I have an app deployed in many places and it uses Django Microsoft Authentication Backend. Starting yesterday when we deploy the app the auth is now not working. We get back Failed to authenticate you for an unknown reason. Please try again later. We can see in the azure logs that the login was successful. We have the same version of Django Microsoft Authentication Backend installed, but for some reason on newly built boxes it is failing but older ones it is succeeding. What could be causing this? What can we check to track down what the issue may be?
We finally found the issue - I said we had the same version of all the python packages but we did not - the new system had 2.0.1 version of pyjwt. When we downgraded to 1.7.1 it started working again. The requirements file for Django Microsoft Authentication Backend have pyjwt [required: Any]
Related
I've downloaded the last version (4.1.0) of API Manager from the official website to upgrade an API manager 4.0.0 control-plane (distributed deployment) instance.
When I try to run the API manager with 'sh api-manager.sh' passing the '-Dprofile=control-plane' via command-line (like I do in 4.0.0 version), it always returns the following error 'Caused by: java.lang.ClassNotFoundException: org.apache.synapse.transport.passthru.PassThroughHttpSender cannot be found by axis2_1.6.1.wso2v80':
error_1
(I've already tried to add the jar axis2-transport-tcp-1.0.0.jar to ../repository/components/droppins and it doesn´t work)
I've also tried to optimize the wsoam-4.1.0 installation for the profile I want to run (as suggested in the documentation), but in this situation a get a different error 'Caused by: java.io.FileNotFoundException: .../repository/deployment/server/synapse-configs/default/inbound-endpoints/WebSocketInboundEndpoint.xml (No such file or directory)':
error_2
Does anyone come across these errors? Is this a bug?
I can´t run an API Manager with the control-plane profile in 4.1.0 version.
The CNF errors are expected when you start a profile without doing optimization. I assume you ran the optimization on the same distribution you used to start the profile initially and got the second error you have mentioned. You need to use a completely new distribution to avoid these errors.
Download and extract the product distribution.
Run the profile optimization (sh profileSetup.sh -Dprofile=<profile>).
Update the necessary configurations.
Start the server in the relevant profile (sh api-manager.sh -Dprofile=<profile>).
You can follow the recommended way mentioned in WSO2 documentation[1].
[1] - https://apim.docs.wso2.com/en/latest/install-and-setup/setup/distributed-deployment/product-profiles/#starting-an-api-m-profile
I am attempting to follow Tutorial: Adding Facebook/Twitter/Google Authentication to a Django Application. The only thing I am doing differently is that I am running DjangoAppEngine on the Google App Engine development server, otherwise everything is exactly as per the tutorial.
When I get to Step 4 and actually try to authenticate with Facebook, I am getting a runtime error:
error('illegal IP address string passed to inet_pton',)
Request Method: GET
Request URL: http://localtest.com:8080/o/complete/facebook/?redirect_state=FG4K...UG1k
Django Version: 1.6.11
Exception Type: RuntimeError
Exception Location: /Applications/GoogleAppEngineLauncher.app/Contents/Resources/GoogleAppEngine-default.bundle/Contents/Resources/google_appengine/google/appengine/ext/remote_api/remote_api_stub.py in _MakeRealSyncCall, line 235
Python Executable: /usr/local/opt/python/bin/python2.7
Python Version: 2.7.11
Obviously FB is passing an approval back to my app, as the request URL includes the callback path.
It appears that something in the GoogleAppEngineLauncher is trying to look up an address and is not receiving the right data in? I'm not really sure.
In trying to resolve this, I've come across a single comment somewhere suggesting to a user that SimpleAuth might be a better way to go, but I don't understand why and I'm not really sure I want to start over if I am just missing something obvious.
Does anyone know why I am getting this error and what I can do to correct it?
It happens because the Facebook SDK depends on the awesome requests library. However, requests doesn't work on Google App Engine since the platform has some restrictions. You have to use their urlfetch APIs to fetch external contents on Google App Engine.
So yes, the official Facebook SDK won't work. You have to roll your own solution or find one that works. SimpleAuth is one of the solution that is known to have worked.
UPDATE: the original answer (starting with 'HOWEVER') is no longer necessary, just use requests 2.10.0 or above, urllib3 1.15.1 or above, and requests_toolbelt 0.6.2 or above and perform the following in your main():
from requests_toolbelt.adapters import appengine
appengine.monkeypatch()
HOWEVER if you're using older versions of requests and/or urllib3, then you need the patches below:
This can be accomplished using a patched version of requests along with the requests-toolbelt package. Threads that apply:
HTTPS not working on Google App Engine #1905
urllib3 / Contrib Modules / Google App Engine
Fixes the AppEngineManager to work within the requests framework #763
Add AppEngineAdapter for GAE users #114
Adds a monkeypatch() function that ensures all Sessions use the AppEngineAdapter compatibility class. #119
I've applied all of this and now have python-social-auth and facebook-sdk working in both local test (the dev server) and production (full App Engine).
In your vendored libraries, ensure that you have requests_toolbelt. (pip install -t lib requests_toolbelt). Then "monkeypatch" appengine support before python-social-auth ever calls requests. In my project/wsgi.py, I added the following lines:
from requests_toolbelt.adapters import appengine
appengine.monkeypatch()
python-social-auth depends on requests, so it should also exist in your vendor directory.
You must also ensure you are using requests version >= 2.10.0. This has not been released yet, so you can fake it. Edit lib/requests/__init__.py so that __build__ = 0x021000. You also must upgrade the packaged version of urllib3 in the lib/requests/packages/ directory to the latest version.
This is what worked for me.
I am trying to implement Okta login in our Python Django application. I am following tutorial on http://developer.okta.com/docs/guides/pysaml2.html . I modified code for django. But on step where function parse_authn_request_response is called I get error "SignatureError: Failed to verify signature".
I am using: Windows, Django 1.8, PySAML2
Here is the code: http://pastebin.com/g4ms9DUj
Hi I just created a django okta plugin named django-saml2-auth.
https://github.com/fangli/django-saml2-auth
It works with okta perfectly. hope you enjoy.
I faced the same error on my Flask set up for Okta. This was on a Windows machine. The reason xmlsec is not able to verify the SSL certificate, and this is due to the xmlsec library on windows.
I just moved my entire setup on Linux(Vagrant) and it worked like a charm.
But as a workaround, you can set a boolean which fails when cert validation fails to true(hardcoding). This is a bad practice. I am not too worried as our code is on Linux and working just fine.
I have installed the Cachely addon on the app, and received my CACHELY_URL. The devcenter article gives instructions about how to integrate the addon in a rails environment.
My app uses a Django environment. Is there any documentation on how to integrate the app in a Django environment? Is there a better way to have caching in a Django environment on Heroku?
I had a chat with their support team, and they communicated to me that they are being shut down by the end of the year. So, looks like I should move on to some other add-on.
I'm trying to deploy my Django app to Heroku using Neo4j's Addon.
I'm using Neo4django. Locally, in my settings.py I have the following
NEO4J_DATABASES = {
'default' : {
'HOST':'localhost',
'PORT':7474,
'ENDPOINT':'/db/data'
}
}
However, when deploying to Heroku, I change the settings to
NEO4J_DATABASES = {
'default' : {
'HOST':'<someid>.hosted.neo4j.org',
'PORT':7281,
'ENDPOINT':'/db/data/',
}
}
.. I am unable to connect to the database for authentication problems apparently.
The error at the bottom of my stack trace:
StatusException: Error [401]: Unauthorized. No permission -- see authorization schemes.
Authorization Required
.. even when I add the login and password provided by the Heroku Neo4j add-on.
Did anyone run in a similar issue before?
Thanks in advance
The Heroku-hosted Neo4j has the Gremlin plugin disabled, which is going to prevent you from running neo4django, bulbflow, or any other client-side library that requires Gremlin.
The most common solution is to run your own instance of Neo4j on AWS, and then connect to that. Please make it clear to the Neo folks that you'd like Gremlin support on Heroku- I think it was disabled because of the shared nature of the Heroku Neo4j instance, but it absolutely hobbles a number of libraries.
You can see the Neo4j config url by using heroku config --app your-app. Just use the NEO4J_URL from the environment variable in your code setup. It already contains the credentials for basic auth.
I've got this working by using graphenedb.com to host my neo4j database.
They will allow you to chose the version of neo4j that you would like hosted. If you pick 1.9.6 (or earlier), then the gremlin plugin works and so will neo4django.
You can either sign up with graphenedb via their website and create your db there or just use their heroku plugin (http://blog.graphenedb.com/blog/2014/02/06/our-new-add-on-helps-heroku-users-build-applications-on-top-of-neo4j/) which will do it all for you. The only advantage I've found of using the web interface is that you'll also get the neo4j webadmin.