stackoom
  简体   繁体   中英

WireCloud login with keystone: AuthStateForbidden at /complete/fiware/

 原文  2016-06-16 06:48:09       fiware/ keystone/ fiware-wirecloud

Question

When trying to login to WireCloud via Keystone with an user that already has WireCloud authorized the following error is displayed: 

Environment:

Request Method: GET
Request URL: http://dashboard.example.com/complete/fiware/?state=pHFsTpzh7lhXKBiqkpZxSYOPpRi5w1ph&code=pxJSjgIqyAVAvHfP8xzFIkAmnCLtx6

Django Version: 1.9.6
Python Version: 2.7.9
Installed Applications:
('django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'django.contrib.admin',
 'wirecloud.commons',
 'compressor',
 'wirecloud.catalogue',
 'wirecloud.platform',
 'wirecloud.oauth2provider',
 'wirecloud.fiware',
 'social.apps.django_app.default')
Installed Middleware:
('wirecloud.commons.middleware.URLMiddleware',)



Traceback:

File "/opt/wc/venv/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
  149.                     response = self.process_exception_by_middleware(e, request)

File "/opt/wc/venv/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
  147.                     response = wrapped_callback(request, *callback_args, **callback_kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
  57.         response = view_func(request, *args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/django/views/decorators/csrf.py" in wrapped_view
  58.         return view_func(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/apps/django_app/utils.py" in wrapper
  51.             return func(request, backend, *args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/apps/django_app/views.py" in complete
  28.                        redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/actions.py" in do_complete
  43.         user = backend.complete(user=user, *args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/base.py" in complete
  41.         return self.auth_complete(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/utils.py" in wrapper
  229.             return func(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/oauth.py" in auth_complete
  375.         state = self.validate_state()

File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/oauth.py" in validate_state
  90.             raise AuthStateForbidden(self)

Exception Type: AuthStateForbidden at /complete/fiware/
Exception Value: Wrong state parameter given.

When you then try to log into WireCloud again with that user, so that the session from the Keyrock login is still active, it works fine. But why does this error get displayed?

And even worse: If a new user wants to sign up to WireCloud, after the login to Keystone, this error gets thrown: 

Environment:


Request Method: GET
Request URL: http://dashboard.example.com/complete/fiware/?state=4Ccx9THwAxUht3rXi3N3J9du1LTTOmcC&code=mZXx34K8ojV9RJiNiNtUuzc10HtoJU

Django Version: 1.9.6
Python Version: 2.7.9
Installed Applications:
('django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'django.contrib.admin',
 'wirecloud.commons',
 'compressor',
 'wirecloud.catalogue',
 'wirecloud.platform',
 'wirecloud.oauth2provider',
 'wirecloud.fiware',
 'social.apps.django_app.default')
Installed Middleware:
('wirecloud.commons.middleware.URLMiddleware',)



Traceback:

File "/opt/wc/venv/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
  149.                     response = self.process_exception_by_middleware(e, request)

File "/opt/wc/venv/lib/python2.7/site-packages/django/core/handlers/base.py" in get_response
  147.                     response = wrapped_callback(request, *callback_args, **callback_kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/django/views/decorators/cache.py" in _wrapped_view_func
  57.         response = view_func(request, *args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/django/views/decorators/csrf.py" in wrapped_view
  58.         return view_func(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/apps/django_app/utils.py" in wrapper
  51.             return func(request, backend, *args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/apps/django_app/views.py" in complete
  28.                        redirect_name=REDIRECT_FIELD_NAME, *args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/actions.py" in do_complete
  43.         user = backend.complete(user=user, *args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/base.py" in complete
  41.         return self.auth_complete(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/utils.py" in wrapper
  229.             return func(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/oauth.py" in auth_complete
  387.                             *args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/utils.py" in wrapper
  229.             return func(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/oauth.py" in do_auth
  398.         return self.strategy.authenticate(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/strategies/django_strategy.py" in authenticate
  96.         return authenticate(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/django/contrib/auth/__init__.py" in authenticate
  74.             user = backend.authenticate(**credentials)

File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/base.py" in authenticate
  82.         return self.pipeline(pipeline, *args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/base.py" in pipeline
  85.         out = self.run_pipeline(pipeline, pipeline_index, *args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/backends/base.py" in run_pipeline
  112.             result = func(*args, **out) or {}

File "/opt/wc/venv/lib/python2.7/site-packages/social/pipeline/user.py" in create_user
  69.         'user': strategy.create_user(**fields)

File "/opt/wc/venv/lib/python2.7/site-packages/social/strategies/base.py" in create_user
  53.         return self.storage.user.create_user(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/social/storage/django_orm.py" in create_user
  60.         return cls.user_model().objects.create_user(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/django/contrib/auth/models.py" in create_user
  154.         return self._create_user(username, email, password, **extra_fields)

