OAuth2 "No input file specified"

voidsysadmin

I have gone through this forum and researched a few of the other posts here. Using Google as the IdP, followed the osTicket OAuth 2 for Google documentation to the point. After authenticating with Google, the next page shows "No input file specified". Our hosting company is Siteground, and according to them, AllowOveride All is set on all servers (https://www.siteground.com/kb/is_it_possible_to_set_apaches_allowoverride_directive_to_all/). I even set the NGINX Direct Delivery OFF so that .htaccess caching is disabled. Triple checked that the .htaccess file is in the /api folder, and has the correct code:

`<IfModule mod_rewrite.c>

RewriteEngine On

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.*/api)

RewriteRule ^.*$ %1/http.php/$1 [L]

</IfModule>
`
This is what I get from the logs:

`AH00128: File does not exist: /home/server/www/tickets.mysite.org/public_html/api/auth/oauth2, referer: https://accounts.google.com/
‮
AH00128: File does not exist: /home/server/www/tickets.mysite.org/public_html/xxx=email profile https:/www.googleapis.com/auth/userinfo.profile https:/www.googleapis.com/auth/userinfo.email openid&authuser=0&hd=mysite.org&prompt=consent

/home/server/www/tickets.mysite.org/public_html/api/.htaccess: Invalid command 'RRewriteRule', perhaps misspelled or defined by a module not included in the server configuration, referer: https://accounts.google.com/`

Any suggestions?

KevinTheJedi

voidsysadmin

NGINX doesn't use .htaccess files. You will need to search the older threads on this and use the correct NGINX rules. NGINX website has a default Recipe you can use but I'm unsure if this covers everything. Like I said older threads have working NGINX configs listed.

Cheers.

voidsysadmin

KevinTheJedi I am just going off of what the hosting provider suggests. They are using Apache.

KevinTheJedi

voidsysadmin

You said NGINX though so assumed you're using NGINX.

Anyways, there are other threads on what people did to get Apache working with the .htaccess files. It should be working by default but for some instances it's just not being loaded properly. You can tell your host there is an .htaccess file in the /path/to/osticket/api/.htaccess that contains the relevant rules. If your rewriting is not working then that means their Apache instance isn't loading this .htaccess file appropriately.

Cheers.

voidsysadmin

KevinTheJedi I just did and they looked at it - he basically sent me a thread from 5 years ago to add the http.php to the URL. Will keep digging, thanks for the response.

https://forum.osticket.com/d/76525-getting-no-input-file-specified-error/12

KevinTheJedi

voidsysadmin

Yea that’s just a temporary workaround until you can get your webserver working correctly.

Cheers.

voidsysadmin

KevinTheJedi One last question. In this instance, how would I "hardcode" this? I have been modifying the .htaccess file under /api and am unsuccessful. I saw in another recent thread someone was able to add http.php. I tried this when the application returned the No input file error into the web address and was logged in under the test account. Not sure if I need to look at this from another angle, or if the hosting provider is wrong.

KevinTheJedi

voidsysadmin

The api/.htaccess file should never be edited. Doing so will probably break things. Also, this file should be doing the rewrite for you as you can probably see. So the changes you need to make are not code related. You will need to edit the redirect uri in osticket and in the registered app to add http.php before /api.

Once you do that it’ll only be a bandaid. You really need to get your host to figure out why api/.htaccess isn’t being loaded properly on their server.

Cheers.

voidsysadmin

KevinTheJedi I created a new subdomain, fresh install, and had the same issue again. I contacted support and they said that:

hosting support
"Thank you for the provided information.

Based on my experience, this is caused by incorrect .htaccess rules. Most specifically, this one:
RewriteRule ^.*$ %1/http.php/$1 [L]

Should be as follows:
RewriteRule ^.*$ %1/http.php/ [L]

Alternatively, you should be able to authenticate successfully after you are redirected back to the website and modify the URL by adding the http.php string to after the /api, like this:
https://tickets.mysite.org/api/http.php/auth/oauth2...

and then refresh the page which would be sufficient to authenticate with OAuth2.

Note that this is not a hosting issue and you should discuss this further with the osTicket support channels should you have any questions or require further assistance in regards to this.

me
Oct 19, 2022 02:52 PM
Ok thanks. I have tried both solutions, changing the Rewrite rule to

Should be as follows:
RewriteRule ^.*$ %1/http.php/ [L]

throws a 500 error on the page.

hosting support

I don't see an issue as per the Apache logs as there are no new entries since you applied the change. I also tested from my end and the website's homepage opens correctly. You can try the other approach I mentioned."

