Home Page is Not rendering after Providing Credentials

[Sunag3]

Where did you get the code?

Followed the tutorial from Microsoft Graph tutorials

Describe the bug

I have followed the steps exactly provided in Graph tutorials, after clicking on Sign on Microsoft login Page is appearing, and i have provided microsoft credentials, then its not rendering the home page, giving Value error , State missing in Auth Code Flow

Environment:

Request Method: GET
Request URL: http://localhost:8000/callback?code=M.R3_BAY.9074896a-0d08-58f3-0241-510fa2fdad5e&state=tCOXIJfsDRejZLPk

Django Version: 3.1.5
Python Version: 3.9.1
Installed Applications:
['django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'tutorial']
Installed Middleware:
['django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware']

Traceback (most recent call last):
File "D:\Django_Projects\Projects\venv\lib\site-packages\django\core\handlers\exception.py", line 47, in inner
response = get_response(request)
File "D:\Django_Projects\Projects\venv\lib\site-packages\django\core\handlers\base.py", line 181, in _get_response
response = wrapped_callback(request, *callback_args, **callback_kwargs)
File "D:\Django_Projects\Projects\graph_tutorial\tutorial\views.py", line 37, in callback
result = get_token_from_code(request)
File "D:\Django_Projects\Projects\graph_tutorial\tutorial\auth_helper.py", line 49, in get_token_from_code
result = auth_app.acquire_token_by_auth_code_flow(flow, request.GET)
File "D:\Django_Projects\Projects\venv\lib\site-packages\msal\application.py", line 513, in acquire_token_by_auth_code_flow
return self.client.obtain_token_by_auth_code_flow(
File "D:\Django_Projects\Projects\venv\lib\site-packages\msal\oauth2cli\oidc.py", line 185, in obtain_token_by_auth_code_flow
result = super(Client, self).obtain_token_by_auth_code_flow(
File "D:\Django_Projects\Projects\venv\lib\site-packages\msal\oauth2cli\oauth2.py", line 538, in obtain_token_by_auth_code_flow
raise ValueError("state missing from auth_code_flow")

Exception Type: ValueError at /callback
Exception Value: state missing from auth_code_flow

Please help here

[jasonjoh]

The error indicates that the auth flow wasn't found in the user's session. Basically, before the app redirects to the MS login page, it saves a "state" value in the session. It compares the state returned from the login process to make sure it matches the expected value. It's not finding the saved expected value to compare, and throwing that error.

Did you run python manage.py migrate? I believe Django uses the local database for storing sessions, and I don't think the database is initialized unless you run that command.

If you did run it, can you post your project on your GitHub? I'd be happy to take a look.

[ghost]

This issue has been automatically marked as stale because it has been marked as requiring author feedback but has not had any activity for 4 days. It will be closed if no further activity occurs within 3 days of this comment.

[bjornpoort]

Works like a gem locally, but got the same issue on production (running on Heroku). If home page is refreshed you can view your calendar though

[jasonjoh]

@bjornpoort maybe this is relevant? https://stackoverflow.com/questions/52535488/django-sessions-not-working-as-expected-on-heroku

[jasonjoh]

@Sunag3 - check with your browser developer tools if there is a sessionid in the cookie. I had a colleague that had this same problem - turned out he was browsing to http://127.0.0.1:8000 instead of http://localhost:8000. Chrome would not set the cookie when using the IP address, which broke sessions. It works if you browse to http://localhost:8000.

[Sunag3]

Hi, Thank you so much it works, problem was i was accessing through the ip address, it works fine with the localhost,
Also please suggest on below thing:

1. How to add organizational tenant id
2. What may be the changes if we have to do in production, i.e. in https environment and RHEL Server
3. can we implement authentication for all the views, example it only shows for home view, what if we have more than one view.

[Sunag3]

Got This error after giving microsoft credentials

[jasonjoh]

1. In oauth_settings.yml replace common in authority: "https://login.microsoftonline.com/common" with your tenant ID.
2. Theoretically none to the code - you would need to update your app registration with the new URL to your callback in production.
3. Sure. You really only need to check if the user is authenticated in your views (user.is_authenticated) and do what you want based on this value.

Your error image didn't upload.

[Sunag3]

Thanks, currently the code is written in such a way that landing page is loaded and there has been given sign in button explicitly, but my requirement is, if i hit http://localhost:8000 it automatically redirects to Microsoft login page , then only it has to render my landing page, i have tried by giving login_required decorator to the home view but that doesn't worked

[Sunag3]

Also i have downloaded your complete project and i tried to run, it gives time zone error

System check identified no issues (0 silenced).
January 16, 2021 - 17:08:43
Django version 3.1.4, using settings 'graph_tutorial.settings'
Starting development server at http://127.0.0.1:8000/
Quit the server with CTRL-BREAK.
[16/Jan/2021 17:09:00] "GET / HTTP/1.1" 200 2796
[16/Jan/2021 17:09:00] "GET /static/tutorial/app.css HTTP/1.1" 200 224
[16/Jan/2021 17:09:03] "GET /signin HTTP/1.1" 302 0
Sunag SJ
'timeZone'
[16/Jan/2021 17:09:14] "GET /callback?code=M.R3_BAY.b2a3d0e1-6382-192f-79fb-dc457b57d833&state=ydfFCvuEGYZctAiz HTTP/1.1" 302 0
[16/Jan/2021 17:09:15] "GET / HTTP/1.1" 200 2796

[Sunag3]

hi
PFB link for Project Zip Files, it has 2 projects
https://github.com/Sunag3/AUTH_Projects.git

• grap_tutorial : clone downloaded from your repository, its giving timezone key error and sign is not happening
• graph_tutorial_old : not used caleder just created till implementation of Sign in -- its redirected to home page with error,

[jasonjoh]

Check and see if your user has a timeZone set. You can verify this in Graph Explorer. Do a GET https://graph.microsoft.com/v1.0/me/mailboxsettings and look for a timeZone property.