search

curso-r / auth0

Authentication in shinyapps using Auth0 service
https://curso-r.github.io/auth0/
Other
155 stars 21 forks source link

Shiny Server Callback URL Mismatch #45

Closed PaulC91 closed 5 years ago

PaulC91 commented 5 years ago

Hi all.

I'm trying to get auth0 working on a test app I've deployed on an open source shiny server instance. I've configured nginx routing so that apps can be accessed via https://hostname.com/app_dir where app_dir is the app directory in /srv/shiny-server/ being hosted by shiny server.

I've tried adding https://hostname.com/app_dir to the Allowed Callback URLs and Allowed Logout URLs and https://hostname.com to Allowed Web Origins on my auth0 app but I keep getting a Callback URL mismatch error from auth0 whenever I try to access the app. I noticed the callback error URL contains redirect_uri=http%3A%2F%2Flocalhost%3A3838 so it seems that auth0 is detected localhost:3838 as the callback and not https://hostname.com/app_dir.

Do you know how I can fix this?

Many thanks, Paul

jtrecenti commented 5 years ago

This is a bug caused by version 0.2.0. We're checking possible solutions, but probably we'll have to re-add the remote_url parameter

PaulC91 commented 5 years ago

OK great thank you! Is the remote_url parameter in _auth0.yml no longer in use? I do have it in there already as such:

shiny_config: 
  local_url: http://localhost:8080
  remote_url: https://hostname.com/app_dir
jtrecenti commented 5 years ago

@PaulC91, please try this:

remotes::install_github("curso-r/auth0", ref = "fix-45")

and the _auth0.yml file:

name: myApp
remote_url: 'https://hostname.com/app_dir'
auth0_config:
  api_url: 'https://<tenant>.auth0.com'
  credentials:
    key: <key>
    secret: <secret>
jtrecenti commented 5 years ago

We thought that it was possible to ignore these parameters, but we only tested in dockerized apps. But it seems that our strategy does not work with shiny-server and shinyapps.io. We're trying to figure out the best workaround

PaulC91 commented 5 years ago

Still getting the same error with localhost:3838 in the callback error url.

I'd be interested to know the appropriate config settings for a dockerized app also. I tried adding auth0 to a dockerized app deployed via shinyproxy but I couldn't get it working either.

Thanks.

jtrecenti commented 5 years ago

I tested the fix in shiny-server and shinyapps.io and it's working!

Maybe restart your server to make sure that you're using the "fix-45" version of auth0?

We've created a tutorial to make dockerized apps but it's just in Portuguese. We plan to translate it to English and add it to {auth0} package at the end of november.

PaulC91 commented 5 years ago

ah yes sorry I was still using

shiny_config: 
  remote_url: https://hostname.com/app_dir

rather than just remote_url: https://hostname.com/app_dir Working now!

Is session$userData$auth0_info and session$userData$auth0_credentials still the correct way to access this information as they are both now showing NULL in my test app.

jtrecenti commented 5 years ago

Paul, I messed up with the auth0_info() object. Please install the "fix-45" branch again.

jtrecenti commented 5 years ago

@PaulC91, I've submitted the fix to the master branch. Please re-close the issue if you find any problem.

PaulC91 commented 5 years ago

super, thanks Julio! let me know if the Portuguese docker tutorial is available anywhere! :)

jtrecenti commented 5 years ago

They are in our blog:

  1. How to create your app as a package (using golem) https://www.curso-r.com/blog/2019-08-27-app-pacote/

  2. Create dockerized app https://www.curso-r.com/blog/2019-09-04-app-docker/

The only difference from (2) and an app using auth0 is that you need to replace shiny::shinyApp() with auth0::shinyAppAuth0() and include the yml file in the same directory of the app.R file.

IroNEDR commented 3 years ago

I am having the exact same issue using the rocker/shiny-verse:4.0.3 image. I have configured my allowed callback urls correctly (https://example.domain.com) and the auth0.config has my url with the correct remote_url configured (also using https). But instead, the callback url references the "http://" version. I can manually add in the missing "s" in the url-bar and the app works. Is it possible that this bug was reintroduced somehow?

jhlewisjr801 commented 3 years ago

Hello, I have the same problem as IroNEDR. I have tried different combinations. My guess is that I have not set up the correct parameters in the shiny-auth directory, the yml file and the autho website. I have tried different examples (as found on the web and in your website) with the negative results. Dropping back to shiny0auth0 is working better than shiny-auth0-plus, but no success. Thanks for any assistance