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:57:54.146078 2022] [rewrite:trace1] [pid 207196] mod_rewrite.c(470): [client 127.0.0.1:55806] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74fb590/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/images/oscar-favicon-16x16.png, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:57:56.898967 2022] [rewrite:trace1] [pid 207196] mod_rewrite.c(470): [client 127.0.0.1:55806] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75015c0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/images/tip_arrow.png, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:57:56.902903 2022] [rewrite:trace1] [pid 207196] mod_rewrite.c(470): [client 127.0.0.1:55806] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74fb590/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:57:57.486096 2022] [rewrite:trace1] [pid 207239] mod_rewrite.c(470): [client 127.0.0.1:55810] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74ff1b0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:57:57.620463 2022] [rewrite:trace1] [pid 206699] mod_rewrite.c(470): [client 127.0.0.1:55812] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca7558370/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:04.112410 2022] [rewrite:trace1] [pid 207209] mod_rewrite.c(470): [client 127.0.0.1:55828] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75015c0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:21.112771 2022] [rewrite:trace1] [pid 207010] mod_rewrite.c(470): [client 127.0.0.1:55846] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75015c0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:21.238845 2022] [rewrite:trace1] [pid 207196] mod_rewrite.c(470): [client 127.0.0.1:55848] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75035d0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:27.056258 2022] [rewrite:trace1] [pid 206840] mod_rewrite.c(470): [client 127.0.0.1:55852] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75055e0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:27.182384 2022] [rewrite:trace1] [pid 206670] mod_rewrite.c(470): [client 127.0.0.1:55854] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca7558370/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/emails.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:42.267115 2022] [rewrite:trace1] [pid 207239] mod_rewrite.c(470): [client Y.Y.Y.Y:38984] Y.Y.Y.Y - - [Y.Y.Y.Y/sid#556ca722e8a8][rid#556ca73146e0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/api/auth, referer: https://login.microsoftonline.com/
[Fri Dec 30 13:58:50.887274 2022] [rewrite:trace1] [pid 206996] mod_rewrite.c(470): [client 127.0.0.1:55894] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75015c0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/emails.php
[Fri Dec 30 13:58:51.123663 2022] [rewrite:trace1] [pid 206996] mod_rewrite.c(470): [client 127.0.0.1:55894] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75561e0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/css/tooltip.css, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:54.070290 2022] [rewrite:trace1] [pid 206691] mod_rewrite.c(470): [client 127.0.0.1:55912] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca7311f60/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:54.201511 2022] [rewrite:trace1] [pid 206996] mod_rewrite.c(470): [client 127.0.0.1:55914] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74fd5a0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:58:56.180817 2022] [rewrite:trace1] [pid 206996] mod_rewrite.c(470): [client 127.0.0.1:55914] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75561e0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/images/icons/alert.png, referer: https://localhost/osTicket/scp/css/scp.css?1d8b790
[Fri Dec 30 13:59:02.374930 2022] [rewrite:trace1] [pid 207344] mod_rewrite.c(470): [client 127.0.0.1:55916] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca74ff1b0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/ajax.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:59:02.529961 2022] [rewrite:trace1] [pid 206670] mod_rewrite.c(470): [client 127.0.0.1:55918] 127.0.0.1 - - [localhost/sid#556ca722e8a8][rid#556ca75015c0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/scp/emails.php, referer: https://localhost/osTicket/scp/emails.php?id=62
[Fri Dec 30 13:59:10.804795 2022] [rewrite:trace1] [pid 206840] mod_rewrite.c(470): [client Y.Y.Y.Y:39022] Y.Y.Y.Y - - [Y.Y.Y.Y/sid#556ca722e8a8][rid#556ca74fd5a0/initial] [perdir /var/www/html/osTicket/] pass through /var/www/html/osTicket/api/auth, referer: https://login.microsoftonline.com/

    MattHaberer

    Sounds like you have other Apache configurations blocking rewriting for this site. The main thing is making sure you have AllowOverride All in the site config.

    You can google “how to enable url rewriting for Apache centos7” or “Apache url rewriting enabled but not working” for further information.

    Cheers.

    Hi Kevin,

    I have confirmed that AllowOverride All is set on all conf files. I've checked multiple articles and I went from having not found to Internal 500 Error.

