tomasvotava/fastapi-sso

SSO Errors

Closed this issue · 2 comments

pausanchezv commented

First of all thanks for this library, I'm so grateful I can use it!

Having said that, there are bugs that need addressing:

  1. Authorization code has expired. Some of my users cannot log in due to this error.
New Platform ErrorsCaught HTTP ExceptionEnvironment: PROD - Status Code: 500Error: Oauth Facebook callback error ({'message': 'This authorization code has expired.', 'type': 'OAuthException', 'code': 100, 'error_subcode': 36007, 'fbtrace_id': 'A_yVQZZWD7NvqeVMHbShI0u'}) Traceback: Traceback (most recent call last):File "/app/app/views/auth.py", line 69, in facebook_callbackopen_id_user: OpenID = await facebook_sso.verify_and_process(request)File "/usr/local/lib/python3.10/site-packages/fastapi_sso/sso/base.py", line 359, in verify_and_processreturn await self.process_login(File "/usr/local/lib/python3.10/site-packages/fastapi_sso/sso/base.py", line 498, in process_loginself.oauth_client.parse_request_body_response(json.dumps(content))File "/usr/local/lib/python3.10/site-packages/oauthlib/oauth2/rfc6749/clients/base.py", line 427, in parse_request_body_responseself.token = parse_token_response(body, scope=scope)File "/usr/local/lib/python3.10/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 441, in parse_token_responsevalidate_token_parameters(params)File "/usr/local/lib/python3.10/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 448, in validate_token_parametersraise_from_error(params.get('error'), params)File "/usr/local/lib/python3.10/site-packages/oauthlib/oauth2/rfc6749/errors.py", line 400, in raise_from_errorraise CustomOAuth2Error(error=error, **kwargs)oauthlib.oauth2.rfc6749.errors.CustomOAuth2Error: ({'message': 'This authorization code has expired.', 'type': 'OAuthException', 'code': 100, 'error_subcode': 36007, 'fbtrace_id': 'A_yVQZZWD7NvqeVMHbShI0u'})
--
  1. Code parameter not found in callback request. You would not believe how many emails like this I receive during the day, which means, I'm losing plenty of potential clients.
Error: Oauth Google callback error (400, "'code' parameter was not found in callback request")

Traceback: Traceback (most recent call last):
File "/app/app/views/auth.py", line 41, in google_callback
open_id_user: OpenID = await google_sso.verify_and_process(request)
File "/usr/local/lib/python3.10/site-packages/fastapi_sso/sso/base.py", line 350, in verify_and_process
raise SSOLoginError(400, "'code' parameter was not found in callback request")
fastapi_sso.sso.base.SSOLoginError: (400, "'code' parameter was not found in callback request")

Thank you!

tomasvotava commented

Hi @pausanchezv, thanks for bringing this up again, I have to say I forgot about this a bit 😬 have you tried increasing the logging like I proposed in #164? The flow aparently breaks here:

  • the user confirms your application on OAuth screen
  • the provider sends authorization code back to your redirect_uri
    Either the user does not confirm and I failed to make this clear in fastapi-sso or some other error happens, but I think I'll have to know more before I can say.
tomasvotava commented

Also, the previous issue already has more information from you, I'll close this one and let's carry on there.
Merged with #164