docassemble
docassemble copied to clipboard
jhpyle
Configuring azure authentication fails
Deployment to an azure web service was successfull. Logging in as admin as well. Attached please find the configuration sequence.
After follwing the installation guide we were trying to configure the Azure Auth but are failing many times.
Here are the 2 error messages:
Error AttributeError: 'NoneType' object has no attribute 'split' Log Traceback (most recent call last): File "/usr/share/docassemble/local3.8/lib/python3.8/site-packages/flask/app.py", line 1950, in full_dispatch_request rv = self.dispatch_request() File "/usr/share/docassemble/local3.8/lib/python3.8/site-packages/flask/app.py", line 1936, in dispatch_request return self.view_functionsrule.endpoint File "/usr/share/docassemble/local3.8/lib/python3.8/site-packages/docassemble/webapp/server.py", line 4510, in oauth_callback social_id, username, email, name_data = oauth.callback() File "/usr/share/docassemble/local3.8/lib/python3.8/site-packages/docassemble/webapp/server.py", line 4312, in callback me.get('mail').split('@')[0], AttributeError: 'NoneType' object has no attribute 'split'
Error KeyError: 'id'
Log
Traceback (most recent call last): File "/usr/share/docassemble/local3.8/lib/python3.8/site-packages/flask/app.py", line 1950, in full_dispatch_request rv = self.dispatch_request() File "/usr/share/docassemble/local3.8/lib/python3.8/site-packages/flask/app.py", line 1936, in dispatch_request return self.view_functionsrule.endpoint File "/usr/share/docassemble/local3.8/lib/python3.8/site-packages/docassemble/webapp/server.py", line 4510, in oauth_callback social_id, username, email, name_data = oauth.callback() File "/usr/share/docassemble/local3.8/lib/python3.8/site-packages/docassemble/webapp/server.py", line 4311, in callback 'azure$' + str(me['id']), KeyError: 'id'
Any idea how to overcome this?
You should put the id and secret in double quotes in the Configuration YAML, just in case there are punctuation characters that might mislead the YAML parser.
The Azure oauth integration is working for me, so I don't think there is a problem with the code.
There is a lot that can go wrong with OAuth2. You need to make sure that in the Azure Portal you have everything configured correctly, particularly the callback URLs. They need to match your server precisely or else Azure is going to return an error message instead of information about the user.
I would keep the Network tab of the browser console open while going through the OAuth process, because if you inspect the results, you might see an informative error message about what the problem is.
Everything already done precisely as described in your reply, now the error message locks slightly different but is still present.
Error AttributeError: 'NoneType' object has no attribute 'split' Log Traceback (most recent call last): File "/usr/share/docassemble/local3.8/lib/python3.8/site-packages/flask/app.py", line 1950, in full_dispatch_request rv = self.dispatch_request() File "/usr/share/docassemble/local3.8/lib/python3.8/site-packages/flask/app.py", line 1936, in dispatch_request return self.view_functionsrule.endpoint File "/usr/share/docassemble/local3.8/lib/python3.8/site-packages/docassemble/webapp/server.py", line 4510, in oauth_callback social_id, username, email, name_data = oauth.callback() File "/usr/share/docassemble/local3.8/lib/python3.8/site-packages/docassemble/webapp/server.py", line 4312, in callback me.get('mail').split('@')[0], AttributeError: 'NoneType' object has no attribute 'split'
Von: Jonathan Pyle @.> Gesendet: Montag, 10. Mai 2021 17:38 An: jhpyle/docassemble @.> Cc: Brkic, Ivan /BSS HAM [email protected]; Author @.***> Betreff: Re: [jhpyle/docassemble] Configuring azure authentication fails (#405)
You should put the id and secret in double quotes in the Configuration YAML, just in case there are punctuation characters that might mislead the YAML parser.
The Azure oauth integration is working for me, so I don't think there is a problem with the code.
There is a lot that can go wrong with OAuth2. You need to make sure that in the Azure Portal you have everything configured correctly, particularly the callback URLs. They need to match your server precisely or else Azure is going to return an error message instead of information about the user.
I would keep the Network tab of the browser console open while going through the OAuth process, because if you inspect the results, you might see an informative error message about what the problem is.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/jhpyle/docassemble/issues/405#issuecomment-836851195, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AUAUK73M6OAHIPXCMHXG4LLTM74UPANCNFSM44RO7FMA.
