Thanks for the report, are you able to get the specific error message from the server logs? And any details on what specific OAuth2 service you are using (github, azure, generic)? We tested on Keycloak without problems so need to narrow this down a bit
Thread Starter
jergau
(@jergau)
Thank you for the quick reply. We use Azure. The error message from the php logs is (I truncated server information):
[27-Sep-2024 22:17:43 UTC] PHP Fatal error: Uncaught Error: Call to a member function getAccessToken() on null in /data/myserver/wp-content/plugins/check-email/include/Core/Auth.php:140Stack trace:
#0 /data/myserver/wp-content/plugins/check-email/include/Core/Auth.php(344): CheckEmail\Core\Auth->obtain_access_token()
#1 /data/myserver/wp-content/plugins/check-email/include/Core/Check_Email_Multisite.php(29): CheckEmail\Core\Auth->update_auth_code('0.AUUA44HzaNpGu...')
#2 /data/myserver/wp-includes/class-wp-hook.php(324): CheckEmail\Core\Check_Email_Multisite->check_mail_handle_outlook_callback('')
#3 /data/myserver/wp-includes/class-wp-hook.php(348): WP_Hook->apply_filters(NULL, Array)
#4 /data/myserver/wp-includes/plugin.php(517): WP_Hook->do_action(Array)
#5 /data/myserver/wp-settings.php(700): do_action('init')
#6 /var/lib/wp-conf/wp-config.php(105): require_once('/data/...')
#7 /data/myserver/wp-config.php(2): include('/var/lib/wp-con...')
#8 /data/myserver/wp-load.php(50): require_once('/data...')
#9 /data/myserver/wp-blog-header.php(13): require_once('/data/...')
#10 /data/myserver/index.php(17): require('/data/...')
#11 {main}
thrown in /data/myserver/wp-content/plugins/check-email/include/Core/Auth.php on line 140
Hm, those errors seem to be coming from a separate plugin called Check Email: https://projectdmc.org/plugins/check-email/
I see another thread in their support forum mentioning a different OAuth plugin that was broken by the latest update: https://projectdmc.org/support/topic/2-0-2-exception-breaks-wild-apricot-login/
Try reaching out there, and we’ll continue to investigate to see if we can find what the specific problem is
So it looks like the latest update to the check-email plugin (v2.0.2) introduces a hook that runs in init
and if the querystring params code
and state
exist, it intercepts the request thinking it is that plugin’s own OAuth request: https://plugins.trac.projectdmc.org/browser/check-email/trunk/include/Core/Check_Email_Multisite.php?rev=3158760#L29
So when Authorizer is processing an azure OAuth2 login, that plugin intervenes and causes the crash (because it’s not in the state they expect).
Short term workaround will be to downgrade check-email to version 2.0.1, and then hopefully they can get the bug fixed and make that function more targeted!