Error in setting up M365 OAuth login

BURUGUDUYSTUNSTUGUDUNSTUY

Good day everyone,

Hitting a wall in making MSFT OAuth to work (account login). Followed the guide from https://docs.osticket.com/en/latest/OAuth2/Microsoft%20Authentication%20(SSO)%20Guide.html

I was able to get into MSFT login page and input my account credentials and agree to a prompt to access my account data then 404 error.

Below is my configuration file:
#==comment osTicket configuration using Let's Encrypt SSL ==
<VirtualHost :80>
ServerName ticket.myemail.com
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.) https://%{SERVER_NAME}/$1 [R=301,L]
</virtualhost>
<VirtualHost *:443>
ServerAdmin buruguduystunstugudunstuy@myemail.com
DocumentRoot /var/www/html/osticket/upload
ServerName ticket.mydomain.com
<Directory /var/www/html/osTicket/upload>
#==comment Options Indexes FollowSymLinks MultiViews - apache not starting when enabled ==
Options FollowSymLinks
AllowOverride All
Order allow,deny
allow from all
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/osticket_error.log
CustomLog ${APACHE_LOG_DIR}/osticket.access.log combined
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/ticket.myemail.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/ticket.myemail.com/privkey.pem
</VirtualHost>

azureuser@TICKETSVR01:~$ a2enmod rewrite
Module rewrite already enabled

Local admin user is working without issues. I think the same might be true with normal user login.

Below is a snippet of error in osticket.access.log inside /var/log/apache2:

Installation details:

Have not tried configuring emails yet.

Thanks in advance everyone!

KevinTheJedi

BURUGUDUYSTUNSTUGUDUNSTUY

Always read requirements before installing. 8.3 is not supported yet; downgrade to 8.2.
The documentation states the web server must have the URL Rewrite module installed and enabled for the site.

Cheers.

BURUGUDUYSTUNSTUGUDUNSTUY

Thanks @KevinTheJedi.

Didn't occurred to me the that 8.3 was not supported yet, just read it now...PHP 8.1 - 8.2 (8.2 recommended) . Just checked OS.

Not sure about the re-write but

azureuser@TICKETSVR01:~$ a2enmod rewrite
Module rewrite already enabled

KevinTheJedi

BURUGUDUYSTUNSTUGUDUNSTUY

Then it’s not enabled for the site. Update your Apache site config and make sure AllowOverride All is added.

Cheers.

BURUGUDUYSTUNSTUGUDUNSTUY

KevinTheJedi

Hi @KevinTheJedi, thank you again for your attention and inputs. The AllowOverride All has been entered into virtualhost:
`# osTicket configuration using Let's Encrypt SSL
<VirtualHost :80>
ServerName ticket.myemail.com
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.) https://%{SERVER_NAME}/$1 [R=301,L]
</virtualhost>

<VirtualHost *:443>
ServerAdmin buruguduystunstugudunstuy@myemail.com
DocumentRoot /var/www/html/osticket/upload
ServerName ticket.myemail.combdo-cmc.ph
<Directory /var/www/html/osTicket/upload>
Options Indexes FollowSymLinks MultiViews
AllowOverride All
Order allow,deny
allow from all
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/osticket_error.log
CustomLog ${APACHE_LOG_DIR}/osticket.access.log combined
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/ticket.myemail.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/ticket.myemail.com/privkey.pem
</VirtualHost>`

a2enmod rewrite:
azureuser@TICKETSVR01:~$ sudo a2enmod rewrite Module rewrite already enabled

Just a couple of minutes ago, I've likewise included in /etc/apache2/apache2.conf with no success:
<Directory /var/www/html/osticket/upload> Options Indexes FollowSymLinks AllowOverride None Require all granted </Directory>

BTW, local login (without OAuth2) is working perfectly fine. Error is showing after entering credentials and accepting a prompt.

Thanks!

KevinTheJedi

BURUGUDUYSTUNSTUGUDUNSTUY

Hmm, maybe try editing the api/.htaccess file and changing the last RewriteRule line to the following:

RewriteRule ^(.*)$ %1/http.php/$1 [R,L]

Make sure you reload Apache to deploy the changes.

Cheers.

BURUGUDUYSTUNSTUGUDUNSTUY

KevinTheJedi

Hi @KevinTheJedi, its now working...thanks. It was an error on my part that I have entered "AllowOverride None" instead of "AllowOverride All" in /etc/apache2/apache.conf. Needless to say, I have not modified furthere the api/.htaccess.

Appreciate all the assistance @KevinTheJedi.

Now, on to the email settings.

BURUGUDUYSTUNSTUGUDUNSTUY

Now the IMAP mail error (shared mailbox):

array ( 'code' => 'Gone', 'message' => 'The API version \'V2\' has been deprecated.', )

Will check other solutions and if ever, a new ticket since new issue (different from subject).

Thanks again @KevinTheJedi

KevinTheJedi

BURUGUDUYSTUNSTUGUDUNSTUY

This is what you need:

https://forum.osticket.com/d/105728-ms-oauth2-error-the-api-version-v2-has-been-depreciated/41

Cheers.