On top of this, I have a separate hosting company, fresh install, new Client, etc - and same issue after Google Authentication - No input file specified.

However, on this page, I manually enter the "http.php" after api/ in the search bar and it works.

voidsysadmin

voidsysadmin Some more info:

When I add it (/api/http.php/) to the Redirect URI I get this -

Here is my config:

KevinTheJedi

voidsysadmin

Their assumptions are incorrect as I use Apache with no mods to the .htaccess file and it works just fine. Also hardcoding http.php in the URL is only a bandaid. You really need to figure out why .htaccess isn’t loading properly.

Cheers.

voidsysadmin

KevinTheJedi Ok. But why do I get "Must be a valid endpoint" on the Redirect URI? For the bandaid solution.

Kevin, just an edit, I do appreciate you helping me with this headache of an issue. Its hard for me to figure out why the .htaccess isn't loading properly since I am at the mercy of the hosting provider. My team is going to setup a test environment on our on premise server, and if it works, we will build a local webserver to host so we have full control. My hope is that anyone using some of these providers such as Siteground, Dreamhost, etc. can get some resolution from these issues. IF I had full control, I would not have posted at all. Thanks for all you do here.

KevinTheJedi

voidsysadmin

I understand, we’ve seen countless issues of all varieties with shared hosts. They provide good services but their setups are more often than not god awful. And the fact that they don’t let you control hardly anything as it’s shared is even more frustrating.

That is most likely due to us expecting a url without http.php in it. You would need to customize the code to bypass that restriction.

Cheers.

KevinTheJedi

voidsysadmin

It’s in the plugin so you’ll need to un-phar the plugin and edit the files manually:

https://github.com/osTicket/osTicket-plugins/blob/1.17.x/auth-oauth2/config.php#L161

Cheers.

voidsysadmin

KevinTheJedi Thanks, I modified the code to reflect and its working. I'll still be bugging the hosting company about this Apache issue with another test instance.

KevinTheJedi

voidsysadmin

Me too. I am using the default api/.htaccess file and it's working with no mods to Apache:

<IfModule mod_rewrite.c>

RewriteEngine On

RewriteCond %{REQUEST_FILENAME} !-f 
RewriteCond %{REQUEST_FILENAME} !-d 
RewriteCond %{REQUEST_URI} (.*/api)

RewriteRule ^(.*)$ %1/http.php/$1 [L] 

</IfModule>

I did have to add the following to my main Apache config file but your host should've done this already:

Options Indexes FollowSymLinks
AllowOverride All
Require all granted

Cheers.

voidsysadmin

KevinTheJedi I just want to give an update on this for anyone using Siteground as their hosting provider with this version (1.17) and OAuth2. I tried several different install configurations, absolutely no support from the hosting company, and a few days of frustration. Do the following before installation:

-Set SSL to your domain (obviously)
-Force HTTPS in Siteground admin panel
-Turn Caching OFF in the Speed settings menu for your site (They call it NGINX DIRECT DELIVERY)
-ONLY use PHP 8.0.24 WITH UltrafastPHP - All other 8+ versions that they offer will fail and using Standard PHP causes the "No input file specified" error
-- Then do the installation per osTicket documentation.

After those settings are changed, the OAuth2 plugin will function as designed. Big thanks to Kevin on this, he is absolutely right regarding the hosting providers and their nonsense. No need to change the URI redirect if you can get them to do their jobs or find a workable solution without changing code or api/.htaccess settings.

KevinTheJedi

voidsysadmin

Absolutely wonderful and comprehensive guide. Well done my friend. It’s always a struggle with shared hosts. They always LOVE to throw the blame at the application instead of getting to the root of the issue. Kind of sad but I guess that’s how they operate these days. Always nice to hear when people work out the issue themselves and prove the hosting companies are just not helpful and downright wrong.

Cheers.

_SAmiC

old ticket, but very impressive discussion and instructions -kudo's to KevinTheJedi, voidsysadmin & ,ntozier
-- wish i could send a 'beer' as well!

i'm having a "no input file specified" issue but am not nearly as proficient as voidsysadmin.

I'm on SiteGround, fresh install of osTicket v1.18.1, with PHP 8.2.24, and Oauth2 .6 client plugin

My question is if voidsysadmin's recommendations still hold
Or were things fixed in v.1.18 PHP 8.2.24 and/or Oauth2 .6?

"Full disclosure" is that this is my 1st attempt at using Oauth2, so might be something completely different.

ADVthanksANCE,
michael grimes

KevinTheJedi

_SAmiC

There is nothing for us (osTicket) to fix; so if SiteGround has not done anything to fix this then @voidsysadmin's instructions still stands.

Cheers.