thaihoangcfc

I've recently got this working with the tips from @Diego_Morientez re the plugin not matching a subdirectory.
centos/apache

Was only concerned with staff login so:

Here's how you extract/pack files from phar:
1st have to set the ability to write phars changing readonly to oFF in /etc/php.ini
;phar.readonly = On
phar.readonly = Off
then go to where u keep the phar file. Create a tmp dir
mkdir t
cd t
phar extract ../auth-openid-MS.phar
you get:
authentication.php
config.php
openid-MS.phar
openid_ms.php

edit openid_ms.php
for me was ( swap SUB_NAME for your subdir)
39c39

< if ($_COOKIE['LOGIN_TYPE'] === 'STAFF') header('Location: /SUB_NAME/scp/login.php');

if ($COOKIE['LOGIN_TYPE'] === 'STAFF') header('Location: /scp/login.php');
53c53

< if ($_SERVER['SCRIPT_NAME'] === '/SUB_NAME/scp/login.php' || $_SERVER['SCRIPT_NAME'] === '/open.php') {


if ($SERVER['SCRIPT_NAME'] === '/login.php' || $SERVER['SCRIPT_NAME'] === '/open.php') {
137c137

< if ($_SERVER['SCRIPT_NAME'] === '/SUB_NAME/scp/login.php') {


if ($_SERVER['SCRIPT_NAME'] === '/scp/login.php') {



Now. re-pack -
phar pack -f new_phar.phar *.php
now make a copy of original
cd ../
cp auth-openid-MS.phar auth-openid-MS-original.phar
cp t/new_phar.phar auth-openid-MS.phar

The next part is you need to make sure the agent has auth "any_available_" if not already set.




    8 days later

    in my config, after clic on LOGIN show a BLANK screen

    A blank screen usually indicates a PHP error. Please consult your PHP error logs and post the resulting error here.

    3 months later

    Hi Diego_Morientez,
    I have done all the config as said here and still I am getting blank page at url https://mydomain.com/osTicket/api/auth/ext
    I am using apache server and i have done changes in openid_ms.php as said over here.
    Still I am getting blank page after login successfuly via office365.
    I need to configure this for staff as well as clients.

    Do I need to create agents/clients before they login or it will create user based on openid login?

    Please help me as soos as possible.

    Thanks,
    Yagnesh

      M-elnady
      Hi,
      I am also facing same issue. Please help me if you got any solution for this.

      Thanks

        Hey guys,
        I have this blank screen issue sometimes too!

        3 months later

        Hey there,

        Has anyone managed to solve this blank page issue at https://mydomain.com/api/auth/ext ?

        We're still experiencing it quite often. We've looked at error logs and here what we have:

        Logs when no issue:

        2021-09-02T12:30:46.533434000Z 172.28.69.5 - - [02/Sep/2021:12:30:46 +0000] "GET /scp/login.php?do=ext&bk=openid_ms.staff HTTP/1.1" 302 732 "https://mydomain.com/scp/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36"

2021-09-02T12:30:47.118811000Z 172.28.69.5 - - [02/Sep/2021:12:30:47 +0000] "POST /api/auth/ext HTTP/1.1" 302 312 "https://login.microsoftonline.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36"

2021-09-02T12:30:47.178871000Z 172.28.69.5 - - [02/Sep/2021:12:30:47 +0000] "GET /scp/login.php HTTP/1.1" 302 600 "https://login.microsoftonline.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36"

2021-09-02T12:30:47.351747000Z 172.28.69.5 - - [02/Sep/2021:12:30:47 +0000] "GET /scp/ HTTP/1.1" 200 19378 "https://login.microsoftonline.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36"

2021-09-02T12:30:47.677194000Z 172.28.69.5 - - [02/Sep/2021:12:30:47 +0000] "GET /osta/uploads/MSF190231.jpg HTTP/1.1" 404 459 "https://mydomain.com/scp/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36"

2021-09-02T12:30:47.771250000Z 172.28.69.5 - - [02/Sep/2021:12:30:47 +0000] "GET /scp/autocron.php HTTP/1.1" 201 361 "https://mydomain.com/scp/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36"

        Logs when the blank page shows up (doesn't go further than 2nd line - see HTTP status code 200 instead of 302):

        2021-09-02T12:38:20.109544000Z 172.28.69.5 - - [02/Sep/2021:12:38:20 +0000] "GET /scp/login.php?do=ext&bk=openid_ms.staff HTTP/1.1" 302 732 "https://mydomain.com/scp/login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36"

2021-09-02T12:38:20.467889000Z 172.28.69.5 - - [02/Sep/2021:12:38:20 +0000] "POST /api/auth/ext HTTP/1.1" **200** 283 "https://login.microsoftonline.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36"

        Any idea?

        14 days later

        Referring to https://forum.osticket.com/d/99564-osticket-login-not-working-with-microsoft-edge-or-google-chrome/10
        [speaking of current version (Release - 2018-06-23) of authorisation plugin "OpenID Authentication for Microsoft in osTicket" at https://github.com/cbasolutions/osTicket-Plugins/tree/master/auth-openid-MS ]

        KevinTheJedi

        2021-09-15T00:05:02+02:00

        @XKa-MSF-OCB

        Ah, okay. So since you are using a 3rd Party Plugin you'll need to contact the developer of the plugin for further assistance.

        I was thinking this was an issue with the osTicket codebase but appears to be more of an issue with a custom, non-supported plugin.

        I will now eject myself from this convo and leave you to contact the dev of the plugin.

        Cheers.

        Would you recommend any other (standard/supported) solution for authentication in osTicket via Microsoft by any chance?
        I guess quite a lot of people/organisations would have such needs, right?

        a month later

        https://github.com/cbasolutions/osTicket-Plugins/pull/10

        osTicket plugin "OpenID Authentication for Microsoft" (plugin ID: "auth:openid-MS") v0.2_XKa-MSF-OCB_2021.09.22.0, patched from original v0.2

        Proposed fix for reoccurring problem with users being sidelined to a dead-end blank page "/api/auth/ext" on the osTicket server during authentication (osTicket PHP code being installed in the root of the web server or in a sub-directory), especially affecting Google Chrome (Mozilla Firefox seems more resilient to this problem)

        See related osTicket forum posts, such as:

        NOTE:
        This fix has already been tested and validated in our production environment for more than a month now, our users have not reported this problem anymore since - so we wanted to give our little contribution to the osTicket open-source community with this amended plugin (both PHP source and packaged PHAR file)...
        Hope this may help other people encountering similar problems.
        Should you have any problem, question, objection, remark, suggestion, etc. , any (constructive) feedback is welcome... 🙂

        23 days later

        Hello, I am able to configure the plugin, and go through the windows login. However after login, microsoft said I couldn't sign in

        I don't know what's the reason, when I checked OSticket with local login, I found when I enabled this plugin, this authentication method is not listed in Authentication Backend list, maybe that prevent MS authentication.

        Can anybody give me some helps?
        Thanks

        10 days later

        The issue is fixed, the plugins works great with osTicket V1.15.4. The issue I had before was caused be misconfiguration in Azure. When I set Enterprise Application properties "Assignment required" to "No". I can sign with my office365 account properly.

        Thanks for the great Plugin.

        Write a Reply...