Add a config setting to opt-out of endpoint verification

Use test.salesforce.com or www.salesforce.com for your endpoints, instead of the CS-, NA-, or vanity subdomains.

This has generated enough error reports that I think it's probably worth providing an opt-out for this feature

Patch will contain:
* Add a new config bool like endpoint_url_validation default to TRUE
* Wrap the url check in ::getIdentity() with a conditional
* Expose the setting on the settings form
* Add a hook_update_N to set TRUE on existing sites

I'm also getting the same error
Salesforce identity does not match salesforce endpoint: you need to re-authenticate
when connecting to my companies sandbox or uat box, whose urls are like https://company--yoda.lightening.force.com
but I'm able to connect to login.salesforce.com with out any issues, it worked, so issue is only with these urls I think
When is the patch going to be released ?

I've also ran into this issue in my developement environment connecting to https://test.salesforce.com. I'm guessing this might be because I don't run localhost behind ssl, which is fine from a salesforce perspective.

I've commented out the error throw as the OP has suggested in order to continue developement.

This patch adds a "endpoint_verification" setting, enabled by default for BC.

Can someone please try the patch, disable the new setting, and confirm that their issues are resolved?

Drupal version: 8.7.3
Salesforce version: 8.x-3.3+3-dev

Administration > Salesforce > Salesforce Authorization:

- After I save configuration in 'API / OAUTH CONNECTION SETTINGS' I receive the following messages:

Success(green) Box:
{
- Callback URL: https://dev-schaumburg.pantheonsite.io/salesforce/oauth_callback

- Successfully connected to https://na132.salesforce.com
}

Warning(yellow) Box:
{
- Salesforce identity does not match salesforce endpoint: you need to re-authenticate.
}

Below are the 'Recent log messages' I receive when attempting to save configuration.

Dropbox (error screenshots): https://www.dropbox.com/sh/fcbks6v5js6kksc/AABOP6oHK2tAB-2vrvZRZocOa?dl=0

Your endpoint should be https://login.salesforce.com, not https://na132.salesforce.com

@AaronBauman

That is what I currently have, I have also tried the "https://test.salesforce.com".

Below is a link with the configuration/errors after "Save configuration" is clicked.

https://www.dropbox.com/s/iv1c6fhsp986u1j/Salesforce%20Authenticate.png?...

I see.
You should have some luck with the patch from #8 then

@AaronBauman

I should have mentioned I tried both patches on this thread and it "skipped" them.

Terminal message:
https://www.dropbox.com/s/z5odrgpwf29ajo1/Salesforce%20Patch.png?dl=0

Aaron,

I implemented patch #8 manually and immediately I was successful using 8.x-3.x

I am now able to run SF drush pull commands with Drush 9 and using BLT locally without error.

Thank you!

It seems "git apply" was not working properly for me.
I have not had time to confirm but applying the patch with another method may work when I have a minute to retry it.

The patch is still being skipped for me as well, maybe path structures are diff? – @AaronBauman

Can you provide a working patch which can be applied via composer install?

I re-created the patch myself and the same thing is happening - skipped.

I confirmed manually apply the patch will work temporarily but a working patch using composer would be ideal here. I can't really use this patch as is as composer install executes at compile when building my artifacts.

Additional Note

https://www.drupal.org/project/salesforce/issues/3063165

Salesforce Pull module using Drush 9 commands do not work by only updating to 3.3.x current state. There must be some additional core or vendor dependencies for commands to work.
- This currently requires: An update of Drupal core to 8.6.17+ (or less – I did not test 8.6.11-8.6.16);
- Then, patching Salesforce module 3.3.x with the provided endpoint for no verification patch for issue 3045542
- Then, review the link for dependencies Forcecom-Toolkit-for-PHP which has introduced issues using composer with the modules

I was able to apply the patch using composer by removing the module directory and composer.lock file, then re-installing

Hello team,

I created issue #3066530 which is very related to this one.

Before we move ahead and try to install the patch provided above, can somebody check and confirm it is still the best option? Is the changes from the patch in version 3.3 of the module?

The new config is committed.
This includes a database update, which should be applied before making any changes in UI or config.

I still get Salesforce identity does not match salesforce endpoint: you need to re-authenticate. on Sandbox, using test.salesforce.com

I have used patch #8. but still same issue