Has anyone had this error after login using the Microsoft OAuth2 login connector? attached service center error log
Are the users getting a 404 screen? If so following these steps as described in the documentation;
Solution: 404, page not found with the CallbackPage
Should you get (in)frequent 404 page not found errors for the CallbackPage after logging in you need to do the following steps;
1. Install the Factory Configuration application and open this application on your environment(s)
2. In the tab "Shared Configuration" create a new Shared Configuration of kind "web.config_XSL"
3. Fill in a name and optionally a description
4. Add the following Value and Save the configuration
5. In the tab "eSpaces" search for microsoftloginconnector
6. Select "MicrosoftLoginConnector" and/or "MicrosoftLoginConnectorReactive"
7. Select the newly created Shared Configuration in the dropdown and click on "Associate Shared Configuration"
8. Republish the Microsoft Login Connector components via Service Center
they only get this
I still guess it is related to my solution. My guess is that AAD is returning a payload that is to large for the default configuration of OutSystems. You need to use Factory Configuration to change this.
It would help though to see the response url AAD accessed. Including the parameters. If you think this could lead to a security vault then wait one hour after receiving the url before you post it. It will then no longer be valid.
Could it be that the returned token is so big that it does not fit in the AccessToken field of the TokenRequest entity. It is set to 6000 which should be more than enough.... but.
@Paulo Ribeiro Could you request a token with Postman and check the size?
whats the value referred to in Step 4?
Have you read the documentation? It's in there. https://www.outsystems.com/forge/component-documentation/6933/microsoft-login-connector-reactive/0
This issue is absolutely caused by the redirect URL from Microsoft being too long for the default OutSystems factory to handle, especially in personal environments. Basically the authentication code is so long that the URL overruns the limit imposed by the platform and you get a 404. This can be fixed in Factory Configuration like Vincent says on enterprise installations. However, on personal environments you cannot run Factory Configuration and therefore cannot proceed.
Here is a snippet from the documentation I put together for a similar component, credit to the authors of the Microsoft Login Connector:
This error occurs when the URL length is limited on your platform or in IIS. For this reason, this component will not work in personal environments. However, in enterprise environments you can use the following steps to increase this maximum length:
<?xml version="1.0" encoding="UTF-8"?><xsl:stylesheet version="1.0"xmlns:xsl="http://www.w3.org/1999/XSL/Transform"><xsl:output method="xml" indent="yes" encoding="UTF-8"/><xsl:template match="@*|node()"><xsl:copy><xsl:apply-templates select="@*|node()"/></xsl:copy></xsl:template><xsl:template match="/configuration/system.webServer/security/requestFiltering"><xsl:copy><xsl:apply-templates select="@*|node()"/><requestLimits maxUrl="4096" maxQueryString="2048"/></xsl:copy></xsl:template></xsl:stylesheet>
Apply the configuration to all espaces that contain your callback screens or just to all espaces in your environment. You will need to do this in all your environments.