-
Notifications
You must be signed in to change notification settings - Fork 96
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
All Login Attempts Suddenly Fail With Error: Signature verification failed #321
Comments
Thx |
Thanks! |
@lots0logs can you try adding |
@cocojoe Nah that doesnt help because like I said, I have my site configured to redirect the default login page to a custom one where I am using the Auth0 Lock. I see the most recent release of the plugin included changes that appear to be related to the error I'm getting now when trying to log into my site. Do you know what the problem is? |
There was an issue that in the Auth0 dashboard, new clients do not have a base64 encoded secret, so the default options was changed to set this flag to The only real change is: |
My site has been using the plugin almost since its 1.0 version. Does that mean my secret is base64 encoded? That could explain the problem I'm having, right? |
Well this setting should be stored in the database, so the change in defaults shouldn't matter for existing clients. Can you check the wp-auth0 client settings in the Auth0 Dashboard, in particular under |
I know you have the redirect but also try |
I had actually tried that before opening this issue. I'm going to try downgrading the plugin and see if the issue remains afterwards. |
@cocojoe I downgraded the plugin manually to the previous version and I can log in again. Is there thing I can provide that would help to identify and fix the bug? |
That would be great thanks, first step, what is the version of the plugin you are using now? |
@lots0logs it would be helpful if you could tell me the version of the plugin you are currently on that works fine. Thx |
Let me know if that helps track down the issue. Cheers! |
@lots0logs I believe I've got to the bottom of this and patched this for next release #324 It would be great if you could have a look at the settings info stored in the database, in Thanks for your help. |
@cocojoe I think I may have found the problem while digging in the database. I have a multisite with two sites. That means I actually have three wp-auth0 configs total (though I dont think the network-level one ever gets used..its leftover from when I first installed the plugin a couple years ago). Anyway, the serialized data of my main site's wp-auth0 config was somehow corrupt. Not sure how it happened but I use the exact same config for both sites so I just copied the other site's config over to the site where the data was corrupt (I saved the corrupted data) Do you have an email I can send the data to privately? I am about to perform a back up and try updating the plugin again unless you think I should hold off on that? |
@lots0logs sure |
Done 😃 |
Thanks I had a look at your configs, so I think you will be fine to upgrade to the upcoming release of 3.2.22 which we'll be releasing today. |
@lots0logs Did you have a chance to update? |
No, not yet. TBH, I didn't realize the update was released already 😅 I will try and get to it today and let you know how it goes! Edit: haha I see your comment said it was being released..I totally missed that the first time I read it 🤦♂️ |
No rush, never update on a Friday 😄 |
I can confirm the update went smoothly and the issue no longer occurs 🎊 Thanks!! |
This just started happening out of nowhere really. It was working fine until today. I haven't made any changes or installed any updates since last week. All login attempts redirect to a page with this error:
The logs in my Auth0 Dashboard show that the login was successful. There are no log messages from Auth0 plugin in my PHP logs or WP debug log. Please let me know what information you need that would help identify the problem. Thanks!
Edit:
Got this out of my wp database:
cc: @glena @cocojoe
The text was updated successfully, but these errors were encountered: