SSO Integrations: No module named social.backends.azuread

venkat.330 · March 17, 2020, 12:09am

I was trying to setup: SSO with azure AD following opnedx docs. After setting up this config, LMS is crashing with below exception. what is easiest way to patch this issue with tutor without rebuilding,

“FEATURES”: {
“ENABLE_LTI_PROVIDER”: true,
“ENABLE_COMBINED_LOGIN_REGISTRATION”: true,
“ENABLE_THIRD_PARTY_AUTH”: true,
}

“THIRD_PARTY_AUTH_BACKENDS”: [“social.backends.azuread.AzureADOAuth2”],

regis · March 17, 2020, 6:27am

Hi @venkat.330! I believe you forgot to post the exception you are facing.

venkat.330 · March 17, 2020, 9:24am

I though that was the subject …

lms-worker_1        |   File "./manage.py", line 120, in <module>
lms-worker_1        |     startup.run()
lms-worker_1        |   File "/openedx/edx-platform/lms/startup.py", line 19, in run
lms-worker_1        |     django.setup()
lms-worker_1        |   File "/openedx/venv/local/lib/python2.7/site-packages/django/__init__.py", line 27, in setup
lms-worker_1        |     apps.populate(settings.INSTALLED_APPS)
lms-worker_1        |   File "/openedx/venv/local/lib/python2.7/site-packages/django/apps/registry.py", line 108, in populate
lms-worker_1        |     app_config.import_models()
lms-worker_1        |   File "/openedx/venv/local/lib/python2.7/site-packages/django/apps/config.py", line 202, in import_models
lms-worker_1        |     self.models_module = import_module(models_module_name)
lms-worker_1        |   File "/usr/lib/python2.7/importlib/__init__.py", line 37, in import_module
lms-worker_1        |     __import__(name)
lms-worker_1        |   File "/openedx/edx-platform/common/djangoapps/third_party_auth/models.py", line 51, in <module>
lms-worker_1        |     _PSA_BACKENDS = {backend_class.name: backend_class for backend_class in _load_backend_classes()}
Stopping tutor_local_lms_1              ... done
lms-worker_1        |     _PSA_BACKENDS = {backend_class.name: backend_class for backend_class in _load_backend_classes()}
lms-worker_1        |   File "/openedx/edx-platform/common/djangoapps/third_party_auth/models.py", line 48, in _load_backend_classes
lms-worker_1        |     auth_class = module_member(class_path)
lms-worker_1        |   File "/openedx/venv/local/lib/python2.7/site-packages/social_core/utils.py", line 58, in module_member
lms-worker_1        |     module = import_module(mod)
lms-worker_1        |   File "/openedx/venv/local/lib/python2.7/site-packages/social_core/utils.py", line 52, in import_module
lms-worker_1        |     __import__(name)
lms-worker_1        | ImportError: No module named social.backends.azuread

regis · March 17, 2020, 10:45am

I have never used the Azure identity provider, but I’m pretty sure there is a mistake in the official Open edX docs. Please try with “social_core” instead of “social”:

"THIRD_PARTY_AUTH_BACKENDS": ["social_core.backends.azuread.AzureADOAuth2"]

EDIT: I created a PR to fix the docs upstream https://github.com/edx/edx-documentation/pull/1854

venkat.330 · March 17, 2020, 3:12pm

Thanks, it worked.

chinmaybhatk · April 17, 2020, 3:48am

@regis
How to configure the above Azure AD SSO in tutor?

chinmaybhatk · June 3, 2020, 6:34am

Hi @regis, @venkat.330,

I am trying to configure azure ad sso as below by creating plugin.

name: SSO
version: 0.1.0
patches:
  openedx-common-settings: |
    FEATURES["ENABLE_COMBINED_LOGIN_REGISTRATION"] = True
    FEATURES["ENABLE_THIRD_PARTY_AUTH"] = True
    THIRD_PARTY_AUTH_BACKENDS = ["social_core.backends.azuread.AzureADOAuth2"]

Upon running below command returns nil

grep -r SSO "$(tutor config printroot)/env/apps/openedx/settings/"

In super user login, I tried adding oauth provider, but oauth-backend doesn’t lists on the dropdown.

Any idea what could have gone wrong?

regis · June 3, 2020, 7:07am

This will not return anything because your plugin patches do not contain the “SSO” string. Install your plugin, enable it, update the environment with tutor config save, then grep AzureADOAuth2.

chinmaybhatk · June 3, 2020, 9:49am

Got the output for this. [I gave wrong command to grep earlier]

But I am unable to view the backend-name in Provider configuration of superadmin.
Screen shot attached

kmurthyhegde · June 3, 2020, 1:13pm

The plugin seems to have been installed fine.

Later we did tutor local quickstart, but the backend-name dropdown is empty.

The /lms/envs/aws.py file has the below code, which would eventually result in population of the “Backend Name” property in the database.

Are we missing any step that is perhaps not firing the required DB migrations?

regis · June 4, 2020, 1:16pm

According to the edx-platform source code, if you decide to modify the common settings, then it is AUTHENTICATION_BACKENDS which you need to modify, and not THIRD_PARTY_AUTH_BACKENDS.

THIRD_PARTY_AUTH_BACKENDS is taken into account only if it is added to the lms/cms.env.json files. Thus, to define this, you need to implement the lms-env tutor patch.

kmurthyhegde · June 4, 2020, 1:30pm

Thanks for checking this @regis.

So, the ‘Config’ plugins don’t overwite the lms.env.json files but the ‘patch’ plugins do. Is that the right understanding?

regis · June 4, 2020, 1:43pm

Yes. Adding stuff to config adds values to the $(tutor config printroot)/config.yml file, while patch statements add content to the tutor templates – including lms.env.json, the settings files, etc.

kmurthyhegde · June 5, 2020, 7:36am

Thank you. We were able to get the required entries in the lms.env.json file.