Odoo Help

Welcome!

This community is for beginners and experts willing to share their Odoo knowledge. It's not a forum to discuss ideas, but a knowledge base of questions and their answers.

1

OAUTH2 with Windows Azure Active Directory (WAAD) as a provider : JSON issue

By
Comexans
on 3/4/15, 7:08 AM 1,283 views

Hi,

I finally manage to set oauth2 with WAAD as a provider on an OpenERP v7 server under Linux Debian 7. Here is my setup :

  • created an OpenERP application link (and id) in WAAD console with the following settings:
    • Name : OpenERP
    • Connection URL : http://<FQDN>:8069/
    • and a client ID has been generated by WAAD
    • Mutualized application : No
    • Application URI: http://<FQDN>:8069/auth_oauth/signin
    • Answer/response URL: http://<FQDN>:8069/
  • enabled the oauth2 modules in OpenERP and 
  • created a new oauth2 provider in OpenERP with the following settings:
    • Provider name: Windows Azure AD
    • Client Id: [the one provided by WAAD]
    • Allowed: enabled
    • Authentication URL: https://login.windows.net/common/oauth2/authorize
    • Scope: empty
    • Validation URL: https://login.windows.net/common/oauth2/token
    • Data URL: empty
  • ​Create a Use with with the same "Connection" name as the one setup in WAAD (which is the user's email)

​On OpenERP login scrren, I have the Windows Azure AD login button, I click on it and I am redirected to Azure AD athentication window. After Authentication performed by Azure AD, I am redirected to OpenERP with an "unsupported response type" error.

In the log file I can see the traceback :

