Hi everyone,
I’m trying to add insights to my Open Edx(koa) this month and I think I’m almost done… I’m on one of the final steps where I have to configure SSO/Oauth2 so when I try to login from <insights Domain>
I will be redirected to the LMS to complete login.
After successfully logging in with a registered user, I receive a 500 error and get the following issue:
.
Logs from insights:
Apr 14 04:17:28 ip-172-31-69-160 [service_variant=insights][django.request][env:no_env] ERROR [ip-172-31-69-160 18004] [log.py:222] - Internal Server Error: /complete/edx-oauth2/
Traceback (most recent call last):
File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/core/handlers/exception.py", line 34, in inner
response = get_response(request)
File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/core/handlers/base.py", line 115, in _get_response
response = self.process_exception_by_middleware(e, request)
File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/core/handlers/base.py", line 113, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/views/decorators/cache.py", line 44, in _wrapped_view_func
response = view_func(request, *args, **kwargs)
File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/django/views/decorators/csrf.py", line 54, in wrapped_view
return view_func(*args, **kwargs)
File "/edx/app/insights/venvs/insights/src/social-auth-app-django/social_django/utils.py", line 49, in wrapper
return func(request, backend, *args, **kwargs)
File "/edx/app/insights/venvs/insights/src/social-auth-app-django/social_django/views.py", line 31, in complete
return do_complete(request.backend, _do_login, user=request.user,
File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/actions.py", line 43, in do_complete
user = backend.complete(user=user, *args, **kwargs)
File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/backends/base.py", line 40, in complete
return self.auth_complete(*args, **kwargs)
File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/auth_backends/backends.py", line 98, in auth_complete
user = super().auth_complete(*args, **kwargs)
File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/utils.py", line 251, in wrapper
return func(*args, **kwargs)
File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/backends/oauth.py", line 387, in auth_complete
self.process_error(self.data)
File "/edx/app/insights/venvs/insights/lib/python3.8/site-packages/social_core/backends/oauth.py", line 379, in process_error
raise AuthFailed(self, data.get('error_description') or
social_core.exceptions.AuthFailed: Authentication failed: unauthorized_client
I used tutor to create a superuser called insights
to kind of mimic the user that discover/ecommerce creates when enabling their respective services.
In <lms Domain>/admin/oauth2_provider/application
I added a new application with the following:
Client id: <generated Client id>
User: <created an insights superuser>
Redirect urls: <insightsDomain>:18110/complete/edx-oauth2/
Client type: Confidential
Authorization grant type: Authorization code
Client secret: <generated Client secret>
Name: <insights-sso>
Skip authorization: enabled
In the installation steps for insights it stated to use <insights Domain>/complete/edx-oidc/>
for redirect, however it seems oidc has been replaced with oauth2 hence my change there.
I also created a record insights
with the following in <lms Domain>/admin/oauth_dispath/applicationaccess/
:
Application: insights
Scopes: user_id
Filters: <empty>
I’m wondering if I have to patch anything in tutor or change any of my configurations to allow this SSO to work?
Such as suggested here:
In LMS: unauthorized_client An unauthorized client tried to access your resources. - Insights setting SOCIAL_AUTH_EDX_OIDC_KEY was not found among LMS' OAuth2 Clients' Client ID. Check that LMS Client ID matches INSIGHTS_OAUTH2_KEY variable value.