I have a python native backend. I’ve gone through the tutorials and all work fine locally with the localhost
callbacks. However in production on a k8s server behind an ingress controller. I get the following error:
[2022-01-10 13:55:06,987] ERROR in app: Exception on /auth-callback-su [GET]
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 2447, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1952, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1821, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python3.9/site-packages/flask/_compat.py", line 39, in reraise
raise value
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1950, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1936, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/app/web/users/auth0.py", line 31, in callback_sign_up
auth0.authorize_access_token()
File "/usr/local/lib/python3.9/site-packages/authlib/integrations/flask_client/remote_app.py", line 76, in authorize_access_token
token = self.fetch_access_token(**params)
File "/usr/local/lib/python3.9/site-packages/authlib/integrations/base_client/remote_app.py", line 112, in fetch_access_token
token = client.fetch_token(token_endpoint, **kwargs)
File "/usr/local/lib/python3.9/site-packages/authlib/oauth2/client.py", line 203, in fetch_token
return self._fetch_token(
File "/usr/local/lib/python3.9/site-packages/authlib/oauth2/client.py", line 226, in _fetch_token
return self.parse_response_token(resp.json())
File "/usr/local/lib/python3.9/site-packages/authlib/oauth2/client.py", line 380, in parse_response_token
self.handle_error(error, description)
File "/usr/local/lib/python3.9/site-packages/authlib/integrations/requests_client/oauth2_session.py", line 117, in handle_error
raise OAuthError(error_type, error_description)
authlib.integrations.base_client.errors.OAuthError: access_denied: Unauthorized
Exception on /auth-callback-su [GET]
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 2447, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1952, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1821, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python3.9/site-packages/flask/_compat.py", line 39, in reraise
raise value
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1950, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1936, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/app/web/users/auth0.py", line 31, in callback_sign_up
auth0.authorize_access_token()
File "/usr/local/lib/python3.9/site-packages/authlib/integrations/flask_client/remote_app.py", line 76, in authorize_access_token
token = self.fetch_access_token(**params)
File "/usr/local/lib/python3.9/site-packages/authlib/integrations/base_client/remote_app.py", line 112, in fetch_access_token
token = client.fetch_token(token_endpoint, **kwargs)
File "/usr/local/lib/python3.9/site-packages/authlib/oauth2/client.py", line 203, in fetch_token
return self._fetch_token(
File "/usr/local/lib/python3.9/site-packages/authlib/oauth2/client.py", line 226, in _fetch_token
return self.parse_response_token(resp.json())
File "/usr/local/lib/python3.9/site-packages/authlib/oauth2/client.py", line 380, in parse_response_token
self.handle_error(error, description)
File "/usr/local/lib/python3.9/site-packages/authlib/integrations/requests_client/oauth2_session.py", line 117, in handle_error
raise OAuthError(error_type, error_description)
authlib.integrations.base_client.errors.OAuthError: access_denied: Unauthorized
This is how my callback url looks:
@bp.route(CALLBACK_SING_UP)
def callback_sign_up():
auth0.authorize_access_token()
r = auth0.get("userinfo")
userinfo = r.json()
email = userinfo["email"]
return render_template("users/signed_up.html", user=email)
The logs in the management console say this:
{
"date": "2022-01-10T13:43:16.224Z",
"type": "feacft",
"description": "Unauthorized",
"connection_id": "",
"client_id": null,
"client_name": null,
"ip": "xx.xx.xx.",
"user_agent": "Other 0.0.0 / Other 0.0.0",
"details": {
"code": "******************************************b41"
},
"hostname": "dev-1z4b6wsv.eu.auth0.com",
"user_id": "",
"user_name": "",
"log_id": "90020220110134317181942901644625680577123391796617936946",
"_id": "90020220110134317181942901644625680577123391796617936946",
"isMobile": false
}
Any ideas?