Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Google auth broken in 4.0? #8806

Open
Yann-J opened this issue Feb 14, 2022 · 6 comments
Open

Google auth broken in 4.0? #8806

Yann-J opened this issue Feb 14, 2022 · 6 comments

Comments

@Yann-J
Copy link
Contributor

Yann-J commented Feb 14, 2022

Expected Behavior

Hello good people! I have a GeoNode/Geoserver setup configured to use Google as auth provider. It has been working well on 3.x throughout various upgrades, but following an upgrade to 4.x the Google login flow seems broken. Login with internal users still works fine.

The settings.py section to configure my auth is as follows:

SOCIALACCOUNT_PROVIDERS['google'] = {
  'SCOPE': [
    'profile',
    'email',
  ],
  'AUTH_PARAMS': {
    'access_type': 'online',
  }
}

if os.getenv('AUTH_DOMAIN'):
  SOCIALACCOUNT_PROVIDERS['google']['AUTH_PARAMS']['hd'] = os.getenv('AUTH_DOMAIN')

INSTALLED_APPS += ('allauth.socialaccount.providers.google',)
SOCIALACCOUNT_PROFILE_EXTRACTORS['google'] = "geonode.people.profileextractors.OpenIDExtractor"

I'm also setting the following env vars to valid values - although I also had to configure the OAuth values in the admin UI:

  • OAUTH2_CLIENT_ID
  • OAUTH2_CLIENT_SECRET
  • AUTH_DOMAIN

Actual Behavior

With 4.x, the Google login button is present as expected in the login page. However when pressing it, the browser is redirected to /account/google/login/?process=login&next=/catalogue/#/ which shows up as a blank page. No HTTP call is ever made to any Google URL.

image

No logs in console (server or client). I couldn't identify any change to the relevant sections of the configuration...

Steps to Reproduce the Problem

  1. Run geonode with above configuration
  2. Login as admin and configure Google provider in the admin UI with valid OAuth parameters

image

  1. Log out and try to login with Google

Specifications

  • GeoNode version: docker build from this commit
  • Installation method (manual, GeoNode Docker, SPCGeoNode Docker): Docker
@giohappy
Copy link
Contributor

@Yann-J a part from the blank page does the login complete? If you refersh the page or go to the home page is the user logged in?

@Yann-J
Copy link
Contributor Author

Yann-J commented Feb 14, 2022

Hey @giohappy sorry I forgot to mention :) No, the login is not complete after the page load. The menus are still clickable and I can still do all the usual anonymous browsing.

Also worth noting that this also affects the signup flow, and was tested after wiping all the domain's cookies.

@giohappy
Copy link
Contributor

I suspect that the new client templates are not compatible with django-allauth social logins pages.
I will open an issue on geonode mapstore client repo.

@giohappy
Copy link
Contributor

@giohappy
Copy link
Contributor

giohappy commented Feb 16, 2022

@Yann-J it looks like the new SOCIALACCOUNT_LOGIN_ON_GET default option from django-allauth, that was introduced with version 0.47.0 is not compatible with GeoNode templates right now.

If you set it to True login and sign up should work.

@Yann-J
Copy link
Contributor Author

Yann-J commented Feb 16, 2022

Indeed, it works well now! Thanks a lot!

I guess it still makes sense to keep the ticket opened until either the parameter is added by default, or the templates are updated?

But at least there's a clear workaround!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants