OAuth 2 provider for Frappe Apps

I’m not sure if this is the right place or I should create a new thread.

Basically, I’m trying to integrate erpnext with auth0. I got quite far actually, as the logs in auth0 tell me that login was successful. However, when the redirect happens to erpnext I get this error message:

> Traceback (most recent call last):
>   File "/home/frappe/frappe-bench/apps/frappe/frappe/app.py", line 68, in application
>     response = frappe.api.handle()
>   File "/home/frappe/frappe-bench/apps/frappe/frappe/api.py", line 55, in handle
>     return frappe.handler.handle()
>   File "/home/frappe/frappe-bench/apps/frappe/frappe/handler.py", line 31, in handle
>     data = execute_cmd(cmd)
>   File "/home/frappe/frappe-bench/apps/frappe/frappe/handler.py", line 67, in execute_cmd
>     return frappe.call(method, **frappe.form_dict)
>   File "/home/frappe/frappe-bench/apps/frappe/frappe/__init__.py", line 1172, in call
>     return fn(*args, **newargs)
>   File "/home/frappe/frappe-bench/apps/frappe/frappe/integrations/oauth2_logins.py", line 36, in login_via_fairlogin
>     login_via_oauth2("fairlogin", code, state, decoder=decoder_compat)
>   File "/home/frappe/frappe-bench/apps/frappe/frappe/utils/oauth.py", line 110, in login_via_oauth2
>     info = get_info_via_oauth(provider, code, decoder)
>   File "/home/frappe/frappe-bench/apps/frappe/frappe/utils/oauth.py", line 118, in get_info_via_oauth
>     flow = get_oauth2_flow(provider)
>   File "/home/frappe/frappe-bench/apps/frappe/frappe/utils/oauth.py", line 84, in get_oauth2_flow
>     params = get_oauth_keys(provider)
>   File "/home/frappe/frappe-bench/apps/frappe/frappe/utils/oauth.py", line 49, in get_oauth_keys
>     client_id, client_secret = frappe.get_value("Social Login Key", provider, ["client_id", "client_secret"])
> TypeError: cannot unpack non-iterable NoneType object

It looks as if erpnext doesn’t know where to get the code/profile/user id from the auth0 redirect. Could this be it? And if so, how can I configure it?

I’m using the fairlogin integration and this is what I have saved in my settings:

Base url: https://mycompany.eu.auth0.com
Authorize url: /authorize
Access token url: /oauth/token
Redirect url: /api/method/frappe.integrations.oauth2_logins.login_via_fairlogin
Api Endpoint: /userinfo

Auth URL Data: { "response_type": "code", "scope": "openid,profile,email" }

User ID property: I’ve tried sub and email

This is client side of OAuth. Here auth0 is the OAuth 2 provider. This is Social Login Key feature of Frappe.

The thread is about the oauth2 server/provider feature of Frappe

@jollip please start a new thread. I’ll reply there.

Ok, no problem. Thanks for heads up

how you get token bro

I understand that this post is about oauth2 server provider feature provided by Frappe; using Frappe as IDP.

I want to use OpenID as the IDP, and Frappe as the app server.

Can’t seem to find much useful info for this setup.

Any comments?

you want third party oidc tokens to be accepted as valid user in frappe app that acts as api resource server? GitHub - castlecraft/cfe: Castlecraft Extensions for Frappe Framework based Resource Servers

you want frappe to be able to login with third party oidc? use custom Social Login Key

1 Like

Much thx, @revant_one !


Can you explain to me how can I use to authorize the OAuth2 while fetching the data through API? I created the API while following the documentation and also created the token but now I don’t know how to use it properly. Do guide me on this.