Getting "TypeError: Cannot read properties of undefined (reading 'role')"

[Prasath00023]

Please provide us with the following information:

when I run "azd env set AZURE_USE_AUTHENTICATION true","azd env set AZURE_AUTH_TENANT_ID "a nd "azd up" , It didn't create Entra ID App , So manually created the app and configured as in the documentation. After running "azd up" and tried to query, getting the error "TypeError: Cannot read properties of undefined (reading 'role')" and while uploading pdf getting "Error uploading files - contact admin"

This issue is for a: (mark with an x)

- [ x] bug report -> please search issues before submitting
- [ ] feature request
- [ ] documentation issue or request
- [ ] regression (a behavior that used to work and stopped in a new release)

Minimal steps to reproduce

Any log messages given by the failure

Have all these logs in App Service : 2024-02-08T19:30:33.441385332Z Site's appCommandLine: python3 -m gunicorn main:app This log indicates that App Service was correctly configured with a custom startup command to run the app. [2024-02-08 19:31:11 +0000] [75] [INFO] Starting gunicorn 20.1.0 That's the start of the gunicorn server serving the app. 2024-02-08T19:32:20.726942614Z [2024-02-08 19:32:20 +0000] [77] [INFO] Application startup complete. At this point, the app has started successfully.

Expected/desired behavior

OS and Version?

Windows 10, Linux

azd version?

run azd version 1.9.5

Versions

Mention any other details that might be useful

I have created environment with App services , Search services, Document intelligence to free tier and used OpenAI API key. Enabled login and user upload features. I have set in a way to use free services and use manage files feature. I have attached commands that I have executed.

azd auth login azd env new azd env set AZURE_USE_AUTHENTICATION true azd env set AZURE_ENFORCE_ACCESS_CONTROL true azd env set AZURE_ENABLE_GLOBAL_DOCUMENT_ACCESS true azd env set AZURE_AUTH_TENANT_ID azd env set USE_USER_UPLOAD true azd env set AZURE_APP_SERVICE_SKU F1 azd env set AZURE_SEARCH_SERVICE_SKU free azd env set AZURE_DOCUMENTINTELLIGENCE_SKU F0 azd env set OPENAI_HOST openai azd env set OPENAI_API_KEY {Your OpenAI API key} azd up.

When I deployed in Azure Portal it Automatically didn't create APP registrations and shows Type Error in chat and "Error uploading" in + manage upload files.

---

Thanks! We'll be in touch soon.

[pamelafox]

Hm, azd up should have setup everything for you. Did you see anything in the logs for the initial "azd up"? It generally prints out the authentication setup steps.

As for the errors, you'll need to check the logs for more details and what actual error is happening. See aka.ms/appservice-logs for more ideas on viewing logs. It can often be easier to replicate the error locally, so that you don't have to sift through the App Service logs. Does it work locally?

[cforce]

@pamelafox I have the same issue and i have executed azd up successfully

2024-08-08 23:07:48.795 +00:00 [Trace] Middleware: Request came in on normal port, sending to normal target http://xxx.xxx.xxx.10:8000/chat/stream
2024-08-08 23:07:48.795 +00:00 [Trace] Middleware: Forwarding request to http://XXX.XXX.XXX.10:8000/chat/stream
2024-08-08 23:07:48.797 +00:00 [Debug] Microsoft.AspNetCore.Server.Kestrel: Connection id "0HN5NNQOC9OK7", Request id "0HN5NNQOC9OK7:00000001": started reading request body.
2024-08-08 23:07:48.797 +00:00 [Debug] Microsoft.AspNetCore.Server.Kestrel: Connection id "0HN5NNQOC9OK7", Request id "0HN5NNQOC9OK7:00000001": done reading request body.
2024-08-08 23:07:48.803 +00:00 [Trace] Middleware: Forwarded request finished in 8.082ms 200 Forbidden
2024-08-08 23:07:48.804 +00:00 [Debug] Microsoft.AspNetCore.Server.Kestrel.Connections: Connection id "0HN5NNQOC9OK7" completed keep alive response.
2024-08-08 23:07:48.804 +00:00 [Information] Microsoft.AspNetCore.Hosting.Diagnostics: Request finished HTTP/1.1 POST https://xxx.xxxx.net/chat/stream - 403 213 text/html;+charset=utf-8 10.3006ms
2024-08-08T23:07:48.801912329Z 2024-08-08 23:07:48,800 - ERROR - Exception getting authorization information - "Authorization header is expected"
2024-08-08T23:07:48.801966430Z Traceback (most recent call last):
2024-08-08T23:07:48.801986530Z   File "/tmp/8dcb2f22feb44dd/core/authentication.py", line 216, in get_auth_claims_if_enabled
2024-08-08T23:07:48.801993330Z     auth_token = AuthenticationHelper.get_token_auth_header(headers)
2024-08-08T23:07:48.801998830Z                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-08-08T23:07:48.802004230Z   File "/tmp/8dcb2f22feb44dd/core/authentication.py", line 138, in get_token_auth_header
2024-08-08T23:07:48.802010130Z     raise AuthError(error="Authorization header is expected", status_code=401)
2024-08-08T23:07:48.802016531Z core.authentication.AuthError: Authorization header is expected
2024-08-08T23:07:48.803559046Z 2024-08-08 23:07:48,803 - 169.254.129.3:43604 - "POST /chat/stream HTTP/1.1" 403

Its wired, although i am on GET redirected to easy auth configured 3rd party IDP and login sucessfull, then in chat request Chrome does not seem to show an "Authorization Header" but an Cockie only.

Sitenote: I would prefer to see an impl purely on Open Id Connect in Authorization.py instead this wrappers, which makes it hard to understand what is going on.

The code as well checks for "x-ms-token-aad-access-token" but this is not there as well. The code might need to GET /.auth/me ..ther is an (too?) short access and identity token

So as neither the header "Authorization" nor "x-ms-token-aad-access-toke" it raises the last line

"raise AuthError(error="Authorization header is expected", status_code=401)"

It feel like the azure web app easy auth provider setup is not supported , is it? But how else to configure /switch between Azure or OpeneIdConnect and other providers?

I also have the gut feeling opneod scopes as gro

[luhgit]

This is so annoying to get this error silently. And the app is super slow on top of this!