Comments (8)
adityatoshniwal
commented on September 10, 2024
Hi @andres-chavez-bi,
Can you please try with preferred_username or userpn to check if they work?
from pgadmin4.
andres-chavez-bi
commented on September 10, 2024
hello @adityatoshniwal the error seems to be the same, now it's complaining about the preferred_username or the userpn (either config is the same error).
172.25.54.9 - - [23/Aug/2024:13:00:22 +0000] "POST /authenticate/login HTTP/1.1" 302 961 "https://bi-pgadmin4-pgtrain-test.apps.eu-dev.ocp.aws.example.com/login?next=/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36 Edg/127.0.0.0"
2024-08-23 13:00:25,361: ERROR pgadmin: The claim 'preferred_username' is required to login into pgAdmin. Please update your OAuth2 profile.
NoneType: None
172.25.54.9 - - [23/Aug/2024:13:00:25 +0000] "GET /oauth2/authorize?code=
from pgadmin4.
yogeshmahajan-1903
commented on September 10, 2024
@andres-chavez-bi
Can you please try
OAUTH2_USERINFO_ENDPOINT='me'
Kindly refer this issue from Azure AD.
from pgadmin4.
andres-chavez-bi
commented on September 10, 2024
Hi @yogeshmahajan-1903 I've tried it and now it throws this error:
2024-08-27 14:25:53,585: ERROR pgadmin: 400 Client Error: Bad Request for url: https://graph.microsoft.com/me
Traceback (most recent call last):
File "/venv/lib/python3.12/site-packages/flask/app.py", line 880, in full_dispatch_request
rv = self.dispatch_request()
^^^^^^^^^^^^^^^^^^^^^^^
File "/venv/lib/python3.12/site-packages/flask/app.py", line 865, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args) # type: ignore[no-any-return]
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/pgadmin4/pgadmin/authenticate/oauth2.py", line 57, in oauth_authorize
status, msg = auth_obj.login()
^^^^^^^^^^^^^^^^
File "/pgadmin4/pgadmin/authenticate/__init__.py", line 299, in login
status, msg = self.source.login(self.form)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/pgadmin4/pgadmin/authenticate/oauth2.py", line 137, in login
profile = self.get_user_profile()
^^^^^^^^^^^^^^^^^^^^^^^
File "/pgadmin4/pgadmin/authenticate/oauth2.py", line 227, in get_user_profile
resp.raise_for_status()
File "/venv/lib/python3.12/site-packages/requests/models.py", line 1024, in raise_for_status
raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url: https://graph.microsoft.com/me
Looking into the issue you provided and the documentation linked, I see that they mention that this is related to an ID Token, but following pgadmin's authentication process, we see this:
does it make sense to you, shouldn't this response type be token in order to parse the information correctly?
from pgadmin4.
yogeshmahajan-1903
commented on September 10, 2024
@andres-chavez-bi
Can you please change base url to
OAUTH2_API_BASE_URL': 'https://graph.microsoft.com/v1.0/
Here is my config -
'OAUTH2_NAME': "azure",
'OAUTH2_DISPLAY_NAME': 'MS Azure',
'OAUTH2_CLIENT_ID': '<client id>',
'OAUTH2_CLIENT_SECRET': '<client secret>',
'OAUTH2_TOKEN_URL': 'https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/token',
'OAUTH2_AUTHORIZATION_URL': 'https://login.microsoftonline.com/<tenant_id>/oauth2/v2.0/authorize',
'OAUTH2_SCOPE': 'User.Read email openid profile',
'OAUTH2_API_BASE_URL': 'https://graph.microsoft.com/v1.0/',
'OAUTH2_USERINFO_ENDPOINT': 'me',
'OAUTH2_USERNAME_CLAIM': 'mail',
'OAUTH2_ICON': 'fa-github',
'OAUTH2_BUTTON_COLOR': None,
'OAUTH2_SERVER_METADATA_URL': 'https://login.microsoftonline.com/<tenant_id>/v2.0/.well-known/openid-configuration',
from pgadmin4.
andres-chavez-bi
commented on September 10, 2024
Sorry @yogeshmahajan-1903 but same error:
172.25.23.42 - - [28/Aug/2024:12:37:08 +0000] "GET /oauth2/authorize?code=0.AS8Ahq...
