No userinfo was found
Closed this issue · 6 comments
A user is able to successfully login, however, their userinfo, access token, id token, etc is returning None.
Here my configuration
provider_info = ProviderMetadata(issuer=env.get("ISSUER"), authorization_endpoint=env.get("AUTHORIZATION_ENDPOINT"), jwks_uri=env.get("JWKS_ENDPOINT"))
client_info = ClientMetadata(env.get("CLIENT_ID"), env.get("CLIENT_SECRET"))
config = ProviderConfiguration(provider_metadata=provider_info, client_metadata=client_info, userinfo_http_method="GET", auth_request_params={'scope': ['openid', 'email']})
OIDC_SECRETKEY = env.get("OIDC_SECRETKEY")
OIDC_SECRETKEY_VAL = str(OIDC_SECRETKEY).encode('ISO-8859-1').decode('unicode-escape')
app.config.update({'OIDC_REDIRECT_URI': env.get("DOMAIN") + '/oidc_callback',
"SECRET_KEY": OIDC_SECRETKEY_VAL,
'PERMANENT_SESSION_LIFETIME': 7200})
auth = OIDCAuthentication({'default': config}, app)
and in the actual route
@app.route("/")
@auth.oidc_auth('default')
def homepage():
user_session = UserSession(session)
print(user_session.is_authenticated()) # True
print(user_session.userinfo) # None
print(user_session.access_token) # None
print(user_session.refresh_token) # None
print(user_session.id_token) # None
From your config it looks like you are using static provider configuration, in which case you need to also specify the userinfo_endpoint to make sure the UserInfo request is made.
From the docs:
As mentioned in OpenID Connect specification, userinfo_endpoint is optional. If it’s not provided, no userinfo request will be done and flask_pyoidc.UserSession.userinfo will be set to None.
Having an access token is also a prerequisite for the UserInfo request to work, so it might also be related to that problem. Without more details I can't really tell why there is no tokens in the session. Can you see any error in the logs, or could it be that your provider is not returning any tokens for your given configuration?
The issue was my userinfo had exceed the limit a browser can handle a cookie which caused the issue. I disabled a field for userinfo and it started working again.
Reopening because this did not fix my problem, I am still receiving no data even after adding the userinfo endpoint to my provider metadata
Sorry to hear you're still experiencing problems!
Is there any error in the logs? If you configure debug level logging (logging.basicConfig(level=logging.DEBUG, ...), you should see all the HTTP requests and responses, which could help pinpoint where the problem is.
If it could still be related to the size of data returned from your provider, you might want to try changing the Flask session storage to use server-side storage (instead of putting all the data in the cookie).
For static configuration, one also is required to specify the "token_endpoint". Flask-pyoidc needs that endpoint to exchange the received code for further info from the OP. Samuel you might want to add that configuration detail to the example in the docs.