search

fief-dev / fief-python

Fief client for Python
https://docs.fief.dev/integrate/python/
MIT License
12 stars 4 forks source link

KeyError: 'authorization_endpoint' with /protected example from FastAPI webpage #8

Closed zopyx closed 1 year ago

zopyx commented 1 year ago

I am trying to run the Website example from https://docs.fief.dev/integrate/python/fastapi/

I am getting the error below (with properly configured keys and backend URL when I access /protected.

Python 3.11

anyio==3.6.2
certifi==2022.9.24
cffi==1.15.1
click==8.1.3
cryptography==38.0.4
Deprecated==1.2.13
fastapi==0.88.0
fief-client==0.14.6
h11==0.14.0
httpcore==0.16.2
httpx==0.23.1
idna==3.4
jwcrypto==1.4.2
makefun==1.15.0
pycparser==2.21
pydantic==1.10.2
rfc3986==1.5.0
sniffio==1.3.0
starlette==0.22.0
typing_extensions==4.4.0
uvicorn==0.20.0
wrapt==1.14.1

INFO:     127.0.0.1:57413 - "GET /protected HTTP/1.1" 500 Internal Server Error
ERROR:    Exception in ASGI application
Traceback (most recent call last):
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/uvicorn/protocols/http/h11_impl.py", line 407, in run_asgi
    result = await app(  # type: ignore[func-returns-value]
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/uvicorn/middleware/proxy_headers.py", line 78, in __call__
    return await self.app(scope, receive, send)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fastapi/applications.py", line 270, in __call__
    await super().__call__(scope, receive, send)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/applications.py", line 124, in __call__
    await self.middleware_stack(scope, receive, send)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/middleware/errors.py", line 184, in __call__
    raise exc
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/middleware/errors.py", line 162, in __call__
    await self.app(scope, receive, _send)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/middleware/exceptions.py", line 79, in __call__
    raise exc
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/middleware/exceptions.py", line 68, in __call__
    await self.app(scope, receive, sender)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fastapi/middleware/asyncexitstack.py", line 21, in __call__
    raise e
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fastapi/middleware/asyncexitstack.py", line 18, in __call__
    await self.app(scope, receive, send)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/routing.py", line 706, in __call__
    await route.handle(scope, receive, send)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/routing.py", line 276, in handle
    await self.app(scope, receive, send)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/routing.py", line 66, in app
    response = await func(request)
               ^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fastapi/routing.py", line 225, in app
    solved_result = await solve_dependencies(
                    ^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fastapi/dependencies/utils.py", line 504, in solve_dependencies
    solved_result = await solve_dependencies(
                    ^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fastapi/dependencies/utils.py", line 533, in solve_dependencies
    solved = await call(**sub_values)
             ^^^^^^^^^^^^^^^^^^^^^^^^
  File "<makefun-gen-0>", line 2, in _authenticated
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fief_client/integrations/fastapi.py", line 165, in _authenticated
    return await self.get_unauthorized_response(request, response)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/app2.py", line 13, in get_unauthorized_response
    auth_url = await self.client.auth_url(redirect_uri, scope=["openid"])
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fief_client/client.py", line 738, in auth_url
    return self._auth_url(
           ^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fief_client/client.py", line 215, in _auth_url
    authorization_endpoint = self._get_endpoint_url(
                             ^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fief_client/client.py", line 183, in _get_endpoint_url
    return openid_configuration[field]
           ~~~~~~~~~~~~~~~~~~~~^^^^^^^
KeyError: 'authorization_endpoint'
frankie567 commented 1 year ago

Do you use the cloud version or a self-hosted version? Which base_url did you provide to the client?

zopyx commented 1 year ago

Cloud version.

The error above is caused with an improper URL https://test-gr52uc.fief.dev/Test2.

I have a tenant Test2 with URL https://test-gr52uc.fief.dev/test2 which is also configured in my app.

I have a client configured for this tenant and I am using its credential within my app.

Now with the correct URL (Test2 vs test2), I see this error:

ERROR:    Exception in ASGI application
Traceback (most recent call last):
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/uvicorn/protocols/http/h11_impl.py", line 407, in run_asgi
    result = await app(  # type: ignore[func-returns-value]
             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/uvicorn/middleware/proxy_headers.py", line 78, in __call__
    return await self.app(scope, receive, send)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fastapi/applications.py", line 270, in __call__
    await super().__call__(scope, receive, send)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/applications.py", line 124, in __call__
    await self.middleware_stack(scope, receive, send)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/middleware/errors.py", line 184, in __call__
    raise exc
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/middleware/errors.py", line 162, in __call__
    await self.app(scope, receive, _send)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/middleware/exceptions.py", line 79, in __call__
    raise exc
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/middleware/exceptions.py", line 68, in __call__
    await self.app(scope, receive, sender)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fastapi/middleware/asyncexitstack.py", line 21, in __call__
    raise e
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fastapi/middleware/asyncexitstack.py", line 18, in __call__
    await self.app(scope, receive, send)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/routing.py", line 706, in __call__
    await route.handle(scope, receive, send)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/routing.py", line 276, in handle
    await self.app(scope, receive, send)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/starlette/routing.py", line 66, in app
    response = await func(request)
               ^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fastapi/routing.py", line 235, in app
    raw_response = await run_endpoint_function(
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fastapi/routing.py", line 161, in run_endpoint_function
    return await dependant.call(**values)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/app2.py", line 35, in auth_callback
    tokens, _ = await fief.auth_callback(code, redirect_uri)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fief_client/client.py", line 765, in auth_callback
    token_response = await self._auth_exchange_token(
                     ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/homebrew/Cellar/python@3.11/3.11.0/Frameworks/Python.framework/Versions/3.11/lib/python3.11/contextlib.py", line 222, in __aexit__
    await self.gen.athrow(typ, value, traceback)
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fief_client/client.py", line 967, in _get_httpx_client
    yield client
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/fief_client/client.py", line 1008, in _auth_exchange_token
    response.raise_for_status()
  File "/Users/ajung/src/fief/lib/python3.11/site-packages/httpx/_models.py", line 745, in raise_for_status
    raise HTTPStatusError(message, request=request, response=self)
httpx.HTTPStatusError: Client error '400 Bad Request' for url 'https://test-gr52uc.fief.dev/test2/api/token'
For more information check: https://httpstatuses.com/400
frankie567 commented 1 year ago

So, the right URL is definitely https://test-gr52uc.fief.dev/test2 (all-lowercase).

Now, for the 400 Bad Request error, you should double-check if your client secret is correct.

zopyx commented 1 year ago

Key and secret are correct and correspond with the client configured for the tenant Test2 behind /test2.

zopyx commented 1 year ago

Update: the error went away after using a private browser session...obviously something cached within the browser caused this error.

Next level: I created a user account through the admin UI and associated it with tenant Test2. However, I can not login in with the related credentials. Also tried with a second fresh account, same result.

zopyx commented 1 year ago

All right..need to create an access token manually in the admin UI for the related user...all working fine now :)