    When I get this message in the GUI. I see this in the /var/log/httpd/error_log

    '[Fri Dec 30 16:08:10.016201 2022] [rewrite:trace1] [pid 215986] mod_rewrite.c(470): [client XXX- - [X.X.X.X/sid#564f86685f60][rid#564f869571e0/initial] pass through /osTicket/api/auth/oauth2, referer: https://login.microsoftonline.com/
    [Fri Dec 30 16:08:10.016673 2022] [core:alert] [pid 215986] [client x.x.x.x:41628] /var/www/html/osTicket/api/.htaccess: AllowOverride not allowed here, referer: https://login.microsoftonline.com/'

    any other ideas? I've insured AllowOverride All is in all config to the point that it broke OSTicket at first, but above is the closest I got. I also checked /var/log/messages but nothing helpful there.

    Thanks for any advice!

    Matt

      MattHaberer

      It’s saying AllowOverride is not allowed within the /var/www/html/osTicket/api/.htaccess file. So it seems like you edited the .htaccess files that osTicket ships with. You are not supposed to edit any of the osTicket files. Please restore these files to vanilla and retest.

      Cheers.

      a month later

      I had the same issue and couldn't get the apache2 URL Rewrite to work in Ubuntu . The thing that finally fixed it was enabling it in the main apache config, not just the site config.

      Steps:
      1) sudo nano /etc/apache2/apache2.conf
      2) Find

      <Directory /var/www/>
              Options Indexes FollowSymLinks
              AllowOverride None
              Require all granted
      </Directory>

      3) replace AllowOverride None with AllowOverride All

      <Directory /var/www/>
              Options Indexes FollowSymLinks
              AllowOverride All
              Require all granted
      </Directory>

      4) Restart apache
      sudo systemctl restart apache2

      System Specifics:

      osTicket Version 	1.17-git (?) — 8fbc7ee is available
      Web Server Software 	Apache/2.4.52 (Ubuntu)
      MySQL Version 	8.0.32
      PHP Version 	8.2.1
      2 months later

      Hi, I too am getting the error.
      However, in my case the directory / file don't actually exist on the server
      The plugin is enabled, and has been for some time.

      I get this after setting up the Auth:

      Should I remove and re-install the Plugin?
      Currently running Version 1.17.2
      Centos V7, using httpd that ships with Centos

      Is it possible I have missed a step somewhere during the Plugin install?

        Androids

        URL Rewriting is not enabled on your webserver. The file doesn't actually exist which is why you need URL Rewriting installed/enabled so that our .htaccess files can rewrite and direct the URL to the proper destination.

        Cheers.

          5 days later

          Thanks, it was already enabled - (/etc/httpd/conf.modules.d/00-base.conf in Centos)
          It is working now regardless.

          Just to add to this;
          [root@tickets /]# httpd -M|grep write
          rewrite_module (shared)

          In (Centos) /etc/httpd/conf/httpd.conf
          <Directory "/var/www/html/osticket"> # YOUR EXACT directory
          AllowOverride All
          Options FollowSymlinks
          Require all granted
          </Directory>

          systemctl restart httpd

          That worked for me - Explicitly defining the osticket directory was the key

          22 days later

          Hi, I've been getting the same error. Before starting with URL rewrite and other suggested fixes, i wanted to know if it is necessary to setup remote mailbox and outgoing. I don't have them setup and i just want to implement simple OAuth with Microsoft login for which i have followed the necessary steps show in the authentication guide for Microsoft in osticket official docs.

          KevinTheJedi

          ramrajone

            10 months later

            Hi, I have the same problem, when I authenticate with office.

            I have apache modrewrite enabled.
            In my virtual host as well as in apache2.conf I have the following

            In the virtual host

            Can you help me

              Rookye23

              I can't say for certain but it's probably due to your virtual site config rules. I would clear all the custom rules, make it default, reload/restart the webserver so the changes are applied, and retest.

              Cheers.

                Hello KevinTheJedi

                This is what I have configured in the plugin

                And I have left the vhost as clean as possible.

                I have modrewrite enabled, which I'm missing

                in my directories I don't have the path to api/auth/oauth2

                I might be configuring the wrong redirect url in Azure ?.

