Articles of oauth

oAuth2 Authentication in WordPress using WP OAuth Server and WP API plugins

I am sturggling with how authentication works in my scenario. I have WordPress site which provides set of custom APIs secured behind oAuth2 Authentication using Wp OAuth Server plugin. I started with building simple custom endpoint by extending WP REST API (WP API) plugin. I setup up my endpoint as POST /api/v1/projects, where my callback […]

OAuth Plugin Produces Error With Yahoo

I’ve recently installed the OAuth plugin in my WordPress site. For the most part, it seems to work as expected. Except when trying to login with Yahoo when it produces this error: Warning: strpos() [function.strpos]: Offset not contained in string in /home/content/36/9835836/html/wp-content/plugins/wordpress-social-login/hybridauth/Hybrid/thirdparty/OpenID/LightOpenID.php on line 87 Line 87 begins this if statement: if(($host_end = strpos($this->trustRoot, ‘/’, […]

WP OAuth Server “The grant type was not specified in the request”

I’ve installed WP OAuth Server to make an SSO thing with my WordPress, but I can’t get it to work proper. I followed this example on how to set up Single Sign On. I’m stuck at Step 3. I get this error: object(stdClass)#1 (2) { [“error”]=> string(15) “invalid_request” [“error_description”]=> string(47) “The grant type was not […]

OAuth 2 and saving the authenticated user

I have quite a peculiar scenario. I have one WordPress site (Site A) where I have a large amount of users that have registered and I use the s2member plugin to subscribe these members to allow access to parts of the website. I want to release another product that users need to subscribe separately for […]

WP – API – OAuth 1.0a Server, How to implement with AngularJS?

I making an Angular WordPress theme and I want to add authentication to it using the WP REST API – OAuth 1.0a Server plugin, which isn’t documented not very well. I get oauth_token and oauth_token_secret using Postman, But I haven’t got an idea on how to implement OAuth 1.0a in my AngularJS theme. I’ve googled […]

How do I authenticate WP users from a chrome extension?

I’m new to WordPress, and I need help. I am writing a chrome extension and intend to use wordpress as the user database. I intend that because I’m using a subscription management WP plugin that keeps our subscription information there on the WP site. I am wanting to use WP authentication to check for subscription […]

OAuth1 empty “authentication” in /wp-json

I’m trying to get a Meteor based app to login to WordPress using WP API OAuth1 plugin on the WordPress side. I’ve actually gotten pretty far with the standard /oath1 end points, which are all working. But the last step is giving me trouble. As far as I can tell I’ve installed and set everything […]

Use WordPress with a custom OAuth2 provider

I have a fresh WordPress installation and a working OAuth2 server in Node.js (made using oauth2orize). The only plugins I’ve been able to find let me use only the well-known OAuth2 endpoints such as Google, Facebook, Twitter and so forth. Is there a way for me to use this custom OAuth2 server for authentication on […]

Authenticated request to WP REST API V2 returning 403 error on /users/me

I am using WP REST API Version 2.0-beta7 together with WP OAuth Server version 3.1.91 After authenticating with the User Credentials grant type, a request to /wp-json/wp/v2/users?access_token=[ACCESS_TOKEN] returns data about all users, including their capabilities. This is private data so the access_token obtained during the authenciation flow is valid. However, using the same access_token and […]

WP-API: how do I allow authenticated clients only?

I set up an OAuth client for WP-API following the instructions for WP-API/OAuth1 on github. I was disappointed to realise afterwards that all of the site’s content remains available over the API, including all sorts of not-really-public metadata like user registration dates. I don’t want this. How do I restrict the JSON API to allow […]