Unable to authenticate using GitHub
Categories
(Webtools Graveyard :: Pontoon, defect, P2)
Tracking
(Not tracked)
People
(Reporter: mathjazz, Assigned: abowler)
Details
Attachments
(1 file)
GitHub authentication seems to be broken.
I'm getting the same error locally as described here:
https://discourse.mozilla.org/t/github-authorization-does-not-work-heroku/68562
|
Reporter | |
Comment 1•4 years ago
|
||
April, since you resolved bug 1558484, would you be able to work on this?
In working on this I discovered that there were 2 issues. The first was that there was a syntax error in authentication_error.html which was causing the app to crash when being redirected from GitHub. I have pushed a separate fix for that
Of course, that means that there is an error within the GitHub authentication process. Unfortunately, I can't seem to track down what that error is.
What I do know:
A few months back GitHub changed how their OAuth worked switching from query params to authorization headers. The necessary adjustments were made by django-allauth and are now in version 0.42.0, which is the version Pontoon is using.
The current flow works all the way until GitHub redirects back to Pontoon. By that I mean, the login form displays and correctly associates to my account, the authorization completes on GitHub and I show 1 authorized user for the app, and GitHub then redirects back to the homepage at which point the error page is displayed and clicking 'Try again' just reloads the error page.
The logs do not indicate any errors that I can see:
[INFO:django.server] 2020-10-10 20:11:16,648 "GET /accounts/github/login/?next=/ HTTP/1.1" 302 0
[INFO:django.server] 2020-10-10 20:11:24,576 "GET /accounts/github/login/callback/?code=54a4744795fe3470d81b&state=KLRoeXMCHiPL HTTP/1.1" 200 1170
[INFO:django.server] 2020-10-10 20:11:24,675 "GET /favicon.ico HTTP/1.1" 301 0
On the Pontoon side of things: In checking in the admin panel there is no user created or access token added, however, when you try to sign in again as long as the token is still authenticated in GitHub the error page displays rather than the login so GitHub is recognizing that the account is already authenticated.
Any ideas on where I should look to figure out where the disconnect is?
|
|
Reporter | |
Comment 5•4 years ago
•
|
||
(In reply to abowler2 from comment #4)
A few months back GitHub changed how their OAuth worked switching from query params to authorization headers. The necessary adjustments were made by django-allauth and are now in version 0.42.0, which is the version Pontoon is using.
Seems like Pontoon is using 0.41.0?
https://github.com/mozilla/pontoon/blob/master/requirements/default.txt#L48
It's also interesting that Rust instance apparently uses 0.34.0 and I'm able to authenticate using GitHub:
https://github.com/rust-lang/pontoon/blob/051a48928c3d0e602b6cd58b77ac985d51594cec/requirements/default.txt#L48
https://pontoon.rust-lang.org/
|
||
Comment 6•4 years ago
|
||
:abowler
Hey, I'm probably at fault. I was working on solving the issue about the authentication with the Steam provider and I probably had updated the version of django-allauth and didn't reset the branch.
I'll try to check if the Github provider works on 0.42.0.
|
||
Comment 7•4 years ago
|
||
|
|
Reporter | |
Updated•4 years ago
|
|
||
Updated•3 years ago
|
Description
•