Unauthorized: Unauthorized /oauth2/callback

[Blaygh]

I have been trying to configure my app to use this package but I have an error I can't seem fix.

Django version 5.0.7

I keep getting an 2024-07-18 15:19:30,444: Unauthorized: /oauth2/callback error. When I review sign-in attempts in Azure I see the status to be success. The app is deployed in python anywhere, below is my setting in django.

    'AUDIENCE': client_id,
    'CLIENT_ID': client_id,
    'CLIENT_SECRET': client_secret,
    'CLAIM_MAPPING': {'first_name': 'given_name',
                      'last_name': 'family_name',
                      'email': 'upn'},
    'GROUPS_CLAIM': 'roles',
    'MIRROR_GROUPS': True,
    'USERNAME_CLAIM': 'upn',
    'TENANT_ID': tenant_id,
    'RELYING_PARTY_ID': client_id,
    'LOGIN_EXEMPT_URLS': [
        '^$',
        '^receiver/',
    ],
}

LOGIN_URL = 'django_auth_adfs:login'
LOGOUT_URL = 'django_auth_adfs:logout'
LOGIN_REDIRECT_URL = '/admin/'
REDIRECT_URL = 'django_auth_adfs:callback'

Below is the error logs

2024-07-18 14:41:15,507: operating mode:         openid_connect
2024-07-18 14:41:15,507: authorization endpoint: https://login.microsoftonline.com/6b4be17d-a23f-402b-aa40-f7a55e4e9ef3/oauth2/author
ize
2024-07-18 14:41:15,507: token endpoint:         https://login.microsoftonline.com/6b4be17d-a23f-402b-aa40-f7a55e4e9ef3/oauth2/token
2024-07-18 14:41:15,507: end session endpoint:   https://login.microsoftonline.com/6b4be17d-a23f-402b-aa40-f7a55e4e9ef3/oauth2/logout
2024-07-18 14:41:15,507: issuer:                 https://sts.windows.net/6b4be17d-a23f-402b-aa40-f7a55e4e9ef3/
2024-07-18 14:41:15,508: msgraph endpoint:       graph.microsoft.com
2024-07-18 14:41:15,789: Unauthorized: /oauth2/callback
2024-07-18 14:45:23,061: Unauthorized: /oauth2/callback

Also below is the redirect url in python Azure
https://me.pythonanywhere.com/oauth2/callback

Upvote & Fund

• We're using Polar.sh so you can upvote and help fund this issue.
• We receive the funding once the issue is completed & confirmed by you.
• Thank you in advance for helping prioritize & fund our backlog.

[Blaygh]

The documentation for Microsoft Azure config should be updated. to include AdfsAuthCodeBackend. else there will be the recurring Error: Unauthorized: /oauth2/callback.

AUTHENTICATION_BACKENDS = [
    'django_auth_adfs.backend.AdfsAccessTokenBackend',
    'django_auth_adfs.backendAdfsAuthCodeBackend'
]

Also, Azure has changed the name of Active Directory to Entra ID the docs should reflect this change to prevents goose chases.

[JonasKs]

PR welcome with fixes.

[Blaygh]

Hello, I would like to contribute by updating the Docs for the Microsoft Azure Setup. The current docs are not wholly sufficient. There is way more configuration needed than is communicated and this will discourage people from using it in the first place. Luckily, I have gone through the hell of hours of debugging and would like to lead others on the right track. Please let me know how I can contribute, Thanks

[tim-schilling]

I'd like to encourage you to make the changes to the docs that cover the scenario(s) you encountered, then open a PR.