                Thanks

                  Rookye23

                  No that’s correct. The api/http.php file redirects the request to the proper channels. Definitely seems like a setup issue as you have a custom port but don’t have the site config setup correctly for that.

                  Cheers.

                  Hello, I have not solved the problem, I want to be able to access osticket through Microsoft365 with the Oauth2 plugin.
                  I'm not an expert, I'm forgetting something.
                  I leave you the information to see if you can help me.

                  When I login through 365 I appear to be logged in, but I am redirected back to the home page and do not enter the agent panel.

                  The authentication if it is being done through Microsoft 365

                  This is the content of the login errors access.log

                  When I log in with a local user it does redirect to the path https://soporte.ticket.com:6971/scp/tickets.php?queue=1&dir=1&sort=10"

                  These are the details of my operating system

                  Distributor ID: Debian
                  Description:    Debian GNU/Linux 10 (buster)
                  Release:        10
                  Codename:       buster

                  Version of osTicket installed

                  This is the Azure configuration, but I'm not sure if the Redirect URI configured in Azure is correct.

                  Rewrite module is enabled and working

                  sudo apache2ctl -M | grep rewrite
                   rewrite_module (shared)

                  This is the content of the .htaccess directory /var/www/html/osticket/upload/api/.htaccess

                  <IfModule mod_rewrite.c>
                  
                  RewriteEngine On
                  
                  RewriteCond %{REQUEST_FILENAME} !-f
                  RewriteCond %{REQUEST_FILENAME} !-d
                  RewriteCond %{REQUEST_URI} (.*/api)
                  RewriteRule ^(.*)$ %1/http.php/$1 [L]
                  
                  </IfModule>

                  This is the content of the apache2 configuration directory /etc/apache2/apache2.conf

                  <Directory />
                          Options FollowSymLinks
                          AllowOverride All
                          Require all granted
                  </Directory>
                  
                  <Directory /usr/share>
                          AllowOverride None
                          Require all granted
                  </Directory>
                  
                  <Directory /var/www/>
                          Options Indexes FollowSymLinks
                          AllowOverride All
                          Require all granted
                  </Directory>

                  This is the content of the apache2 port configuration directory /etc/apache2/ports.conf

                  Listen 82
                  <IfModule ssl_module>
                          Listen 6971
                  </IfModule>
                  
                  <IfModule mod_gnutls.c>
                          Listen 6971
                  </IfModule>

                  This is the directory contents of the vhost-ssl file directory /etc/apache2/sites-available/osticket-ssl.conf

                  <IfModule mod_ssl.c>
                          <VirtualHost *:6971>
                                  ServerName soporte.ticket.com:6971
                                  ServerAdmin rambo@ticket.com
                  
                                  DocumentRoot /var/www/html/osticket/upload/
                  
                                  ErrorLog ${APACHE_LOG_DIR}/error.log
                                  CustomLog ${APACHE_LOG_DIR}/access.log combined
                  
                                  SSLEngine on
                                  SSLCertificateFile /etc/ssl/private/soporte.ticket.com.crt
                                  SSLCertificateKeyFile /etc/ssl/private/soporte.ticket.com.key
                  
                                  <FilesMatch "\.(cgi|shtml|phtml|php)$">
                                                  SSLOptions +StdEnvVars
                                  </FilesMatch>
                                  <Directory /usr/lib/cgi-bin>
                                                  SSLOptions +StdEnvVars
                                  </Directory>
                                  <Directory /var/www/html/osticket>
                                          Options FollowSymlinks
                                          AllowOverride All
                                          Require all granted
                                  </Directory>
                          </VirtualHost>
                  </IfModule>

                  This is the directory contents of the vhost file directory /etc/apache2/sites-available/osticket.conf

                  <VirtualHost *:82>
                          ServerName soporte.ticket.com:6971
                          ServerAdmin rambo@ticket.com
                  
                          DocumentRoot /var/www/html/osticket/upload
                          RewriteEngine On
                  
                          ErrorLog ${APACHE_LOG_DIR}/osticket.log
                          CustomLog ${APACHE_LOG_DIR}/osticket_access.log combined
                  
                          <Directory /var/www/html/osticket>
                                  Options FollowSymlinks
                                  AllowOverride All
                                  Require all granted
                          </Directory>
                  
                  </VirtualHost>

                  Thank you very much for your help