Auth0 Error Message with WordPress

  • Resolved nickmetaljacket

    (@nickmetaljacket)


    8 years, 3 months ago

    I keep getting this message when i try to login with Auth0.

    There was a problem with your log in. This account does not have an email associated, as required by your site administrator.

    Its a shame becuase auth0 is such a good app and I want to make use of it….

    Please Help!

    Thanks!

    Nick.

    The page I need help with: [log in to see the link]

Viewing 15 replies - 1 through 15 (of 19 total)
1 2
  • Josh C

    (@auth0josh)

    8 years, 3 months ago

    Hi there @nickmetaljacket, sorry for the trouble here.

    What Connection are you using to login? Login/password or a social connection?

    Are there any relevant error messages in the Auth0 Error Log in wp-admin?

    Thanks!

    Thread Starter nickmetaljacket

    (@nickmetaljacket)

    8 years, 3 months ago

    Hi Josh,

    Thanks for the quick reply!

    Yes, Here are the errors:

    03/09/2018 20:37:02	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 20:34:54	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 20:23:02	WP_Auth0_Api_Client::create_client_grant	N/A	A client grant for vB59I_1HBEvypLOPn2dxe4JCBo5yRbMC to https://fusedojoauth.auth0.com/api/v2/ already exists. Make sure this grant at least includes update:clients, update:connections, create:connections, read:connections, create:rules, delete:rules, read:users, update:users, update:guardian_factors.
03/09/2018 20:20:47	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 20:20:15	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 19:55:24	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 19:48:22	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 19:13:36	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 19:11:36	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 19:09:54	WP_Auth0_LoginManager::redirect_login => $this->login_user()	invalid_grant	Invalid authorization code
03/09/2018 19:09:52	WP_Auth0_LoginManager::redirect_login => $this->login_user()	invalid_grant	Invalid authorization code
03/09/2018 19:09:45	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 19:09:13	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 19:08:33	WP_Auth0_LoginManager::redirect_login => $this->login_user()	invalid_grant	Invalid authorization code
03/09/2018 19:08:22	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 18:57:15	WP_Auth0_Api_Client::get_token	http_request_failed	cURL error 28: Operation timed out after 5000 milliseconds with 0 out of 0 bytes received
03/09/2018 18:52:45	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 18:52:21	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 18:21:32	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"unauthorized_client","error_description":"Grant type 'client_credentials' not allowed for the client.","error_uri":"https://auth0.com/docs/clients/client-grant-types"}
03/09/2018 18:21:09	WP_Auth0_LoginManager::redirect_login => $this->login_user()	invalid_grant	Invalid authorization code

    I am using socila login and login/password connections.

    Thanks,

    Nick.

    tljwrdprss

    (@tljwrdprss)

    8 years, 2 months ago

    Hi, I am getting the same error after upgrading. Any resolution on this?

    Josh C

    (@auth0josh)

    8 years, 2 months ago

    Sorry for leaving this hanging, @nickmetaljacket, and thanks for the additional post @tljwrdprss!

    It sounds like the Client was not able to update after the upgrade. Look under the Client setup section here:

    https://auth0.com/docs/cms/wordpress/configuration#client-setup

    … around step 8, it’s possible that you don’t have Client Grant turned on. Once that’s in order, check to make sure the Client can access the management API:

    https://auth0.com/docs/cms/wordpress/configuration#authorize-the-client-for-the-management-api

    Let me know if you’re still having issues!

    tljwrdprss

    (@tljwrdprss)

    8 years, 2 months ago

    Hi Josh, I was playing around with the plugin after I posted and I changed the client signing algorithm to hs256 (which is what we were using before the upgrade). The instructions recommend rs256. I also turned to Auth0 Implicit Flow as this thread recommended and I was able to login to my app using the auth0 lock.

    Do those changes and outcome make sense to you?

    Josh C

    (@auth0josh)

    8 years, 2 months ago

    @tljwrdprss – Implicit flow should not be used except in the rare case where your server is blocked form calling out to Auth0. If these errors showed up after an upgrade and your server configuration has not changed then I would recommend turning that off (will be deprecated eventually). RS256 is recommended, yes, and needs to be set in the Client settings and in WordPress. Again, if that didn’t change on either end then that’s not the issue.

