Django-allauth - OpenID 和 OAuth 重定向 + Apache 作为代理
Django-allauth - OpenID and OAuth redirect + Apache as Proxy
我正在尝试启用基于 OpenID 的 Steam 登录。
我的环境非常简单,django 运行 gunicorn @ 8000,Apache @ 80
<VirtualHost *:80>
ServerName dev.example.com
# Point this to your public folder of teambox
DocumentRoot /var/www/vhosts/dev.example.com/Example/
# Custom log file locations
ErrorLog /var/log/apache2/dev.example.com_error.log
CustomLog /var/log/apache2/dev.example.com_access.log combined
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8000/
<Location />
ProxyPassReverse /
Order deny,allow
Allow from all
</Location>
</VirtualHost>
在这两种情况下,我都会收到以下错误
ERROR:root:Missing required parameter in response from https://steamcommunity.com/openid/login: ('http://specs.openid.net/auth/2.0', 'assoc_type')
Traceback (most recent call last):
File "/usr/local/lib/python3.4/dist-packages/openid/message.py", line 455, in getArg
return self.args[args_key]
KeyError: ('http://specs.openid.net/auth/2.0', 'assoc_type')
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.4/dist-packages/openid/consumer/consumer.py", line 1280, in _requestAssociation
assoc = self._extractAssociation(response, assoc_session)
File "/usr/local/lib/python3.4/dist-packages/openid/consumer/consumer.py", line 1397, in _extractAssociation
OPENID_NS, 'assoc_type', no_default)
File "/usr/local/lib/python3.4/dist-packages/openid/message.py", line 458, in getArg
raise KeyError((namespace, key))
KeyError: ('http://specs.openid.net/auth/2.0', 'assoc_type')
现在(对我来说)奇怪的部分是,如果我直接连接到 8000,重定向确实有效,即使它在后台产生错误,但通过 80 则不会。最奇怪的是,Django 返回的重定向不一样。
:80 通过 Apache
example.com/nl/openid/login/?process=login&openid=http%3A%2F%2Fsteamcommunity.com%2Fopenid
example.com/nl/openid/login?openid.ax.mode=fetch_request&openid.ax.required=...
example.com/nl/openid/login/?openid.ax.mode=fetch_request&openid.ax.required=...
:8000 个案例 - 直接连接到 gunicorn
example.com:8000/nl/openid/login/?process=login&openid=http%3A%2F%2Fsteamcommunity.com%2Fopenid
https://steamcommunity.com/openid/login?openid.ax.mode=fetch_request&openid.ax.required=...
-- 编辑--
经过更多测试后发现 Google OAuth 有同样的问题,将我重定向到我的站点 /o/oauth2/ 而不是 google.com/o/oauth2/
经过一些踢打、尖叫和向 Apache 大神祈祷后,结果证明我的 Apache 配置有误,ProxyPassReverse 有问题
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8000/
ProxyPassReverse / http://127.0.0.1:8000/
<Location />
# ProxyPassReverse /
Order deny,allow
Allow from all
</Location>
我正在尝试启用基于 OpenID 的 Steam 登录。
我的环境非常简单,django 运行 gunicorn @ 8000,Apache @ 80
<VirtualHost *:80>
ServerName dev.example.com
# Point this to your public folder of teambox
DocumentRoot /var/www/vhosts/dev.example.com/Example/
# Custom log file locations
ErrorLog /var/log/apache2/dev.example.com_error.log
CustomLog /var/log/apache2/dev.example.com_access.log combined
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8000/
<Location />
ProxyPassReverse /
Order deny,allow
Allow from all
</Location>
</VirtualHost>
在这两种情况下,我都会收到以下错误
ERROR:root:Missing required parameter in response from https://steamcommunity.com/openid/login: ('http://specs.openid.net/auth/2.0', 'assoc_type')
Traceback (most recent call last):
File "/usr/local/lib/python3.4/dist-packages/openid/message.py", line 455, in getArg
return self.args[args_key]
KeyError: ('http://specs.openid.net/auth/2.0', 'assoc_type')
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.4/dist-packages/openid/consumer/consumer.py", line 1280, in _requestAssociation
assoc = self._extractAssociation(response, assoc_session)
File "/usr/local/lib/python3.4/dist-packages/openid/consumer/consumer.py", line 1397, in _extractAssociation
OPENID_NS, 'assoc_type', no_default)
File "/usr/local/lib/python3.4/dist-packages/openid/message.py", line 458, in getArg
raise KeyError((namespace, key))
KeyError: ('http://specs.openid.net/auth/2.0', 'assoc_type')
现在(对我来说)奇怪的部分是,如果我直接连接到 8000,重定向确实有效,即使它在后台产生错误,但通过 80 则不会。最奇怪的是,Django 返回的重定向不一样。
:80 通过 Apache
example.com/nl/openid/login/?process=login&openid=http%3A%2F%2Fsteamcommunity.com%2Fopenid
example.com/nl/openid/login?openid.ax.mode=fetch_request&openid.ax.required=...
example.com/nl/openid/login/?openid.ax.mode=fetch_request&openid.ax.required=...
:8000 个案例 - 直接连接到 gunicorn
example.com:8000/nl/openid/login/?process=login&openid=http%3A%2F%2Fsteamcommunity.com%2Fopenid
https://steamcommunity.com/openid/login?openid.ax.mode=fetch_request&openid.ax.required=...
-- 编辑--
经过更多测试后发现 Google OAuth 有同样的问题,将我重定向到我的站点 /o/oauth2/ 而不是 google.com/o/oauth2/
经过一些踢打、尖叫和向 Apache 大神祈祷后,结果证明我的 Apache 配置有误,ProxyPassReverse 有问题
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://127.0.0.1:8000/
ProxyPassReverse / http://127.0.0.1:8000/
<Location />
# ProxyPassReverse /
Order deny,allow
Allow from all
</Location>