oauth-2.0office365otrs

Where do i set up the OTRS redirect URI for oAuth?


i'm trying to set up oAUT for incomingen mails in OTRS CE 6. I completed the setup steps discribed in the manual https://otrscommunityedition.com/news/2022-10-28/o-auth2-authentication-for-email-accounts-in-otrs-ce/

But when authenticating I get the following:

Request Id: 2612ca88-32c6-40b2-b20e-..........
Correlation Id: 42440fe1-a06e-47a6-.........
Timestamp: 2022-11-04T15:53:04Z
Message: AADSTS50011: The redirect URI 'http://_______.________.be/otrs/get-oauth2-token-by-authorization-code.pl' specified in the request does not match the redirect URIs configured for the application '99fe24c1-036a-4e31-b80a-5dce3220fef3'. Make sure the redirect URI sent in the request matches one added to your application in the Azure portal. Navigate to https://aka.ms/redirectUriMismatchError to learn more about how to fix this.

It seems to redirect to http instead of https. But when i change the url to https it still does not work.

    Backend ERROR: OTRS-CGI-20 Perl: 5.26.1 OS: linux Time: Mon Nov 7 10:10:28 2022

 Message: Failed to get response for token request by authorization code for OAuth2 token configuration with ID 1.

 RemoteAddress: 109.135.15.48
 RequestURI: /otrs/get-oauth2-token-by-authorization-code.pl?code=0.ATsAKmbiQA8SC0-TSPotY_1GiMEk_plqAzFOuApdzjIg_vM7AI4.AgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P-lFxUR0K8wRyUgurdKYmyVfbMWKTtnfp5Vja-sFQUlkJvPTpV6JQPBpqOQGFp8vjKJ9fwnnqTbppSVODOTUzBuIsO3UbeeqRysUEIILvS6hfSdkxES8rG_BxS7eUZOgyRd_ZP8efnhejl51L_4DABMkLJ83Z4QG_p0xQBTcmoMRBwpNMHG5cuNRctvHnaC87SLx2snqTJ8olb8D5oWid1xcFpx68urHjH68-ALJ5BVW9dKtmqjgkWJSG4yoK9NQvxJk-wD_uzihUdTTPhsibv8G0Q-tlToaOgdnoOApFBRPb9YpG1oukfo5wfHVBuObcppyQqPO12iSPTwiiDR4xOTtbcydmS3cn8xqs0N2_ivCha1cUIUMb4_1XzzcWEWBZGejsQs5nYEKAurVeLhv8quZ5wLIn1H9bVYSmmQKe61H4XwFBAuLinv2BttuqSmA29wfSl6TG_HAuWBHCZ5FfFswrsg-0j889LHMi-cWwe16nWcLg2er6sDsugYDGL4d_8C2MQ9lZB7SqDcCG5UYP7vmxN6HEQzlTjsOSZuonjt6vP1SJb4PpjYQ-EKb9Dn0Zppi46G5hValc_CGfMGZNkT3lHaZVhek5nh5VOtjUKaJVP08n3rHcplpWPMNwRWgBcME0UshUhimePLwolXUmY1rVreIl8_i2V3q0JcfWBv-xYipirn80yt3VplfdEchcJPS_fglC2nSBTf7J0y_M5n-YqvJIctkHX8ZuSTvpcL8CwOSIRe9MbNbwc9xjmP9buOMMCEloZZjCwAslXbnetaefarfExS0evW8ME&state=ConfigID1&session_state=c69356ad-cdd3-4fc7-a7d4-b756f5134ac7

 Traceback (14240): 
   Module: Kernel::System::OAuth2Token::RequestTokenByAuthorizationCode Line: 776
   Module: Kernel::Modules::AdminOAuth2TokenConfig::_RequestTokenByAuthorizationCode Line: 410
   Module: Kernel::Modules::AdminOAuth2TokenConfig::Run Line: 52
   Module: Kernel::System::Web::InterfaceAgent::Run Line: 1172
   Module: ModPerl::ROOT::ModPerl::Registry::opt_otrs_bin_cgi_2dbin_get_2doauth2_2dtoken_2dby_2dauthorization_2dcode_2epl::handler Line: 50
   Module: (eval) (v1.99) Line: 207
   Module: ModPerl::RegistryCooker::run (v1.99) Line: 207
   Module: ModPerl::RegistryCooker::default_handler (v1.99) Line: 173
   Module: ModPerl::Registry::handler (v1.99) Line: 32

How can i fix this?

Best regards,

Tim


Solution

  • I have the same error from hour production OTRS.

    After configuring OTRS for HTTPS (OTRS force HTTPS + Apache), I had to modify the file /opt/otrs/Kernel/Config.pm and add the line :

    $Self->{HttpType} = 'https';

    (within the my "sub Load {...}" part). Then I requested a new token, this in the URL, I had the corrected "https://" and the token request finally successed !

    Hope it will help you.