docker-mailman icon indicating copy to clipboard operation
docker-mailman copied to clipboard

Published 20 hours ago verified publisher icon maxking

Unable to Login using Social Apps

Open brianemwd opened this issue 6 years ago • 10 comments

I have a working installation of Mailman 3 using the most current Docker images. The following social apps are showing:

Fedora, Yahoo!, OppenID, GitHub, GitLab, Google

Using any of them produces the following error:

ERROR 2018-12-24 13:06:53,157 34 django.request Internal Server Error: /accounts/openid/login/ Traceback (most recent call last): File "/usr/local/lib/python3.6/site-packages/django/core/handlers/exception.py", line 35, in inner response = get_response(request) File "/usr/local/lib/python3.6/site-packages/django/core/handlers/base.py", line 128, in _get_response response = self.process_exception_by_middleware(e, request) File "/usr/local/lib/python3.6/site-packages/django/core/handlers/base.py", line 126, in _get_response response = wrapped_callback(request, *callback_args, **callback_kwargs) File "/usr/local/lib/python3.6/site-packages/allauth/socialaccount/providers/openid/views.py", line 43, in login auth_request = client.begin(form.cleaned_data['openid']) File "/usr/local/lib/python3.6/site-packages/openid/consumer/consumer.py", line 359, in begin return self.beginWithoutDiscovery(service, anonymous) File "/usr/local/lib/python3.6/site-packages/openid/consumer/consumer.py", line 382, in beginWithoutDiscovery auth_req = self.consumer.begin(service) File "/usr/local/lib/python3.6/site-packages/openid/consumer/consumer.py", line 610, in begin assoc = self._getAssociation(service_endpoint) File "/usr/local/lib/python3.6/site-packages/openid/consumer/consumer.py", line 1178, in _getAssociation assoc = self.store.getAssociation(endpoint.server_url) File "/usr/local/lib/python3.6/site-packages/allauth/socialaccount/providers/openid/utils.py", line 104, in getAssociation base64.decodestring(stored_assoc.secret.encode('utf-8')), File "/usr/local/lib/python3.6/base64.py", line 561, in decodestring return decodebytes(s) File "/usr/local/lib/python3.6/base64.py", line 553, in decodebytes return binascii.a2b_base64(s) binascii.Error: Incorrect padding

brianemwd avatar Dec 24 '18 13:12 brianemwd

This is weird, I haven't seen this before.

Do you get the same error for other authentication providers? Have you setup the providers before using the social logins?

maxking avatar Jan 03 '19 20:01 maxking

I have not setup anything. Is there information in your documentation to setup social logins? Are none of them setup automatically with your docker images?

brianemwd avatar Jan 03 '19 20:01 brianemwd

http://docs.mailman3.org/en/latest/config-web.html#configure-social-login

It is impossible to setup social logins without having access to accounts that will be used. You have to generated API_KEY and other required secrets from your Google/Facebook/etc accounts and save them in database for Postorius to use.

maxking avatar Jan 03 '19 20:01 maxking

Ok. Well reading the documentation causes more questions as usual.

"Yes, so the way social login works in Mailman is by using a library called django-allauth. There are a few social providers already “enabled” in the Django configuration for the container images, to add more you would have change INSTALLED_APPS in your settings_local.py. There is no way to “add” any apps as the one defined in settings_local.py will override the original one (they are just python variables), so you’d have to copy the entire INSTALLED_APPS3 and then add whatever new ones you want."

  1. Is django-allauth part of your container package or do I need to install that first?

  2. Where is your mailman setup getting the "Fedora, !Yahoo, OpenID, GitHub, Gitlab, and Google from? Those are the ones showing up on my mailman installation.

  3. How and where are these "few social providers already “enabled” in the Django configuration for the container images," ?

  4. How does "so you’d have to copy the entire INSTALLED_APPS3 and then add whatever new ones you want." relate to your docker setup?

The first thing I want to do is get rid of "Fedora, !Yahoo, OpenID, GitHub, Gitlab, and Google" from showing up. However I do want to add at least Facebook, perhaps more.

brianemwd avatar Jan 03 '19 22:01 brianemwd

Is django-allauth part of your container package or do I need to install that first?

It comes pre-installed in the container image, as a dependency of Postorius (the web ui).

Where is your mailman setup getting the "Fedora, !Yahoo, OpenID, GitHub, Gitlab, and Google from? Those are the ones showing up on my mailman installation.

https://github.com/maxking/docker-mailman/blob/master/web/mailman-web/settings.py#L92-L96

It is a part of the default settings that comes with the container images.

How and where are these "few social providers already “enabled” in the Django configuration for the container images," ?

Same answer as above.

How does "so you’d have to copy the entire INSTALLED_APPS3 and then add whatever new ones you want." relate to your docker setup?

In your settings_local.py copy the whole INSTALLED_APPS section from default settings and add/remove the auth providers you want/don't want. Notice the allauth.socialaccount.providers.<provider> in the list below.

INSTALLED_APPS = (
    'hyperkitty',
    'postorius',
    'django_mailman3',
    # Uncomment the next line to enable the admin:
    'django.contrib.admin',
    # Uncomment the next line to enable admin documentation:
    # 'django.contrib.admindocs',
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.sites',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'rest_framework',
    'django_gravatar',
    'paintstore',
    'compressor',
    'haystack',
    'django_extensions',
    'django_q',
    'allauth',
    'allauth.account',
    'allauth.socialaccount',
    'django_mailman3.lib.auth.fedora',
    'allauth.socialaccount.providers.openid',
    'allauth.socialaccount.providers.github',
    'allauth.socialaccount.providers.gitlab',
    'allauth.socialaccount.providers.google',
)

You'll find a list of all the supported providers here.

maxking avatar Jan 03 '19 22:01 maxking

This should be part of the documentation. If I hadn't find this issue, it would have taken me some time to figure out how to disable the social providers.

dansou901 avatar Jan 15 '19 08:01 dansou901

I'd be happy to accept a pull request with the addition to the docs.

maxking avatar Jan 15 '19 17:01 maxking

I'll see what I can do

dansou901 avatar Jan 15 '19 17:01 dansou901

Social auth can now be disabled by adding MAILMAN_WEB_SOCIAL_AUTH = [] in the settings_local.py instead of overriding INSTALLED_APPS.

maxking avatar Sep 23 '21 20:09 maxking

Social auth can now be disabled by adding MAILMAN_WEB_SOCIAL_AUTH = [] in the settings_local.py instead of overriding INSTALLED_APPS.

This works well, thanks!

jeensg avatar Feb 13 '22 23:02 jeensg

This issue has not been updated for more than 1year

github-actions[bot] avatar Feb 14 '23 22:02 github-actions[bot]

It is impossible to setup social logins without having access to accounts that will be used. You have to generate API_KEY and other required secrets from your Google/Facebook/etc accounts and save them in database for Postorius to use.

Hi! I am following this issue as I am trying to add social login to a Mailman VENV installation. Is the storage of API_KEY and other required secrets in the DB performed from the web-UI, or do I need to add them (somehow) manually?

epifanio avatar Jan 22 '24 23:01 epifanio