[seatable 4.1.0] issue with SSO (Keycloak)
MarcProux opened this issue · comments
Marc Proux commented
After configuration of 'dtable-web' for using oauth provided by keycloak I get the following error in 'logs/dtable_web.log':
2023-10-26 02:03:56,958 [ERROR] django.request:224 log_response Internal Server Error: /sso/
Traceback (most recent call last):
File "/opt/seatable/seatable-server-latest/dtable-web/thirdpart/django/core/handlers/exception.py", line 47, in inner
response = get_response(request)
File "/opt/seatable/seatable-server-latest/dtable-web/thirdpart/django/core/handlers/base.py", line 181, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "/opt/seatable/seatable-server-latest/dtable-web/seahub/views/sso.py", line 45, in sso
return HttpResponseRedirect(reverse('oauth_login') + next_param)
File "/opt/seatable/seatable-server-latest/dtable-web/thirdpart/django/urls/base.py", line 86, in reverse
return resolver._reverse_with_prefix(view, prefix, *args, **kwargs)
File "/opt/seatable/seatable-server-latest/dtable-web/thirdpart/django/urls/resolvers.py", line 698, in _reverse_with_prefix
raise NoReverseMatch(msg)
django.urls.exceptions.NoReverseMatch: Reverse for 'oauth_login' not found. 'oauth_login' is not a valid view function or pattern name.
The configuration is the following:
ENABLE_OAUTH = True
OAUTH_ENABLE_INSECURE_TRANSPORT = False
OAUTH_CLIENT_ID = "<redacted>"
OAUTH_CLIENT_SECRET = "<redacted>"
OAUTH_REDIRECT_URL = "https://seatable.domain.onl/oauth/callback/"
OAUTH_PROVIDER_DOMAIN = "sub.domain.onl"
OAUTH_AUTHORIZATION_URL = "https://sub.domain.onl/realms/apps/protocol/openid-connect/auth"
OAUTH_TOKEN_URL = "https://sub.domain.onl/realms/apps/protocol/openid-connect/token"
OAUTH_USER_INFO_URL = "https://sub.domain.onl/realms/apps/protocol/openid-connect/userinfo"
OAUTH_SCOPE = [ "openid", "profile", "email" ]
OAUTH_ATTRIBUTE_MAP = {
"email": (True, "email"),
"name": (False, "name"),
"id": (False, "not used")
}
domain.onl
: is a real domain I own but I prefer to keep the real one private
Marc Proux commented
License is needed to be able to use OAUTH.
Closing this issue.