File "/opt/wc/venv/lib/python2.7/site-packages/django/contrib/auth/models.py" in _create_user
  148.         user.save(using=self._db)

File "/opt/wc/venv/lib/python2.7/site-packages/django/contrib/auth/base_user.py" in save
  74.         super(AbstractBaseUser, self).save(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/base.py" in save
  708.                        force_update=force_update, update_fields=update_fields)

File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/base.py" in save_base
  736.             updated = self._save_table(raw, cls, force_insert, force_update, using, update_fields)

File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/base.py" in _save_table
  820.             result = self._do_insert(cls._base_manager, using, fields, update_pk, raw)

File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/base.py" in _do_insert
  859.                                using=using, raw=raw)

File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/manager.py" in manager_method
  122.                 return getattr(self.get_queryset(), name)(*args, **kwargs)

File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/query.py" in _insert
  1039.         return query.get_compiler(using=using).execute_sql(return_id)

File "/opt/wc/venv/lib/python2.7/site-packages/django/db/models/sql/compiler.py" in execute_sql
  1060.                 cursor.execute(sql, params)

File "/opt/wc/venv/lib/python2.7/site-packages/django/db/backends/utils.py" in execute
  79.             return super(CursorDebugWrapper, self).execute(sql, params)

File "/opt/wc/venv/lib/python2.7/site-packages/django/db/backends/utils.py" in execute
  64.                 return self.cursor.execute(sql, params)

File "/opt/wc/venv/lib/python2.7/site-packages/django/db/utils.py" in __exit__
  95.                 six.reraise(dj_exc_type, dj_exc_value, traceback)

File "/opt/wc/venv/lib/python2.7/site-packages/django/db/backends/utils.py" in execute
  64.                 return self.cursor.execute(sql, params)

Exception Type: IntegrityError at /complete/fiware/
Exception Value: FEHLER:  NULL-Wert in Spalte „last_login“ verletzt Not-Null-Constraint
DETAIL:  Fehlgeschlagene Zeile enthält (21, !mtZhl9gusVEPg4QTz80CbnY61pc7SxUF73AvtPu7, null, f, bi-demo, , , bi-demo@example.com, f, t, 2016-06-16 06:40:19.588666+00).

This indicates that some postgres constraints may be violated (we use postgres as db for WireCloud). It happens when an user that has not yet authorized WireCloud but is logged in to keystone tries to access WireCloud. Usually then the authorize page should get displayed but instead the error is thrown and the user is not created in the WireCloud Django admin panel.

1 answers

solution1
 0  2016-06-24 09:55:31

I was unable to replicate your first error, but taking into account your second error I can confirm that you have unapplied migrations for the django-contrib-auth django app.

Use python manage.py migrate --list for getting the list of applied or unapplied migrations. You should get something like this: 

admin
 [X] 0001_initial
 [X] 0002_logentry_remove_auto_add
auth
 [X] 0001_initial
 [X] 0002_alter_permission_name_max_length
 [X] 0003_alter_user_email_max_length
 [X] 0004_alter_user_username_opts
 [ ] 0005_alter_user_last_login_null
 [ ] 0006_require_contenttypes_0002
 [ ] 0007_alter_validators_add_error_messages
catalogue
 [X] 0001_initial
contenttypes
 [X] 0001_initial
 [X] 0002_remove_content_type_name
default
 [X] 0001_initial
 [X] 0002_add_related_name
 [X] 0003_alter_email_max_length
 [X] 0004_auto_20160423_0400
platform
 [X] 0001_initial
 [X] 0002_auto_20160127_1143
 [X] 0003_remove_userworkspace_active
sessions
 [X] 0001_initial

In your case, you are getting the second error because the 0005_alter_user_last_login_null is not applied correctly ( django.contrib.auth is listed as auth ).

You can apply any pending migration using python manage.py migrate (if you prefer you can apply any pending migration for the django.contrib.auth app using python manage.py migrate auth instead).

The first error can also be related to unapplied migrations, but I cannot tell you what migration.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Wirecloud FIWARE NGSI Proxy Fiware wirecloud marketplace error FIWARE Lab, access to wirecloud log Wirecloud authentication using keystone only? Fiware Wirecloud Map Viewer Widget Not Working Wirecloud FIWARE Lab - is NGSI HTTP proxy alive How to connect to FIWARE Marketplace on new WireCloud install? Changing the workspace name when using WireCloud with KeyStone Fiware Keystone API Create User Fiware IDM Keystone on Ubuntu 14.04
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM