使用Keystone登录WireCloud:AuthStateForbidden位于/ complete / fiware /
[英]WireCloud login with keystone: AuthStateForbidden at /complete/fiware/
问题描述
When trying to login to WireCloud via Keystone with an user that already has WireCloud authorized the following error is displayed: 
当尝试使用已获得WireCloud授权的用户通过Keystone登录WireCloud时,显示以下错误:
Environment:
Request Method: GET
Request URL: http://dashboard.example.com/complete/fiware/?state=pHFsTpzh7lhXKBiqkpZxSYOPpRi5w1ph&code=pxJSjgIqyAVAvHfP8xzFIkAmnCLtx6
Django Version: 1.9.6
Python Version: 2.7.9
Installed Applications:
('django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.admin',
'wirecloud.commons',
'compressor',
'wirecloud.catalogue',
'wirecloud.platform',
'wirecloud.oauth2provider',
'wirecloud.fiware',
'social.apps.django_app.default')
Installed Middleware:
('wirecloud.commons.middleware.URLMiddleware',)
Traceback:
File "/opt/wc/venv/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
149. response = self.process_exception_by_middleware(e, request)
File "/opt/wc/venv/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
147. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
57. response = view_func(request, *args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/django/views/decorators/csrf.py" in wrapped_view
58. return view_func(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/apps/django_app/utils.py" in wrapper
51. return func(request, backend, *args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/apps/django_app/views.py" in complete
28. redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/actions.py" in do_complete
43. user = backend.complete(user=user, *args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/base.py" in complete
41. return self.auth_complete(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/utils.py" in wrapper
229. return func(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/oauth.py" in auth_complete
375. state = self.validate_state()
File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/oauth.py" in validate_state
90. raise AuthStateForbidden(self)
Exception Type: AuthStateForbidden at /complete/fiware/
Exception Value: Wrong state parameter given.
When you then try to log into WireCloud again with that user, so that the session from the Keyrock login is still active, it works fine. 然后,当您尝试再次与该用户登录WireCloud时,仍使来自Keyrock登录的会话保持活动状态,它可以正常工作。 But why does this error get displayed? 但是为什么会显示此错误?
And even worse: If a new user wants to sign up to WireCloud, after the login to Keystone, this error gets thrown: 更糟糕的是:如果新用户要注册WireCloud,则在登录Keystone后会引发以下错误:
Environment:
Request Method: GET
Request URL: http://dashboard.example.com/complete/fiware/?state=4Ccx9THwAxUht3rXi3N3J9du1LTTOmcC&code=mZXx34K8ojV9RJiNiNtUuzc10HtoJU
Django Version: 1.9.6
Python Version: 2.7.9
Installed Applications:
('django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.admin',
'wirecloud.commons',
'compressor',
'wirecloud.catalogue',
'wirecloud.platform',
'wirecloud.oauth2provider',
'wirecloud.fiware',
'social.apps.django_app.default')
Installed Middleware:
('wirecloud.commons.middleware.URLMiddleware',)
Traceback:
File "/opt/wc/venv/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
149. response = self.process_exception_by_middleware(e, request)
File "/opt/wc/venv/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
147. response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
57. response = view_func(request, *args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/django/views/decorators/csrf.py" in wrapped_view
58. return view_func(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/apps/django_app/utils.py" in wrapper
51. return func(request, backend, *args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/apps/django_app/views.py" in complete
28. redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/actions.py" in do_complete
43. user = backend.complete(user=user, *args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/base.py" in complete
41. return self.auth_complete(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/utils.py" in wrapper
229. return func(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/oauth.py" in auth_complete
387. *args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/utils.py" in wrapper
229. return func(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/oauth.py" in do_auth
398. return self.strategy.authenticate(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/strategies/django_strategy.py" in authenticate
96. return authenticate(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/django/contrib/auth/__init__.py" in authenticate
74. user = backend.authenticate(**credentials)
File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/base.py" in authenticate
82. return self.pipeline(pipeline, *args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/base.py" in pipeline
85. out = self.run_pipeline(pipeline, pipeline_index, *args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/base.py" in run_pipeline
112. result = func(*args, **out) or {}
