Reputation: 1
CVAT OpenID Connect login doesn't show on Login page
I am trying to set up CVAT to support login using a custom IdP with OpenID Connect. I tried to make changes to base.py and docker-compose.override.yml to configure the server, but once I build and launch CVAT, nothing happens.
I followed this guide, which was directly linked in the code.
Here are the base.py changes:
INSTALLED_APPS += ['cvat.socialaccount.providers.openid_connect',]
...
SOCIALACCOUNT_PROVIDERS = {
"openid_connect": {
# Optional PKCE defaults to False, but may be required by your provider
# Can be set globally, or per app (settings).
'OAUTH_PKCE_ENABLED': True,
'EMAIL_AUTHENTICATION' : True,
"APPS": [
{
"provider_id": "NAME",
"name": "Service Name",
"client_id": "client_id",
"secret": "secret",
"settings": {
"server_url": "https://server/cvat/.well-known/openid-configuration",
# Optional token endpoint authentication method.
# May be one of "client_secret_basic", "client_secret_post"
# If omitted, a method from the the server's
# token auth methods list is used
"token_auth_method": "client_secret_basic",
"oauth_pkce_enabled": True,
},
},
]
}
}
SOCIAL_AUTH_OPENIDCONNECT_KEY = 'client_id'
SOCIAL_AUTH_OPENIDCONNECT_SECRET = 'secret'
SOCIAL_AUTH_OPENIDCONNECT_API_URL = 'https://server/cvat/.well-known/openid-configuration'
SOCIALACCOUNT_ONLY = True
And this is the added docker-compose.override.yml file:
services:
cvat_server:
environment:
USE_ALLAUTH_SOCIAL_ACCOUNTS : true
Since none of this worked, I tried creating a auth_config.yml as follows:
---
social_account:
enabled: true
openid_connect:
client_id: client_id
client_secret: secret
domain: https://server.it/
and told CVAT to use it by adding AUTH_CONFIG_PATH = '../../auth_config.yml' in the base.py. This also didn't do anything.
I also tried to ask ChatGPT, and he told me to do things on the front end side of things, but he pointed to non-existing files; therefore, I ignored his suggestions.
Any help and/or suggestions?
Upvotes: 0
Views: 36
Answers (0)
Related Questions
- "tableau-server" openidc id_token not validated (errorCode=69) by tableau-server. vizportal log says wasIssuedByOurIdP:false
- Do we need client_secret when using PKCE in OpenID connect authorization code flow?
- What are the correct configuration settings for a Web API using MSAL.NET and on-prem ADFS 2019
- What is intent of ID Token expiry time in OpenID Connect?
- Code flow not working for Identity Server 4
- How to Validate an Access Token for OAuth2 + PCKE flow
- Is an HTTPS header or a post body more secure?
- WSO2IS OAuth/OpenId Connect SSO Setup
- Understanding OpenId Connect client_credentials grant in terms of identity