Logging into Insights (koa) using LMS (koa) causing error 500

Hi everyone,

I’m trying to add insights to my Open Edx(koa) this month and I think I’m almost done… I’m on one of the final steps where I have to configure SSO/Oauth2 so when I try to login from <insights Domain> I will be redirected to the LMS to complete login.

After successfully logging in with a registered user, I receive a 500 error and get the following issue:

image.

Logs from insights:

Apr 14 04:17:28 ip-172-31-69-160 [service_variant=insights][django.request][env:no_env] ERROR [ip-172-31-69-160  18004] [log.py:222] - Internal Server Error: /complete/edx-oauth2/
Traceback (most recent call last):
  File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/core/handlers/exception.py", line 34, in inner
    response = get_response(request)
  File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/core/handlers/base.py", line 115, in _get_response
    response = self.process_exception_by_middleware(e, request)
  File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/core/handlers/base.py", line 113, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func
    response = view_func(request, *args, **kwargs)
  File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
    return view_func(*args, **kwargs)
  File "/edx/app/insights/venvs/insights/src/social-auth-app-django/social_django/utils.py", line 49, in wrapper
    return func(request, backend, *args, **kwargs)
  File "/edx/app/insights/venvs/insights/src/social-auth-app-django/social_django/views.py", line 31, in complete
    return do_complete(request.backend, _do_login, user=request.user,
  File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/actions.py", line 43, in do_complete
    user = backend.complete(user=user, *args, **kwargs)
  File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/backends/base.py", line 40, in complete
    return self.auth_complete(*args, **kwargs)
  File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/auth_backends/backends.py", line 98, in auth_complete
    user = super().auth_complete(*args, **kwargs)
  File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/utils.py", line 251, in wrapper
    return func(*args, **kwargs)
  File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/backends/oauth.py", line 387, in auth_complete
    self.process_error(self.data)
  File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/backends/oauth.py", line 379, in process_error
    raise AuthFailed(self, data.get('error_description') or
social_core.exceptions.AuthFailed: Authentication failed: unauthorized_client

I used tutor to create a superuser called insights to kind of mimic the user that discover/ecommerce creates when enabling their respective services.

In <lms Domain>/admin/oauth2_provider/application I added a new application with the following:

Client id: <generated Client id>
User: <created an insights superuser>
Redirect urls: <insightsDomain>:18110/complete/edx-oauth2/
Client type: Confidential
Authorization grant type: Authorization code
Client secret: <generated Client secret>
Name: <insights-sso>
Skip authorization: enabled

In the installation steps for insights it stated to use <insights Domain>/complete/edx-oidc/> for redirect, however it seems oidc has been replaced with oauth2 hence my change there.

I also created a record insights with the following in <lms Domain>/admin/oauth_dispath/applicationaccess/:

Application: insights
Scopes: user_id
Filters: <empty>

I’m wondering if I have to patch anything in tutor or change any of my configurations to allow this SSO to work?

Such as suggested here:

In LMS: unauthorized_client An unauthorized client tried to access your resources. - Insights setting SOCIAL_AUTH_EDX_OIDC_KEY was not found among LMS' OAuth2 Clients' Client ID. Check that LMS Client ID matches INSIGHTS_OAUTH2_KEY variable value.

I think I fixed this:

Run tutor local run lms bash, navigate to /openedx/config and use the command cat lms.env.json you’ll find the value at OAUTH_OIDC_ISSUER. Update the value SOCIAL_AUTH_EDX_OAUTH2_URL_ROOT in insights.yml to match the OAUTH_OIDC_ISSUER value.

1 Like

can you provide a playbook for doing this I would be very interested in doing the same.

Wow good job. Does this mean that you managed to get Insights to work with Tutor? Definitely a very interesting addition for many people.

@regis Still working on it… but I think I’m close. Do you know if there’s a difference in the contents of the tracking.log file when using tutor to run openedx and without using tutor to run openedx?

Edit: Actually is there a way to configure tutor to not track log this portion in tracking.log and just have the event?

2021-04-14 22:34:09,839 INFO 19 [tracking] [user None] [ip ip.here] logger.py:42 - (not log up to this part) {event}

Sure. You need to create a tutor plugin that will implement the the “openedx-common-settings” patch. In this patch, you should modify the Django logging configuration for the “tracking” logger: tutor/common_all.py at 96be0b740149e938a536e0cd78aba4e3651bf782 · overhangio/tutor · GitHub
What you need to do is to modify the “formatter” attribute. Check the Django docs for examples: Logging | Django documentation | Django

1 Like