2015-03-04 11:36:17,348 32767 INFO MyOEDB openerp.addons.document_webdav.webdav_server: WebDAV service registered at path: /webdav/
2015-03-04 11:36:18,191 32767 INFO MyOEDB openerp.modules.loading: Modules loaded.
2015-03-04 11:36:18,269 32767 INFO MyOEDB werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:18] "GET / HTTP/1.1" 200 -
2015-03-04 11:36:18,413 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:18] "GET /web/static/src/css/full.css HTTP/1.1" 200 -
2015-03-04 11:36:18,561 32767 INFO MyOEDB werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:18] "GET /web/webclient/css?db=MyOEDB HTTP/1.1" 200 -
2015-03-04 11:36:19,974 32767 INFO MyOEDB werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:19] "GET /web/webclient/js?db=MyOEDB HTTP/1.1" 200 -
2015-03-04 11:36:20,746 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:20] "POST /web/session/get_session_info HTTP/1.1" 200 -
2015-03-04 11:36:20,811 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:20] "POST /web/webclient/qweblist HTTP/1.1" 200 -
2015-03-04 11:36:20,829 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:20] "GET /web/static/src/img/favicon.ico HTTP/1.1" 404 -
2015-03-04 11:36:20,908 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:20] "POST /web/webclient/bootstrap_translations HTTP/1.1" 200 -
2015-03-04 11:36:21,043 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:21] "POST /web/proxy/load HTTP/1.1" 200 -
2015-03-04 11:36:21,264 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:21] "GET /web/binary/company_logo?session_id=c0b4e4e4bd1a4e4e93f4db25aaa2d8e7 HTTP/1.1" 200 -
2015-03-04 11:36:21,270 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:21] "GET /web/static/src/img/logo2.png HTTP/1.1" 200 -
2015-03-04 11:36:21,285 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:21] "POST /web/database/get_list HTTP/1.1" 200 -
2015-03-04 11:36:21,341 32767 INFO MyOEDB werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:21] "POST /auth_oauth/list_providers HTTP/1.1" 200 -
2015-03-04 11:36:51,525 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:51] "GET /auth_oauth/signin HTTP/1.1" 200 -
2015-03-04 11:36:51,671 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:51] "GET /favicon.ico HTTP/1.1" 404 -
2015-03-04 11:36:52,031 32767 ERROR MyOEDB openerp.addons.auth_oauth.controllers.main: OAuth2: No JSON object could be decoded: line 4 column 1 (char 6)
Traceback (most recent call last):
  File "/usr/lib/python2.7/dist-packages/openerp/addons/auth_oauth/controllers/main.py", line 65, in signin
    credentials = u.auth_oauth(cr, SUPERUSER_ID, provider, kw, context=context)
  File "/usr/lib/python2.7/dist-packages/openerp/addons/auth_oauth/res_users.py", line 74, in auth_oauth
    validation = self._auth_oauth_validate(cr, uid, provider, access_token)
  File "/usr/lib/python2.7/dist-packages/openerp/addons/auth_oauth/res_users.py", line 40, in _auth_oauth_validate
    validation = self._auth_oauth_rpc(cr, uid, p.validation_endpoint, access_token)
  File "/usr/lib/python2.7/dist-packages/openerp/addons/auth_oauth/res_users.py", line 35, in _auth_oauth_rpc
    return simplejson.loads(response)
  File "/usr/lib/python2.7/dist-packages/simplejson/__init__.py", line 451, in loads
    return _default_decoder.decode(s)
  File "/usr/lib/python2.7/dist-packages/simplejson/decoder.py", line 402, in decode
    obj, end = self.raw_decode(s, idx=_w(s, 0).end())
  File "/usr/lib/python2.7/dist-packages/simplejson/decoder.py", line 420, in raw_decode
    raise JSONDecodeError("No JSON object could be decoded", s, idx)
JSONDecodeError: No JSON object could be decoded: line 4 column 1 (char 6)
2015-03-04 11:36:52,041 32767 INFO MyOEDB werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:52] "GET /auth_oauth/signin?error=unsupported_response_type&error_description=AADSTS70005%3a+response_type+%27token%27+is+not+supported+for+the+application%0d%0aTrace+ID%3a+13b6be00-a757-4b15-80c1-d8d340d0ec2a%0d%0aCorrelation+ID%3a+e34338b0-a330-4f54-a713-b029e1bcbbd4%0d%0aTimestamp%3a+2015-03-04+11%3a36%3a52Z&state=%7b%22d%22%3a%22MyOEDB%22%2c%22p%22%3a4%7d HTTP/1.1" 303 -
2015-03-04 11:36:52,144 32767 INFO MyOEDB werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:52] "GET / HTTP/1.1" 200 -
2015-03-04 11:36:52,395 32767 INFO MyOEDB werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:52] "GET /web/webclient/css?db=MyOEDB HTTP/1.1" 304 -
2015-03-04 11:36:52,455 32767 INFO MyOEDB werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:52] "GET /web/webclient/js?db=MyOEDB HTTP/1.1" 200 -
2015-03-04 11:36:53,233 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:53] "POST /web/session/get_session_info HTTP/1.1" 200 -
2015-03-04 11:36:53,295 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:53] "POST /web/webclient/qweblist HTTP/1.1" 200 -
2015-03-04 11:36:53,368 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:53] "POST /web/webclient/bootstrap_translations HTTP/1.1" 200 -
2015-03-04 11:36:53,491 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:53] "POST /web/proxy/load HTTP/1.1" 200 -
2015-03-04 11:36:53,683 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:53] "GET /web/binary/company_logo?session_id=7e87e7de8f104f55aff943523ceacd89 HTTP/1.1" 200 -
2015-03-04 11:36:53,720 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:53] "GET /web/static/lib/jquery.ui.bootstrap/css/custom-theme/images/ui-icons_f6cf3b_256x240.png HTTP/1.1" 200 -
2015-03-04 11:36:53,724 32767 INFO ? werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:53] "POST /web/database/get_list HTTP/1.1" 200 -
2015-03-04 11:36:53,817 32767 INFO MyOEDB werkzeug: 109.190.121.129 - - [04/Mar/2015 11:36:53] "POST /auth_oauth/list_providers HTTP/1.1" 200 -

​So it seems that I am facing JSON decode issue. Does someone can help me to modify the oauth module to support this ?

Thanks for your support.

0
Comexans
On 3/14/16, 5:44 AM

Hi René,

No progress on this issue (we are still relying on v7)....

Regards.

0
René van den Hoek
On 3/9/16, 5:54 AM

Hi Comexans,

I think I'm running into the same issue on Odoo 8. Did you make any progress on the problem since reporting it?
I do not understand why single sign-on with Azure is available in the online (hosted) version of Odoo. So far as my research goes I did not find any documentation about successfull integration of Azure AD and an installed version of Odoo

Your Answer

Please try to give a substantial answer. If you wanted to comment on the question or answer, just use the commenting tool. Please remember that you can always revise your answers - no need to answer the same question twice. Also, please don't forget to vote - it really helps to select the best questions and answers!

About This Community

This community is for professionals and enthusiasts of our products and services. Read Guidelines

Question tools

2 follower(s)

Stats

Asked: 3/4/15, 7:08 AM
Seen: 1283 times
Last updated: 3/14/16, 5:44 AM