Re: OAUTH2 Problem with AzureAD - Mailing list pgadmin-support
| From | Asmita Thapliyal |
|---|---|
| Subject | Re: OAUTH2 Problem with AzureAD |
| Date | |
| Msg-id | CAMgBNbFkUJwj3NOO1SpBR5dxGEwh-QqkU8yHCJRWF8Na90Pvnw@mail.gmail.com Whole thread Raw |
| In response to | Re: OAUTH2 Problem with AzureAD (Khushboo Vashi <khushboo.vashi@enterprisedb.com>) |
| List | pgadmin-support |
{'error': {'code': 'BadRequest', 'message': "Resource not found for the segment 'profile'.", 'innerError': {'date': '2022-04-20T09:37:23', 'request-id': 'a16ec3f0-89c5-42ec-a4a2-2e45042a4390', 'client-request-id': 'a16ec3f0-89c5-42ec-a4a2-2e45042a4390'}}}
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: https://graph.microsoft.com/v1.0/profile
2022-04-20 09:37:23,442: INFO werkzeug: 49.37.172.20 - - [20/Apr/2022 09:37:23] "GET /oauth2/authorize?code=0.ARsA3jZYM-9CokOxRTSMLunKW_3a3dHcJP5MrfqQQJh5-YcbAAA.AQABAAIAAAD--DLA3VO7QrddgJg7WevrZT
GQKBol1TJoTKY6MDbrIWC4kwn3mNFOmIx10OFaHw7C4KNbxbx3WJeVKhpbkHCVvEGxvEFqsBqslbA4gg5BK2h92GkuNjnkrh-A6C2Qh6A82j5RmXxBh_YhnXwHOgyrDdYgjQVEm1h8OXoefM0EdxOQZgIaYjHVuGRgjrh7C6TiNn4oY6AicoVMmtG1t0Q5oPnMbK5Sp1TShx
jpk1zbknp6q0e-OqNsWnFMR0wR2s6CEOiREovczZZQBgRssIuUC0Ppdz-QqnKMisInpwAPgpDBQ4dYHYOlvFUo_tpCBgdy0bUV93WLK66WZmYi3sTPVHGjeFSAqYdULKPzk9noU5zGdw_lHMLEKgRHX9x7drIaZs0XSJxHGLoo7hVSOQytjIoAEznUp92i75nAnp_lnNBuZQ
OpR7o8gga2mfk-DM8P89OON9khvrZr0QjhUispo022tr5zHkBh66lsuy52pRMx2Pt7K8AdgZhx-qxT1yToJPvnqGXZhxOucZTxyzvDtrF0qHwpBuqFSYj4DhIqVQUA9U--AtVG57XLJw_-puFnVe5O1N3JbHds2Am5LBGKOowL8AkJClFsgQ58vSv3tuGE4Qw4xNa6oE6wSj
AoLT_FMcGALGkjK5jfwUAMpUInG9DShqVgiw3Pg0cA6O17YdtKq2-6LsdE2N0MIPX2h9cpURF6GJw4DizU2bru-U0Rfx-5H9KMv8n2dvlthcgKbEXw-e6X1Kaic04oYi5PGBE9_HjR0TxLQcHoS9dAocGlvpj2UUCmglp7EbE3jPXGaexslVwr_uHh406nRyHwdvcgAA&sta
te=MsqLsqXdNLchYEqybcOfpLPf8DHD3F&session_state=9bf4bfda-36ae-439f-863b-b20ffad99aa4 HTTP/1.1" 500 -
If I don't give any version - https://graph.microsoft.com/
then below error. What does Invalid version mean here?
vCEd--N3p18dGGm7yg8a4GJjh1j7fvGaaRyDrQcXkUqtXNr7dnWUxxCqxfBnxpHhcemoXEL7Aoed4fZkyHenUh7QpAoA09cCip95Vs1ywbKmmBqVUSMw', 'expires_at': 1650451513}
After resp
{'error': {'code': 'BadRequest', 'message': 'Invalid version.', 'innerError': {'date': '2022-04-20T09:40:53', 'request-id': 'b17334ef-4593-4948-b91c-b4a79fc58ef7', 'client-request-id': 'b17334ef-4593-4948-b91c-b4a79fc58ef7'}}}
2022-04-20 09:40:53,124: ERROR pgadmin: 400 Client Error: Bad Request for url: https://graph.microsoft.com/profile
Traceback (most recent call last):
OAUTH2_API_BASE_URL seems to be correct as per the api permission tab I see in Azure portal.
