social-core icon indicating copy to clipboard operation
social-core copied to clipboard

OIDC Autoconfig does not seem to work

Open marcvs opened this issue 1 year ago • 0 comments

Expected behaviour

I use the social_core.backends.open_id_connect.OpenIdConnectAuth Class to configure my own OP. Defining OIDC_ENDPOINT = "" is not sufficient to run an authentication flow.

Actual behaviour

I need to set a couple of settings that should (as you claim in your code) be openid autoconfigured using the .well-known/opnid-configuration endpoint.

Setting AUTHORIZATION_URL = ""fixes the "internal server error", which ulitmately displays TypeError: prepare_grant_uri() got multiple values for argument 'response_type'` in the server log.

What are the steps to reproduce this issue?

  1. I was using the example from

  2. I added one configuration based on the elixir-czech configuration.

  3. I run the demo, navigating to http://localhost:8000/oauth2/elixir/authorize

  4. I get the error.

Any logs, error output, etc?

server output:

INFO: - "GET /oauth2/helmholtz/authorize HTTP/1.1" 303 See Other
self.authorization_url: <bound method OAuth2Core.authorization_url of <fastapi_oauth2.core.OAuth2Core object at 0x7f87c5b03a50>>
INFO: - "GET /oauth2/helmholtz/authorize?response_type=code&client_id=public-oidc-agent&redirect_uri=http%3A%2F%2Flocalhost%3A8000%2Foauth2%2Fhelmholtz%2Ftoken&scope=openid+profile+email&state=evCRPkZNtNwfNeesKwUyEuBwMJqGloFJ HTTP/1.1" 500 Internal Server Error
ERROR:    Exception in ASGI application
Traceback (most recent call last):
  File "/home/marcus/.local/lib/python3.11/site-packages/uvicorn/protocols/http/", line 419, in run_asgi
    result = await app(  # type: ignore[func-returns-value]
  File "/home/marcus/.local/lib/python3.11/site-packages/uvicorn/middleware/", line 78, in __call__
    return await, receive, send)
  File "/home/marcus/.local/lib/python3.11/site-packages/fastapi/", line 270, in __call__
    await super().__call__(scope, receive, send)
  File "/home/marcus/.local/lib/python3.11/site-packages/starlette/", line 124, in __call__
    await self.middleware_stack(scope, receive, send)
  File "/home/marcus/.local/lib/python3.11/site-packages/starlette/middleware/", line 184, in __call__
    raise exc
  File "/home/marcus/.local/lib/python3.11/site-packages/starlette/middleware/", line 162, in __call__
    await, receive, _send)
  File "/home/marcus/.local/lib/python3.11/site-packages/fastapi_oauth2/", line 145, in __call__
    await self.auth_middleware(scope, receive, send)
  File "/home/marcus/.local/lib/python3.11/site-packages/starlette/middleware/", line 48, in __call__
    await, receive, send)
  File "/home/marcus/.local/lib/python3.11/site-packages/starlette/middleware/", line 79, in __call__
    raise exc
  File "/home/marcus/.local/lib/python3.11/site-packages/starlette/middleware/", line 68, in __call__
    await, receive, sender)
  File "/home/marcus/.local/lib/python3.11/site-packages/fastapi/middleware/", line 21, in __call__
    raise e
  File "/home/marcus/.local/lib/python3.11/site-packages/fastapi/middleware/", line 18, in __call__
    await, receive, send)
  File "/home/marcus/.local/lib/python3.11/site-packages/starlette/", line 706, in __call__
    await route.handle(scope, receive, send)
  File "/home/marcus/.local/lib/python3.11/site-packages/starlette/", line 276, in handle
    await, receive, send)
  File "/home/marcus/.local/lib/python3.11/site-packages/starlette/", line 66, in app
    response = await func(request)
  File "/home/marcus/.local/lib/python3.11/site-packages/fastapi/", line 237, in app
    raw_response = await run_endpoint_function(
  File "/home/marcus/.local/lib/python3.11/site-packages/fastapi/", line 165, in run_endpoint_function
    return await run_in_threadpool(, **values)
  File "/home/marcus/.local/lib/python3.11/site-packages/starlette/", line 41, in run_in_threadpool
    return await anyio.to_thread.run_sync(func, *args)
  File "/usr/lib/python3/dist-packages/anyio/", line 33, in run_sync
    return await get_asynclib().run_sync_in_worker_thread(
  File "/usr/lib/python3/dist-packages/anyio/_backends/", line 877, in run_sync_in_worker_thread
    return await future
  File "/usr/lib/python3/dist-packages/anyio/_backends/", line 807, in run
    result =, *args)
  File "/home/marcus/.local/lib/python3.11/site-packages/fastapi_oauth2/", line 11, in authorize
    return request.auth.clients[provider].authorization_redirect(request)
  File "/home/marcus/.local/lib/python3.11/site-packages/fastapi_oauth2/", line 93, in authorization_redirect
    return RedirectResponse(self.authorization_url(request), 303)
  File "/home/marcus/.local/lib/python3.11/site-packages/fastapi_oauth2/", line 86, in authorization_url
    return str(self._oauth_client.prepare_request_uri(
  File "/usr/lib/python3/dist-packages/oauthlib/oauth2/rfc6749/clients/", line 100, in prepare_request_uri
    return prepare_grant_uri(uri, self.client_id, 'code',
TypeError: prepare_grant_uri() got multiple values for argument 'response_type'

Any other comments?

When I do set the AUTHORIZATION_URL, the trace in the browser does not show any sign of the client_secret or my manually modified redirect_uri being transmitted to the server.

I'm not sure what causes that yet, though.

marcvs avatar Sep 14 '23 22:09 marcvs