File "/opt/wc/venv/lib/python2.7/site-packages/social/pipeline/user.py" in create_user
69. 'user': strategy.create_user(**fields)
File "/opt/wc/venv/lib/python2.7/site-packages/social/strategies/base.py" in create_user
53. return self.storage.user.create_user(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/social/storage/django_orm.py" in create_user
60. return cls.user_model().objects.create_user(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/django/contrib/auth/models.py" in create_user
154. return self._create_user(username, email, password, **extra_fields)
File "/opt/wc/venv/lib/python2.7/site-packages/django/contrib/auth/models.py" in _create_user
148. user.save(using=self._db)
File "/opt/wc/venv/lib/python2.7/site-packages/django/contrib/auth/base_user.py" in save
74. super(AbstractBaseUser, self).save(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/base.py" in save
708. force_update=force_update, update_fields=update_fields)
File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/base.py" in save_base
736. updated = self._save_table(raw, cls, force_insert, force_update, using, update_fields)
File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/base.py" in _save_table
820. result = self._do_insert(cls._base_manager, using, fields, update_pk, raw)
File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/base.py" in _do_insert
859. using=using, raw=raw)
File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/manager.py" in manager_method
122. return getattr(self.get_queryset(), name)(*args, **kwargs)
File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/query.py" in _insert
1039. return query.get_compiler(using=using).execute_sql(return_id)
File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/sql/compiler.py" in execute_sql
1060. cursor.execute(sql, params)
File "/opt/wc/venv/lib/python2.7/site-packages/django/db/backends/utils.py" in execute
79. return super(CursorDebugWrapper, self).execute(sql, params)
File "/opt/wc/venv/lib/python2.7/site-packages/django/db/backends/utils.py" in execute
64. return self.cursor.execute(sql, params)
File "/opt/wc/venv/lib/python2.7/site-packages/django/db/utils.py" in __exit__
95. six.reraise(dj_exc_type, dj_exc_value, traceback)
File "/opt/wc/venv/lib/python2.7/site-packages/django/db/backends/utils.py" in execute
64. return self.cursor.execute(sql, params)
Exception Type: IntegrityError at /complete/fiware/
Exception Value: FEHLER: NULL-Wert in Spalte „last_login“ verletzt Not-Null-Constraint
DETAIL: Fehlgeschlagene Zeile enthält (21, !mtZhl9gusVEPg4QTz80CbnY61pc7SxUF73AvtPu7, null, f, bi-demo, , , bi-demo@example.com, f, t, 2016-06-16 06:40:19.588666+00).
This indicates that some postgres constraints may be violated (we use postgres as db for WireCloud). 这表明可能违反了一些postgres约束(我们将Postgres用作WireCloud的数据库)。 It happens when an user that has not yet authorized WireCloud but is logged in to keystone tries to access WireCloud. 当尚未授权WireCloud但已登录Keystone的用户尝试访问WireCloud时,就会发生这种情况。 Usually then the authorize page should get displayed but instead the error is thrown and the user is not created in the WireCloud Django admin panel. 通常,然后应该显示授权页面,但是会引发错误,并且不会在WireCloud Django管理面板中创建用户。
1 个解决方案
解决方案1
0 2016-06-24 09:55:31
I was unable to replicate your first error, but taking into account your second error I can confirm that you have unapplied migrations for the django-contrib-auth django app. 我无法复制您的第一个错误,但是考虑到您的第二个错误,我可以确认您对django-contrib-auth django应用程序未应用迁移。
Use python manage.py migrate --list for getting the list of applied or unapplied migrations. 使用python manage.py migrate --list migration python manage.py migrate --list获取已应用或未应用迁移的列表。 You should get something like this: 您应该得到这样的内容:
admin
[X] 0001_initial
[X] 0002_logentry_remove_auto_add
auth
[X] 0001_initial
[X] 0002_alter_permission_name_max_length
[X] 0003_alter_user_email_max_length
[X] 0004_alter_user_username_opts
[ ] 0005_alter_user_last_login_null
[ ] 0006_require_contenttypes_0002
[ ] 0007_alter_validators_add_error_messages
catalogue
[X] 0001_initial
contenttypes
[X] 0001_initial
[X] 0002_remove_content_type_name
default
[X] 0001_initial
[X] 0002_add_related_name
[X] 0003_alter_email_max_length
[X] 0004_auto_20160423_0400
platform
[X] 0001_initial
[X] 0002_auto_20160127_1143
[X] 0003_remove_userworkspace_active
sessions
[X] 0001_initial
In your case, you are getting the second error because the 0005_alter_user_last_login_null is not applied correctly ( django.contrib.auth is listed as auth ). 您遇到的第二个错误是因为0005_alter_user_last_login_null未正确应用( django.contrib.auth被列为auth )。
You can apply any pending migration using python manage.py migrate (if you prefer you can apply any pending migration for the django.contrib.auth app using python manage.py migrate auth instead). 您可以使用python manage.py migrate migration应用任何待处理的python manage.py migrate (如果愿意,您可以使用python manage.py migrate auth migration python manage.py migrate auth来为django.contrib.auth应用应用任何待处理的迁移)。
The first error can also be related to unapplied migrations, but I cannot tell you what migration. 第一个错误也可能与未应用的迁移有关,但是我无法告诉您什么迁移。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.