para doesn't redirect back to scoold

gormus commented 2 years ago

Hi,

I'm running Scoold locally with an instance of paraio.com development account.

When I try to login at http://localhost:8000/ I get redirected to my oauth provider as expected, and it successfully redirects back to paraio.com/oauth2_auth with a 200 status. But it doesn't redirect back to my localhost instance, and just stays on para.

scoold.app_secret_key = "*****OMITTED*****"
scoold.para_access_key = "app:demo1"
scoold.para_secret_key = "*****OMITTED*****"
scoold.host_url = "http://localhost:8000"
scoold.para_endpoint = "https://paraio.com"

# OAuth login
scoold.oa2_app_id = "demo_community"
scoold.oa2_secret = "*****OMITTED*****"
scoold.security.oauth.authz_url = "https://my-oauth-vendor.com/v1/oauth2/authorize"
scoold.security.oauth.token_url = "https://my-oauth-vendor.com/v1/oauth2/token"
scoold.security.oauth.profile_url = "https://my-oauth-vendor.com/v1/users/[:id]/public-profile"
scoold.security.oauth.scope = "offline identity.read identity coreservice"

I'm clearly missing something out. Could you help?

gormus commented 2 years ago

I also tried the same Oauth configuration on a cloud instance using the same paraio.com account. But the results are the same.

albogdano commented 2 years ago

Are you sure your OAuth2 settings are correct? For example this doesn't look right to me:

scoold.security.oauth.profile_url = "https://my-oauth-vendor.com/v1/users/[:id]/public-profile"

The [:id] will not be replaced with anything nor is it correct to query a single user profile. Try with another scope value like openid email profile

gormus commented 2 years ago

you were correct @albogdano. I changed the scoold.security.oauth.profile_url value with another API endpoint available by my vendor, and it just worked afterwords :) Cheers

Erudika / scoold

para doesn't redirect back to scoold #353