Thanks,
Asmita
Hi,On Tue, Apr 19, 2022 at 11:30 PM Asmita Thapliyal <asmita.thapliyal@gmail.com> wrote:Hello!I have configured OAUTH2 with azure ad with below config'OAUTH2_NAME': "azure",
# The display name, ex: Google
'OAUTH2_DISPLAY_NAME': 'MS Azure',
# Oauth client id
'OAUTH2_CLIENT_ID': '<ID>',
# Oauth secret
'OAUTH2_CLIENT_SECRET': '<SECRET>',
# URL to generate a token,
# Ex: https://github.com/login/oauth/access_token
'OAUTH2_TOKEN_URL': 'https://login.microsoftonline.com/<TENANT-ID>/oauth2/v2.0/token',
# URL is used for authentication,
# Ex: https://github.com/login/oauth/authorize
'OAUTH2_AUTHORIZATION_URL': 'https://login.microsoftonline.com/<TENANT-ID>/oauth2/v2.0/authorize',
# Oauth base url, ex: https://api.github.com/
'OAUTH2_API_BASE_URL': 'https://graph.microsoft.com/v1.0',
# Name of the Endpoint, ex: user
'OAUTH2_USERINFO_ENDPOINT': 'profile',
# Oauth scope, ex: 'openid email profile'
# Note that an 'email' claim is required in the resulting profile
'OAUTH2_SCOPE': 'User.Read email openid profile',
# Font-awesome icon, ex: fa-github
'OAUTH2_ICON': 'fa-github',
# UI button colour, ex: #0000ff
'OAUTH2_BUTTON_COLOR': None,
After testing I found below error
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: https://graph.microsoft.com/profile
2022-04-19 14:34:38,717: INFO werkzeug: 49.37.172.20 - - [19/Apr/2022 14:34:38] "GET /oauth2/authorize?code=0.ARsA3jZYM-9CokOxRTSMLunKW_3a3dHcJP5MrfqQQJh5-YcbAAA.AQABAAIAAAD--DLA3VO7QrddgJg7Wevrdrp6mz5VUBPbc2M4Bs4hmaPP7YfekSA8Yt9vmf1zMQFku0U1U1xfWkuaKw8eFQjW9sNkh1-Gl6XaDfqOV6NQ0dAxvBNW5K_GOC9VChtUG_s8DXVKvZ05dvryfX1K-NUgDFoXiSU7Xmyc40UWiIr1fBse7PLdvaFDL4KmUbO4Ivm6j7fuh3l0Q5sB-lMB56NmbV9NCDSoy-ccbnGwm-2pVN42HErVzE9b8P0Gowba3QWfNUvLSmbkbVv_UQHnQ2jgZfNK7oPcggZJojU8biYXJN6KcpOL7eQmP1oUjhUafRJw5TLr5LSSYGHbXVmL7zgJ7RCuWBJAS_VSrYr5hMaRhvxBMLgC6bwQmI8euv_hC9GZ0vmxqNY6T11M72Ye8NkQrA_5zM9qPiFh1bZCsLyllkxN1LCgfEI_t--qiq0N2dd-SL2hE23VUAk5Wen_nwwjJQBKTpuE4v7BwjOwfpPqniNq2xLqALaXaBZfmjmGCjfrVHlw4e5ADsxU0VBY4eH7BiKwye7o8AQdJC7w39Y8VteOJTLvCw5y0hPALIpzlCQtUtBhHjrKpzEPqgpZWfb55JSZ45YtjbZENcXyQk_sdRRo4SqNJxqU5W9yqcyY53PbtfzX0LTRTJ9FAfc5uqlgksyMcxZaXLcONWYocB1oGjaRTBbl7kZFZRScHzKNVQbXsnQVAURe3lesqOzlv--QtfMZHfYPA6igkryni8xPKETI9UyL0mRLTbxHOHZFvt0faNcvM1uCLiavNDgw4EkBljbLDDMIdCLrfOvSaIsMJA6vzRmFODq00iAZYIfqxQcgAA&state=ZmClT3NK4XExYAP8NQrdp5zIMaoM4m&session_state=ee30bdda-dd80-4ab9-aeee-1c61b8ffa63c HTTP/1.1" 500 -
2022-04-19 14:34:38,722: ERROR werkzeug: Error on request:
Looks like the profile fetch request is giving this error.Can you please check whether OAUTH2_API_BASE_URL is correct or not.Thanks,Khushboo
I tried to print response, this is the one, not sure what does it mean by Invalid version. I tried to change accesstokenversion in azure ad but received same issue.
{'error': {'code': 'BadRequest', 'message': 'Invalid version.', 'innerError': {'date': '2022-04-19T14:34:38', 'request-id': 'c2da3799-bab5-4c38-a485-78cf7b74567c', 'client-request-id': 'c2da3799-bab5-4c38
-a485-78cf7b74567c'}}}
Any clue? or is there a way I can check more details of innerError?
Regards,
Asmita
Regards,
Asmita
pgadmin-support by date: