Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth2 failed to run with https #305

Closed
wzymaster opened this issue Mar 7, 2018 · 7 comments
Closed

OAuth2 failed to run with https #305

wzymaster opened this issue Mar 7, 2018 · 7 comments

Comments

@wzymaster
Copy link

wzymaster commented Mar 7, 2018
edited

I tried to enable SSL on Microsoft Edx and then enable an OAuth2 client as the below :

image

however, when I am trying to invoke it and it failed all the time and complains that a request is not https for some reason like the below :

image

My further investigation indicates that the request variable in /edx/app/edxapp/venvs/edxapp/local/lib/python2.7/site-packages/provider/views.py comes with http all the time , even though I have enable OAUTH2 with SECURE in both of lms.env.json and cms.env.json, like below :

"ENABLE_OAUTH2_PROVIDER": true,
"OAUTH_ENFORCE_SECURE": true,
"OAUTH_ENFORCE_CLIENT_SECURE": true,

I am wondering why oauth goes to /edx/app/edxapp/venvs/edxapp/local/lib/python2.7/site-packages/provider ? why not any one of the below :

/edx/app/edxapp/venvs/edxapp/lib/python2.7/site-packages/oauth2
/edx/app/edxapp/venvs/edxapp/lib/python2.7/site-packages/oauth2_provider/
/edx/app/edxapp/venvs/edxapp/lib/python2.7/site-packages/oauth_provider/

@sdolenc Please advise it and I believe there must be some false config in oauth by default in this distribution.
@sdolenc
Copy link
Contributor

sdolenc commented Mar 22, 2018

Thanks for identifying this issue. I apologize for the delayed response. Our team will be scheduling an investigation soon

@wzymaster
Copy link
Author

@sdolenc any update on this issue ?

@saravpal
Copy link

@wzymaster, Stephen (@sdolenc) is on vacation. Looking at your error at high level and from what we have seen in the past, this might be due to the site was not secured but security for oAuth is being enforced. Can you please confirm SSL is successfully enabled for your site? Also, were you deploying with STAMP template or full stack?

@wzymaster
Copy link
Author

Yes, SSL is enabled in LMS and CMS on my site at https://edx.dolphin-labs.com. It's deployed in full stack.

For some reason, oauth is propertly set up and Please find the attached config file for my env.

cms.env.json.txt
lms.env.json.txt

@saravpal
Copy link

saravpal commented May 3, 2018

Thanks for your patience. We don't recommend full stack for production load. We don't support it either. Is there a way to reach you other than GitHub?

@wzymaster
Copy link
Author

you can always reach me at wuzy@dolphin-labs.com

@eltoncarr
Copy link
Contributor

Assuming this issue is settled... Please re-open if necessary.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@wzymaster @sdolenc @eltoncarr @saravpal