I’m trying to add insights to my Open Edx(koa) this month and I think I’m almost done… I’m on one of the final steps where I have to configure SSO/Oauth2 so when I try to login from
<insights Domain> I will be redirected to the LMS to complete login.
After successfully logging in with a registered user, I receive a 500 error and get the following issue:
Logs from insights:
Apr 14 04:17:28 ip-172-31-69-160 [service_variant=insights][django.request][env:no_env] ERROR [ip-172-31-69-160 18004] [log.py:222] - Internal Server Error: /complete/edx-oauth2/ Traceback (most recent call last): File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/core/handlers/exception.py", line 34, in inner response = get_response(request) File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/core/handlers/base.py", line 115, in _get_response response = self.process_exception_by_middleware(e, request) File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/core/handlers/base.py", line 113, in _get_response response = wrapped_callback(request, *callback_args, **callback_kwargs) File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func response = view_func(request, *args, **kwargs) File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view return view_func(*args, **kwargs) File "/edx/app/insights/venvs/insights/src/social-auth-app-django/social_django/utils.py", line 49, in wrapper return func(request, backend, *args, **kwargs) File "/edx/app/insights/venvs/insights/src/social-auth-app-django/social_django/views.py", line 31, in complete return do_complete(request.backend, _do_login, user=request.user, File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/actions.py", line 43, in do_complete user = backend.complete(user=user, *args, **kwargs) File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/backends/base.py", line 40, in complete return self.auth_complete(*args, **kwargs) File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/auth_backends/backends.py", line 98, in auth_complete user = super().auth_complete(*args, **kwargs) File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/utils.py", line 251, in wrapper return func(*args, **kwargs) File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/backends/oauth.py", line 387, in auth_complete self.process_error(self.data) File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/backends/oauth.py", line 379, in process_error raise AuthFailed(self, data.get('error_description') or social_core.exceptions.AuthFailed: Authentication failed: unauthorized_client
I used tutor to create a superuser called
insights to kind of mimic the user that discover/ecommerce creates when enabling their respective services.
<lms Domain>/admin/oauth2_provider/application I added a new application with the following:
Client id: <generated Client id> User: <created an insights superuser> Redirect urls: <insightsDomain>:18110/complete/edx-oauth2/ Client type: Confidential Authorization grant type: Authorization code Client secret: <generated Client secret> Name: <insights-sso> Skip authorization: enabled
In the installation steps for insights it stated to use
<insights Domain>/complete/edx-oidc/> for redirect, however it seems oidc has been replaced with oauth2 hence my change there.
I also created a record
insights with the following in
Application: insights Scopes: user_id Filters: <empty>
I’m wondering if I have to patch anything in tutor or change any of my configurations to allow this SSO to work?
Such as suggested here:
In LMS: unauthorized_client An unauthorized client tried to access your resources. - Insights setting SOCIAL_AUTH_EDX_OIDC_KEY was not found among LMS' OAuth2 Clients' Client ID. Check that LMS Client ID matches INSIGHTS_OAUTH2_KEY variable value.