Let me confirm one thing… our instance happens to have a DNS entry of community.zatar.com. Would that make my DISCOURSE_HOST be community.zatar.com too?
Thanks for the suggestion. I’ve added this HTTP header to the JSON request. I tested it with Dropbox as an OAuth2 provider and it worked great. Just get the latest version and you should be good to go!
If you are hosted by us, the oAuth2 plugin should be available on all Business class hosting plans, I believe @eviltrout already enabled that for the Business container.
Oops sorry I should have been more clear – the only mandatory field is the json_user_id_path. The others are optional but you need at least one from the JSON endpoint.
I found that there is a piece of code that builds correct basic authorization header for token request:
def basic_auth_header
"Basic " + Base64.strict_encode64("#{SiteSetting.oauth2_client_id}:#{SiteSetting.oauth2_client_secret}")
end
But it looks like this code isn’t called. At least we see that our OAuth 2.0 server doesn’t receive any authorization header with the /token request. Could you please check that authorization header is actually passed to OAuth 2.0 server?
Yes, that’s correct. The problem is that the method build_access_token ain’t called. And as a result the method basic_auth_header is never called either