Open Prasath00023 opened 1 month ago
Hm, azd up should have setup everything for you. Did you see anything in the logs for the initial "azd up"? It generally prints out the authentication setup steps.
As for the errors, you'll need to check the logs for more details and what actual error is happening. See aka.ms/appservice-logs for more ideas on viewing logs. It can often be easier to replicate the error locally, so that you don't have to sift through the App Service logs. Does it work locally?
@pamelafox I have the same issue and i have executed azd up successfully
2024-08-08 23:07:48.795 +00:00 [Trace] Middleware: Request came in on normal port, sending to normal target http://xxx.xxx.xxx.10:8000/chat/stream
2024-08-08 23:07:48.795 +00:00 [Trace] Middleware: Forwarding request to http://XXX.XXX.XXX.10:8000/chat/stream
2024-08-08 23:07:48.797 +00:00 [Debug] Microsoft.AspNetCore.Server.Kestrel: Connection id "0HN5NNQOC9OK7", Request id "0HN5NNQOC9OK7:00000001": started reading request body.
2024-08-08 23:07:48.797 +00:00 [Debug] Microsoft.AspNetCore.Server.Kestrel: Connection id "0HN5NNQOC9OK7", Request id "0HN5NNQOC9OK7:00000001": done reading request body.
2024-08-08 23:07:48.803 +00:00 [Trace] Middleware: Forwarded request finished in 8.082ms 200 Forbidden
2024-08-08 23:07:48.804 +00:00 [Debug] Microsoft.AspNetCore.Server.Kestrel.Connections: Connection id "0HN5NNQOC9OK7" completed keep alive response.
2024-08-08 23:07:48.804 +00:00 [Information] Microsoft.AspNetCore.Hosting.Diagnostics: Request finished HTTP/1.1 POST https://xxx.xxxx.net/chat/stream - 403 213 text/html;+charset=utf-8 10.3006ms
2024-08-08T23:07:48.801912329Z 2024-08-08 23:07:48,800 - ERROR - Exception getting authorization information - "Authorization header is expected"
2024-08-08T23:07:48.801966430Z Traceback (most recent call last):
2024-08-08T23:07:48.801986530Z File "/tmp/8dcb2f22feb44dd/core/authentication.py", line 216, in get_auth_claims_if_enabled
2024-08-08T23:07:48.801993330Z auth_token = AuthenticationHelper.get_token_auth_header(headers)
2024-08-08T23:07:48.801998830Z ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
2024-08-08T23:07:48.802004230Z File "/tmp/8dcb2f22feb44dd/core/authentication.py", line 138, in get_token_auth_header
2024-08-08T23:07:48.802010130Z raise AuthError(error="Authorization header is expected", status_code=401)
2024-08-08T23:07:48.802016531Z core.authentication.AuthError: Authorization header is expected
2024-08-08T23:07:48.803559046Z 2024-08-08 23:07:48,803 - 169.254.129.3:43604 - "POST /chat/stream HTTP/1.1" 403
Its wired, although i am on GET redirected to easy auth configured 3rd party IDP and login sucessfull, then in chat request Chrome does not seem to show an "Authorization Header" but an Cockie only.
Sitenote: I would prefer to see an impl purely on Open Id Connect in Authorization.py instead this wrappers, which makes it hard to understand what is going on.
The code as well checks for "x-ms-token-aad-access-token" but this is not there as well. The code might need to GET /.auth/me ..ther is an (too?) short access and identity token
So as neither the header "Authorization" nor "x-ms-token-aad-access-toke" it raises the last line
"raise AuthError(error="Authorization header is expected", status_code=401)"
It feel like the azure web app easy auth provider setup is not supported , is it? But how else to configure /switch between Azure or OpeneIdConnect and other providers?
I also have the gut feeling opneod scopes as gro
This is so annoying to get this error silently. And the app is super slow on top of this!
This issue is for a: (mark with an
x
)Minimal steps to reproduce
Any log messages given by the failure
Expected/desired behavior
OS and Version?
azd version?
Versions
Mention any other details that might be useful
I have created environment with App services , Search services, Document intelligence to free tier and used OpenAI API key. Enabled login and user upload features. I have set in a way to use free services and use manage files feature. I have attached commands that I have executed.
azd auth login azd env new azd env set AZURE_USE_AUTHENTICATION true azd env set AZURE_ENFORCE_ACCESS_CONTROL true azd env set AZURE_ENABLE_GLOBAL_DOCUMENT_ACCESS true azd env set AZURE_AUTH_TENANT_ID
azd env set USE_USER_UPLOAD true
azd env set AZURE_APP_SERVICE_SKU F1
azd env set AZURE_SEARCH_SERVICE_SKU free
azd env set AZURE_DOCUMENTINTELLIGENCE_SKU F0
azd env set OPENAI_HOST openai
azd env set OPENAI_API_KEY {Your OpenAI API key}
azd up.
When I deployed in Azure Portal it Automatically didn't create APP registrations and shows Type Error in chat and "Error uploading" in + manage upload files.