django-openid-auth OpenID failed : unknown user

StackOverflow https://stackoverflow.com/questions/12022451

Question

I'm trying to implement a simple single sign on Open ID authentication on Steam via django-openid-auth using Django 1.4.1 I basically used the same exact settings as provided in the official repo example :

import os
import django
import settings_local

DEBUG = True
TEMPLATE_DEBUG = DEBUG
PROJECT_DIR = os.path.dirname(__file__)

ADMINS = (
     ('me', 'me@gmail.com'),
)

MANAGERS = ADMINS

DATABASES = {
    'default': {
        'ENGINE': 'django.db.backends.postgresql_psycopg2',
        'NAME': settings_local.DB_NAME,
        'USER': settings_local.DB_USER,
        'PASSWORD': settings_local.DB_PW,
        'HOST': settings_local.DB_HOST,
        'PORT': '',
    }
}

TIME_ZONE = 'Europe/Paris'
LANGUAGE_CODE = 'en-us'
SITE_ID = 1
USE_I18N = True
USE_L10N = True

USE_TZ = True

MEDIA_ROOT = ''
MEDIA_URL = ''

STATIC_ROOT = ''
STATIC_URL = '/static/'

STATICFILES_DIRS = (
    # Put strings here, like "/home/html/static" or "C:/www/django/static".
    # Always use forward slashes, even on Windows.
    # Don't forget to use absolute paths, not relative paths.
)

STATICFILES_FINDERS = (
    'django.contrib.staticfiles.finders.FileSystemFinder',
    'django.contrib.staticfiles.finders.AppDirectoriesFinder',
#    'django.contrib.staticfiles.finders.DefaultStorageFinder',
)

SECRET_KEY = settings_local.PROJECT_SECRET_KEY

TEMPLATE_LOADERS = (
    'django.template.loaders.filesystem.Loader',
    'django.template.loaders.app_directories.Loader',
#     'django.template.loaders.eggs.Loader',
)

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
    'debug_toolbar.middleware.DebugToolbarMiddleware',
)

ROOT_URLCONF = 'myproject.urls'

WSGI_APPLICATION = 'myproject.wsgi.application'

TEMPLATE_DIRS = (
    os.path.join(PROJECT_DIR, "templates"),
)

INSTALLED_APPS = (
    'django.contrib.auth',
    'django.contrib.contenttypes',
    'django.contrib.sessions',
    'django.contrib.sites',
    'django.contrib.messages',
    'django.contrib.staticfiles',
    'django.contrib.admin',
    'django.contrib.admindocs',
    'south',
    'debug_toolbar',
    'accounts',
    'django_openid_auth',
)

AUTH_PROFILE_MODULE = 'accounts.UserProfile'

# django-debug-toolbar
INTERNAL_IPS = ('127.0.0.1',)
DEBUG_TOOLBAR_CONFIG = {
    'INTERCEPT_REDIRECTS': True,
    'SHOW_TEMPLATE_CONTEXT': True,
}

# django-openid-auth
AUTHENTICATION_BACKENDS = (
    'django_openid_auth.auth.OpenIDBackend',
    'django.contrib.auth.backends.ModelBackend',
)

OPENID_CREATE_USER = True
#ALLOWED_EXTERNAL_OPENID_REDIRECT_DOMAINS = ['http://steamcommunity.com/']
OPENID_UPDATE_DETAILS_FROM_SREG = False
OPENID_SSO_SERVER_URL = settings_local.STEAM_OPENID_ENDPOINT
LOGIN_URL = '/login/'
LOGIN_REDIRECT_URL = '/'
OPENID_USE_AS_ADMIN_LOGIN = False 

LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
    'filters': {
        'require_debug_false': {
            '()': 'django.utils.log.RequireDebugFalse'
        }
    },
    'handlers': {
        'mail_admins': {
            'level': 'ERROR',
            'filters': ['require_debug_false'],
            'class': 'django.utils.log.AdminEmailHandler'
        }
    },
    'loggers': {
        'django.request': {
            'handlers': ['mail_admins'],
            'level': 'ERROR',
            'propagate': True,
        },
        }
    }

my views.py

from django.http import HttpResponse
from django.contrib.auth.decorators import login_required
from django.shortcuts import render_to_response

def home(request):
    if request.user.is_authenticated():
        return render_to_response('home.html', {'username':
            request.openid})
    else:
        return render_to_response('home.html', {'auth_url': '/openid/login/'})

def next_works(request):
    return HttpResponse('?next= bit works')

@login_required
def require_authentication(request):
    return HttpReponse('This page requires authentication')

def login(request):
    pass

home.html

<p>index</p>
{% if auth_url %}
<form action="{{ action }}" method="post">
    {% csrf_token %}
    <p> <a href={{ auth_url }}>log in</a></p>
    {% if username %}
    you are {{ username }}
    {% endif %}
</form>
{% endif %}

runserver log:

[18/Aug/2012 23:07:23] "GET /openid/login/ HTTP/1.1" 200 152374
Error attempting to use stored discovery information: <openid.consumer.consumer.TypeURIMismatch: Required type http://specs.openid.net/auth/2.0/signon not found in ['http://specs.openid.net/auth/2.0/server'] for endpoint <openid.consumer.discover.OpenIDServiceEndpoint server_url='https://steamcommunity.com/openid/login' claimed_id=None local_id=None canonicalID=None used_yadis=True >>
Attempting discovery to verify endpoint
Performing discovery on http://steamcommunity.com/openid/id/XXXXXXX
Received id_res response from https://steamcommunity.com/openid/login using association 1234567890
Using OpenID check_authentication
signed
op_endpoint
claimed_id
identity
return_to
response_nonce
assoc_handle
[18/Aug/2012 23:07:34] "GET /openid/complete/?janrain_nonce=2012-08-18T21%3A07%3A23ZqVw9m0&openid.ns=http%3A%2F%2Fspecs.openid.net%2Fauth%2F2.0&openid.mode=id_res&openid.op_endpoint=https%3A%2F%2Fsteamcommunity.com%2Fopenid%2Flogin&openid.claimed_id=http%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2FXXXXXXX&openid.identity=http%3A%2F%2Fsteamcommunity.com%2Fopenid%2Fid%2FXXXXXXX&openid.return_to=http%3A%2F%2F0.0.0.0%3A8000%2Fopenid%2Fcomplete%2F%3Fjanrain_nonce%3D2012-08-18T21%253A07%253A23ZqVw9m0&openid.response_nonce=2012-08-18T21%3A07%3A21Z1IUzhN7wFJy70hXK0bam4nlVxsc%3D&openid.assoc_handle=1234567890&openid.signed=signed%2Cop_endpoint%2Cclaimed_id%2Cidentity%2Creturn_to%2Cresponse_nonce%2Cassoc_handle&openid.sig=yvReb4BR0gTpkig0cLyT%2BA5QdYc%3D HTTP/1.1" 403 169466

What happens :

  • user clicks on login
  • redirected to steamcommunity.com/openid/login and asked steam id/pw
  • redirected back to the website at /openid/complete/?janrain_nonce=... with a 403 error code, triggering django-openid-auth "unknown user" message code

What I have tried :

  • using the django-openid-auth exemple and replacing OPENID_SSO_SERVER_URL by the Steam OpenID endpoint -- it works
  • using this exemple repository and placing the Steam OpenID endpoint in /media/js/openid-en.js -- it works too

I can't find what is wrong in my code after searching for hours now.

EDIT : Fixed it. Simply took settings.py from django-openid-auth/example_consumer and changed it line by line to see where the problem was. Ended up having the exact same settings.py pasted on this page but it's now working...

Was it helpful?

Solution

I ran into the exact same issue and discovered that the problem was with this line:

OPENID_CREATE_USER = True

This setting is missing the S at the end of the name. The line should read:

OPENID_CREATE_USERS = True

Correcting this typo caused OpenID login to work perfectly. When the OP says "Ended up having the exact same settings.py pasted on this page but it's now working..." they probably missed this very small difference.

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top