Beiersdorf Shared Services GmbH, Hamburg, Registergericht Hamburg, HRB 83997, Geschaeftsfuehrer: Dr. Annette Hamann, Axel Kauhausen. __________________________________. This electronic transmission is strictly confidential and intended solely for the addressee. It may contain information which is covered by legal, professional or other privilege. If you are not the intended addressee, you must not disclose, copy or take any action in reliance of this transmission. If you have received this transmission in error, please notify us and delete the received data as soon as possible. This footnote also confirms that this email message has been swept for the presence of computer viruses. Informationhttps://www.beiersdorf.de/meta-pages/privacy-policy#further-services-offered on processing of personal data.
The error message from the docassemble isn't going to be helpful. Can you share the responses from the Network tab of the web browser?
In addition to getting the redirect URLs just right, the scopes and permissions have to be set just right or else Azure will refuse to send data about the person.
In my opinion all set just right or?
Many thanks for help Jonathan,very much appreciated.
@.***D745E4.CB531A00] @.***D745E4.CB531A00]
@.***D745E4.CB531A00] @.***D745E4.CB531A00]
Von: Jonathan Pyle @.> Gesendet: Montag, 10. Mai 2021 21:07 An: jhpyle/docassemble @.> Cc: Brkic, Ivan /BSS HAM [email protected]; Author @.***> Betreff: Re: [jhpyle/docassemble] Configuring azure authentication fails (#405)
The error message from the docassemble isn't going to be helpful. Can you share the responses from the Network tab of the web browser?
In addition to getting the redirect URLs just right, the scopes and permissions have to be set just right or else Azure will refuse to send data about the person.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/jhpyle/docassemble/issues/405#issuecomment-837165253, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AUAUK75LGXYBC2US6XITM3LTNAVFFANCNFSM44RO7FMA.
Beiersdorf Shared Services GmbH, Hamburg, Registergericht Hamburg, HRB 83997, Geschaeftsfuehrer: Dr. Annette Hamann, Axel Kauhausen. __________________________________. This electronic transmission is strictly confidential and intended solely for the addressee. It may contain information which is covered by legal, professional or other privilege. If you are not the intended addressee, you must not disclose, copy or take any action in reliance of this transmission. If you have received this transmission in error, please notify us and delete the received data as soon as possible. This footnote also confirms that this email message has been swept for the presence of computer viruses. Informationhttps://www.beiersdorf.de/meta-pages/privacy-policy#further-services-offered on processing of personal data.
I'm not sure what you were trying to provide there; I didn't get any additional information from that message.
Here is the configuration for my system (redacted) along with the network tab showing what a successful negotiation looks like.
@IvanezDog your latest error message (AttributeError: 'NoneType' object has no attribute 'split') indicates that the "email" attribute of your user is empty, but at least the token seems to be there. Maybe an admin user without an email address?
Issue solved. Login was successful with a user with email address.
Most likely the issue was caused by an incomplete configured call back address. Many thanks again for the swift support
Von: Christian Glessner @.> Gesendet: Montag, 10. Mai 2021 23:49 An: jhpyle/docassemble @.> Cc: Brkic, Ivan /BSS HAM [email protected]; Mention @.***> Betreff: Re: [jhpyle/docassemble] Configuring azure authentication fails (#405)
@IvanezDoghttps://github.com/IvanezDog your latest error message (AttributeError: 'NoneType' object has no attribute 'split') indicates that the "email" attribute of your user is empty, but at least the token seems to be there. Maybe an admin user without an email address?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHubhttps://github.com/jhpyle/docassemble/issues/405#issuecomment-837398223, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AUAUK74G5DQFO56TF3DFZYDTNBIDPANCNFSM44RO7FMA.
Beiersdorf Shared Services GmbH, Hamburg, Registergericht Hamburg, HRB 83997, Geschaeftsfuehrer: Dr. Annette Hamann, Axel Kauhausen. __________________________________. This electronic transmission is strictly confidential and intended solely for the addressee. It may contain information which is covered by legal, professional or other privilege. If you are not the intended addressee, you must not disclose, copy or take any action in reliance of this transmission. If you have received this transmission in error, please notify us and delete the received data as soon as possible. This footnote also confirms that this email message has been swept for the presence of computer viruses. Informationhttps://www.beiersdorf.de/meta-pages/privacy-policy#further-services-offered on processing of personal data.