pygraphistry icon indicating copy to clipboard operation
pygraphistry copied to clipboard

Published 20 hours ago verified publisher icon graphistry

[BUG] SITE WIDE SSO not functional

Open webcoderz opened this issue 1 year ago • 2 comments

Describe the bug 1-3 sentences is fine 💪 site wide ORG SSO not functional in latest org sso k8s new branch

To Reproduce Code, including data, than can be run without editing: checked editing nginx conf and hot reloading changing proxy_set_header X-Forwarded-Proto $scheme; to proxy_set_header X-Forwarded-Proto https;

Expected behavior What should have happened redirect should work properly

Actual behavior What did happen when X-Forwarded-Proto $scheme the redirect uri is http and okta fails to redirect image

when changing nginx conf to X-Forwarded-Proto https; the redirect_url shows at https: image

and the redirect works but i get an internal server error in the graphistry UI and in the nexus logs:

172.31.42.183:49298 - - [15/Jul/2022:18:53:01] "GET /" 200 11545
params : {'client_id': '0oa5peq29qRApSKYv5d7', 'redirect_uri': 'https://eks-dev2.grph.xyz/g/sso/oidc/Site_wide_SSO_Provider/login/callback/', 'scope': 'openid profile email', 'response_type': 'code', 'state': 'MUWuHfJSEejN'} , self.flow: pkce
2022-07-15 18:53:03,352 INFO     params : {'client_id': '0oa5peq29qRApSKYv5d7', 'redirect_uri': 'https://eks-dev2.grph.xyz/g/sso/oidc/Site_wide_SSO_Provider/login/callback/', 'scope': 'openid profile email', 'response_type': 'code', 'state': 'MUWuHfJSEejN'} , self.flow: pkce
Internal Server Error: /g/sso/oidc/Site_wide_SSO_Provider/login/callback/
Traceback (most recent call last):
  File "/opt/conda/envs/rapids/lib/python3.8/site-packages/asgiref/sync.py", line 330, in thread_handler
    raise exc_info[1]
  File "/opt/conda/envs/rapids/lib/python3.8/site-packages/django/core/handlers/exception.py", line 38, in inner
    response = await get_response(request)
  File "/opt/conda/envs/rapids/lib/python3.8/site-packages/django/core/handlers/base.py", line 233, in _get_response_async
    response = await wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/opt/conda/envs/rapids/lib/python3.8/site-packages/asgiref/sync.py", line 296, in __call__
    ret = await asyncio.wait_for(future, timeout=None)
  File "/opt/conda/envs/rapids/lib/python3.8/asyncio/tasks.py", line 455, in wait_for
    return await fut
  File "/opt/conda/envs/rapids/lib/python3.8/site-packages/asgiref/current_thread_executor.py", line 23, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/opt/conda/envs/rapids/lib/python3.8/site-packages/asgiref/sync.py", line 334, in thread_handler
    return func(*args, **kwargs)
  File "/opt/conda/envs/rapids/lib/python3.8/contextlib.py", line 75, in inner
    return func(*args, **kwds)
  File "/opt/conda/envs/rapids/lib/python3.8/site-packages/allauth/socialaccount/providers/oauth2/views.py", line 77, in view
    return self.dispatch(request, *args, **kwargs)
  File "/opt/graphistry/apps/core/nexus/./nexus/allauth_ext/socialaccount/providers/graphistry_oidc/views.py", line 270, in dispatch
    return self.dispatch_new(request, *args, **kwargs)
  File "/opt/graphistry/apps/core/nexus/./nexus/allauth_ext/socialaccount/providers/graphistry_oidc/views.py", line 298, in dispatch_new
    login = self.adapter.complete_login(
  File "/opt/graphistry/apps/core/nexus/./nexus/allauth_ext/socialaccount/providers/graphistry_oidc/views.py", line 138, in complete_login
    login = self.get_provider().sociallogin_from_response(request, extra_data)
  File "/opt/conda/envs/rapids/lib/python3.8/site-packages/allauth/socialaccount/providers/base.py", line 83, in sociallogin_from_response
    uid = self.extract_uid(response)
  File "/opt/graphistry/apps/core/nexus/./nexus/allauth_ext/socialaccount/providers/graphistry_oidc/provider.py", line 65, in extract_uid
    org = sso.organization.slug
AttributeError: 'NoneType' object has no attribute 'slug'

Screenshots If applicable, any screenshots to help explain the issue

Browser environment (please complete the following information):

  • OS: [e.g. iOS]

  • Browser [e.g. chrome, safari]

  • Version [e.g. 22]

  • chrome latest

Graphistry GPU server environment

  • Where run [e.g., Hub, AWS, on-prem] AWS EKS
  • If self-hosting, Graphistry Version [e.g. 0.14.0, see bottom of a viz or login dashboard]
  • Graphing the planet with version v2.39.17-koa-sso-new.
  • If self-hosting, any OS/GPU/driver versions

PyGraphistry API client environment

  • Where run [e.g., Graphistry 2.35.9 Jupyter]
  • Version [e.g. 0.14.0, print via graphistry.__version__]
  • Python Version [e.g. Python 3.7.7]

Additional context Add any other context about the problem here.

webcoderz avatar Jul 15 '22 19:07 webcoderz

Likely breaks web file uploader ui:

https://github.com/graphistry/graphistry/blob/4b5f171ce4455252a4bc029f6895b5b15734ed31/apps/nginx/conf/default.conf.template#L975

6:11 PM https://github.com/graphistry/graphistry/blob/4b5f171ce4455252a4bc029f6895b5b15734ed31/apps/nginx/conf/default.conf.template#L999

lmeyerov avatar Jul 23 '22 01:07 lmeyerov

Need to rebuild + test skinny: is django properly reading fixed nginx/caddy?

lmeyerov avatar Jul 23 '22 01:07 lmeyerov