Ah! Make sure the setting SOCIAL_AUTH_EDX_OIDC_ISSUER is set to the same value as OAUTH_URL_ROOT. It seems someone forgot to document this change.
On Wed, May 10, 2017 at 1:16 AM Arnaud Deville <[email protected]> wrote: > Hello, > > Same problem. > > Anyone for help ? > > On Monday, January 11, 2016 at 1:14:10 PM UTC+1, melvin bautista wrote: >> >> Hi clinton, >> Thanks fo rthis information. I encounter this error >> >> user = super(EdXOpenIdConnect, self).auth_complete(*args, **kwargs) >> File >> "/edx/app/ecommerce/venvs/ecommerce/local/lib/python2.7/site-packages/social/utils.py", >> line 229, in wrapper >> return func(*args, **kwargs) >> File >> "/edx/app/ecommerce/venvs/ecommerce/local/lib/python2.7/site-packages/social/backends/oauth.py", >> line 383, in auth_complete >> method=self.ACCESS_TOKEN_METHOD >> File >> "/edx/app/ecommerce/venvs/ecommerce/local/lib/python2.7/site-packages/social/backends/open_id.py", >> line 361, in request_access_token >> self.id_token = >> self.validate_and_return_id_token(response['id_token']) >> File >> "/edx/app/ecommerce/venvs/ecommerce/local/lib/python2.7/site-packages/social/backends/open_id.py", >> line 336, in validate_and_return_id_token >> raise AuthTokenError(self, err) >> AuthTokenError: Token error: Invalid issuer >> >> >> >> Although i already setup my >> ECOMMERCE_API_SIGNING_KEY (for LMS) same JWT_SECRET_KEY (for Otto) all >> match >> >> and also i already setup the >> >> SOCIAL_AUTH_EDX_OIDC_ID_TOKEN_DECRYPTION_KEY: omited.same.as.OIDC_SECRET >> SOCIAL_AUTH_EDX_OIDC_KEY: omited_client_key.... >> SOCIAL_AUTH_EDX_OIDC_SECRET: >> omited.this.is.from.cliend_secret_key.from.ouath2 >> >> >> I know im missing something . im trying to login and it direct me to my >> OAUTH2_PROVIDER_URL and then try to login then it redirect me to >> http:/x.x.x.x:18130/complete/edx-oidc/xxxx/xxxxx/xxxxxxx >> >> Then i encounte error >> >> When i try to look at the log it says AuthTokenError: Token error: >> Invalid issuer. >> >> when im look aht the jwt setup: >> >> JWT_AUTH: >> JWT_ALGORITHM: HS256 >> JWT_DECODE_HANDLER: >> ecommerce.extensions.api.handlers.jwt_decode_handler >> JWT_ISSUERS: >> - http://omitted_ouathlink/oauth2 >> - ecommerce_worker >> JWT_SECRET_KEY: ommited.same.in.signing.key >> JWT_VERIFY_EXPIRATION: true >> >> >> What im missing?? What the Invalid issuer means? >> >> Thank you. >> >> On Wed, Jan 6, 2016 at 10:04 PM, Clinton Blackburn <[email protected]> >> wrote: >> >>> If the OAuth authorization page raises a 404, you may need to enable the >>> feature. In your settings add FEATURES["ENABLE_OAUTH2_PROVIDER"] = True. >>> >>> On Tuesday, January 5, 2016 at 8:41:53 AM UTC-5, melvin bautista wrote: >>>> >>>> Hi i have the Otto eCommerce service running at x.x.x.x:18130 and the >>>> gui shows up. >>>> >>>> is the otto gui is correct? >>>> And then when i try to go to x.x.x.x:18130/courses it will direct to me >>>> to the http://x.x.x.x/oauth2/authorize/xxxxxx/xxxxxx/xxx >>>> >>>> and it says page not found. >>>> >>>> I already configure the client key and client secret.. but i dont know >>>> why im directed to the page not found while trying to access the >>>> x.x.x.x:18130/courses or try to login. >>>> And do i need to run the $ python manage.py runserver 18130 or $ >>>> python manage.py runserver 8002 command? >>>> >>>> Regards, >>>> Melvs >>>> >>> -- >>> You received this message because you are subscribed to the Google >>> Groups "General Open edX discussion" group. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/edx-code/78ae85ad-9681-4529-8f42-2ae2cef6f6ed%40googlegroups.com >>> <https://groups.google.com/d/msgid/edx-code/78ae85ad-9681-4529-8f42-2ae2cef6f6ed%40googlegroups.com?utm_medium=email&utm_source=footer> >>> . >>> >> >> -- > You received this message because you are subscribed to a topic in the > Google Groups "General Open edX discussion" group. > To view this discussion on the web visit > https://groups.google.com/d/msgid/edx-code/9f50c6ad-f471-43ec-be6a-210249038403%40googlegroups.com > <https://groups.google.com/d/msgid/edx-code/9f50c6ad-f471-43ec-be6a-210249038403%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- Clinton Blackburn -- You received this message because you are subscribed to the Google Groups "General Open edX discussion" group. To view this discussion on the web visit https://groups.google.com/d/msgid/edx-code/CAJ%3D5OMVYcJkShAOXuKN6HL51fh7iHcfSQTQTb9tHTNWgYLTHTg%40mail.gmail.com.
