Forums  ›  Cheetah  ›  Bug Reports
 

Cheetah Connect Issues - v 1.2.0 B1

 

I may just drop Cheetah connect. As you pointed out, i also don't see a lot of people needing it.

I second just removing it; at least for now anyway.  We could return to it at a later date if it is needed.  There are more important things to worry about fixing and improving.

I may just drop Cheetah connect. As you pointed out, i also don't see a lot of people needing it.

And further research shows oauth does not need the sessions table, so that other option will not matter for that. Only cheetah connect needed it.

I will still be making some adjustments to the sessions table handling to try and prevent dolphins past problems with that table.

 

 

Yes, dolphcon is correct. Module classes were not renamed in that module yet due to problems i was running into when converting it to cheetah.

OK, understand.  Could we change the language keys?

 

In dolphin the Enable CSRF token in forms is on by default. I shut it off by default in cheetah due to common problems with the sessions table in dolphin when it got really large. I was unaware that the connect and oauth modules required that option to be on.

If that is the case, then it will still be a problem.  The question here is how many people will need to connect from one Cheetah based site to another Cheetah based site?  It could be that we just do away with Cheetah connect.  I think Dolphin Connect was created because a few people wanted the feature.  I was testing it but not sure I will be using it in any future project.

However, if it is an issue with the oauth module as well, then the issue with the sessions table needs to be addressed because oauth is how we connect with other platforms such as Rocket.Chat.

Ok turns out the advanced option Enable CSRF token in forms needs to be on for both sites. In Cheetah that option is off by default.

There is still a different problem, but at least with that option on, it generates the csrf tokens so the state param gets generated. But there is still another issue when it redirects back to create the account. I will tackle that one next.

In dolphin the Enable CSRF token in forms is on by default. I shut it off by default in cheetah due to common problems with the sessions table in dolphin when it got really large. I was unaware that the connect and oauth modules required that option to be on.


Yes, dolphcon is correct. Module classes were not renamed in that module yet due to problems i was running into when converting it to cheetah.

Tests so far indicate the module is not generating a csrf token. I will continue work on it.

State enforcement can be shut off in the oauth module which allows the connect module to get a bit further, but still fails. So i am guessing the converting of that module to cheetah broke more than i had anticipated.

However, there were problems with that module awhile back in dolphin as well, so i may install a couple of dolphin test sites just to make sure the module was working in dolphin 7.4.2 in the first place.

I was looking at the language keys for the Cheetah Connect module and found:

_sys_module_dolphcon (Cheetah Connect) Edit
_ch_dolphcon (Cheetah Connect) Edit
_ch_dolphcon_settings (Cheetah Connect) Edit
_ch_dolphcon_information (Cheetah Connect) Edit
_ch_dolphcon_auth_title (Cheetah Connect) Edit

I am trying the cheetah connect module.  I get an error reported.  I also noted in the url reference to Dolphin which I will post with site information redacted using the word "REDACTED"

The error message returned was: 

The state parameter is required

Looking at the url I have:

https://REDACTED.com/m/oauth2/auth?response_type=code&client_id=ripnggpbes&redirect_uri=https://REDACTED.com/m/dolphcon/handle&scope=basic&state=

If you notice, it is going to a dolphcon module on the beta site we have set up for testing the new Cheetah.

 

 

Forums  ›  Cheetah  ›  Bug Reports