    Did you walk through the Configuration doc I posted? That’s probably going to be where you find the fix, those errors are very specific about the Grant Type.

    • This reply was modified 8 years, 2 months ago by Josh C. Reason: clarity
    tljwrdprss

    (@tljwrdprss)

    8 years, 2 months ago

    We’ve been through the config doc several times, includuding the grant types which are set to:

    Implicit
    Authorization Code
    Refresh Token
    Client Credentials

    As soon as we upgraded we starting getting the error message “There was a problem with your log in. This account does not have an email associated, as required by your site administrator.”

    A nothing has changed since.

    Is is possible I need to change or update the API token. That’s about the only config I haven’t changed.

    tljwrdprss

    (@tljwrdprss)

    8 years, 2 months ago

    “A nothing has changed since” means no matter what we’ve tried we keep getting the same error.

    Josh C

    (@auth0josh)

    8 years, 2 months ago

    Are you seeing any relevant entries in the Auth0 error log in wp-admin? The ones from the OP are definitely related to that missing grant so I assumed you were seeing the same.

    You can try saving a new API token but those expire so the plugin doesn’t rely on them for the login process.

    tljwrdprss

    (@tljwrdprss)

    8 years, 2 months ago

    Hi, sorry, didn’t realize that would come out like that. The error message I see include. I reduced them to unique errors below.

    
Date	Section	Error code	Message
03/16/2018 18:22:18	WP_Auth0_UsersRepo::find_auth0_user	N/A	Empty user id

03/16/2018 17:55:06	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"access_denied","error_description":"Client is not authorized to access \"http://geekout-api.geopath.org/library/\". You might probably want to create a \"client-grant\" associated to this API. See: https://auth0.com/docs/api/v2#!/Client_Grants/post_client_grants"}

03/16/2018 17:54:25	WP_Auth0_LoginManager::redirect_login => $this->login_user()	invalid_grant	Invalid authorization code

03/16/2018 17:51:32	WP_Auth0_Api_Client::get_client_token	N/A	{"error":"access_denied","error_description":"Client is not authorized to access \"http://geekout-api.geopath.org/library/\". You might probably want to create a \"client-grant\" associated to this API. See: https://auth0.com/docs/api/v2#!/Client_Grants/post_client_grants"}

03/16/2018 14:43:03	WP_Auth0_LoginManager::redirect_login => $this->login_user()	invalid_request	Missing required parameter: code

03/16/2018 13:17:56	WP_Auth0_DBManager::install_db	N/A	Expired token

03/16/2018 12:51:44	WP_Auth0_Api_Client::search_connection	N/A	{"statusCode":401,"error":"Unauthorized","message":"Expired token received for JSON Web Token validation","attributes":{"error":"Expired token received for JSON Web Token validation"}}
    Thread Starter nickmetaljacket

    (@nickmetaljacket)

    8 years, 2 months ago

    So essentially the client grant should be on….

    tljwrdprss

    (@tljwrdprss)

    8 years, 2 months ago

    I think I found the issue. The dev had set the API Identifier (audience) in the plugin incorrectly. Thanks for your help.

    Josh C

    (@auth0josh)

    8 years, 2 months ago

    @nickmetaljacket – Client Credentials grant turned on for the client and the Client authorized for the Management API. Older Clients did not have the Client Credentials grant turned on by default, though there is code in there to update Clients (3.5.1 patch) to rectify that.

    @tljwrdprss – Happy to help! That was set to a default value when the plugin updated so it might not have been the right value. I am curious, though, why that would be different. It’s expecting to access the management API and the audience there doesn’t change.

    tljwrdprss

    (@tljwrdprss)

    8 years, 2 months ago

    @auth0josh – I wish I could give you more info. I noticed the audience url was set to something that couldn’t be right. So I updated that and then it worked.

    It could have been in combo with other changes I made based on your suggestions.

    I’m not a developer, so my understanding of how all this works is very limited!

    If I find out anything else that explains the problems I was having, I’ll let you know.

    Josh C

    (@auth0josh)

    8 years, 2 months ago

    @tljwrdprss – Last question … without giving away any sensitive information, did the audience value that works look like the below?

    https://<your client domain>/api/v2/

Viewing 15 replies - 1 through 15 (of 19 total)
1 2

The topic ‘Auth0 Error Message with WordPress’ is closed to new replies.