172.25.23.42 - - [28/Aug/2024:12:37:08 +0000] "GET /browser/ HTTP/1.1" 302 229 "https://login.microsoftonline.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Edg/128.0.0.0"
172.25.23.42 - - [28/Aug/2024:12:37:08 +0000] "GET /login?next=/browser/ HTTP/1.1" 200 2834 "https://login.microsoftonline.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Edg/128.0.0.0"
172.25.23.42 - - [28/Aug/2024:12:37:08 +0000] "GET /browser/js/endpoints.js?ver=81100 HTTP/1.1" 200 16363 "https://bi-pgadmin4-pgtrain-test.apps.eu-dev.ocp.aws.example.com/login?next=/browser/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Edg/128.0.0.0"
172.25.23.42 - - [28/Aug/2024:12:37:08 +0000] "GET /tools/translations.js?ver=81100 HTTP/1.1" 200 321 "https://bi-pgadmin4-pgtrain-test.apps.eu-dev.ocp.aws.example.com/login?next=/browser/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Edg/128.0.0.0"
172.25.23.42 - - [28/Aug/2024:12:37:10 +0000] "POST /authenticate/login HTTP/1.1" 302 961 "https://bi-pgadmin4-pgtrain-test.apps.eu-dev.ocp.aws.example.com/login?next=/browser/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36 Edg/128.0.0.0"
2024-08-28 12:37:56,408: ERROR pgadmin: The claim 'preferred_username' is required to login into pgAdmin. Please update your OAuth2 profile.
NoneType: None
172.25.23.42 - - [28/Aug/2024:12:37:56 +0000] "GET /oauth2/authorize?code=0.AS8Ahq_44.....
My claims:
My config:
'OAUTH2_NAME': 'Azure',
'OAUTH2_DISPLAY_NAME': 'Azure AD',
'OAUTH2_CLIENT_ID': 'nnnn',
'OAUTH2_CLIENT_SECRET': 'nnnn',
'OAUTH2_TOKEN_URL': 'https://login.microsoftonline.com/nnnn/oauth2/v2.0/token',
'OAUTH2_AUTHORIZATION_URL': 'https://login.microsoftonline.com/nnnn/oauth2/v2.0/authorize',
'OAUTH2_SERVER_METADATA_URL': 'https://login.microsoftonline.com/nnnn/v2.0/.well-known/openid-configuration',
'OAUTH2_API_BASE_URL': 'https://graph.microsoft.com/v1.0/',
'OAUTH2_USERINFO_ENDPOINT': 'me',
'OAUTH2_SCOPE': 'User.Read openid profile email',
'OAUTH2_USERNAME_CLAIM': 'preferred_username',
'OAUTH2_ICON': None,
'OAUTH2_BUTTON_COLOR': '#0000ff',
from pgadmin4.
Related Issues (20)
- Unable to Install pgAdmin on Debian 12 HOT 5
- SSPI continuation error: The specified target is unknown or unreachable (80090303) HOT 2
- Target Session Attribute Primary or Target Session Attribute Read-Write Fail to Connect HOT 2
- Installing via venv/pip fails with pip._vendor.packaging.version.InvalidVersion HOT 10
- "'NoneType' object is not iterable" when getting role properties
- Selecting blocks of code doesnt work HOT 3
- regression loading password from pg_service.conf since v8.10 HOT 1
- upgrading pgadmin4 in pipx is broken in fedora 40 workstation HOT 2
- Corrupted output of query result in pgadmin 8.11 HOT 2
- Schema Diff CLI
- Installation script doesn't restart Apache2 after re-installation of pgAdmin in Ubuntu 24.10 HOT 3
- pgAdmin requires a manual running of a setup.py script after reinstallation to a higher version on Ubuntu 24.04 HOT 3
- Connection lost to pgadmin on Mac OS Sonoma 14.5 HOT 1
- Snap startup error: Cannot find package 'axios' HOT 1
- Allow 'Locks' Grid to be configurable and/or hidden
- Bug: Unable to Import Data HOT 7
- The row number in result grid is deceptive and easy to lead mistake in data operation HOT 5
- Query tool asks for maintainance db password when trying to connect to another database
- right button closes it all HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from pgadmin4.