Specify version 7.9.6.2
Interesting case this morning! Wondering if anyone else has experienced something similar or can provide insight. I don’t have enough information yet to turn this into a full issue, and am highly unlikely to be able to replicate at this time. Based on the last section, I am not sure if this a bug in the code, or a temporary blip that occurred in some component of the chain. It seems to only have occurred during a particular period of time. I can confirm the details of the below for 1 user (was with them in person going through it), and am following up with a second that is reporting that they experienced the same, also in the same time frame. However, during this time window, my Specify account was working fine.
Keyerror
User reports the following error message upon attempting to login through SSO. This is the first time I have come across this error.
{"exception": "KeyError", "message": "oauth_login", "data": "None", "traceback": "Traceback (most recent call last):\n File \"/opt/specify7/ve/lib/python3.8/site-packages/django/core/handlers/base.py\", line 181, in _get_response\n response = wrapped_callback(request, *callback_args, **callback_kwargs)\n File \"/opt/specify7/ve/lib/python3.8/site-packages/django/views/decorators/http.py\", line 40, in inner\n return func(request, *args, **kwargs)\n File \"/opt/specify7/specifyweb/accounts/views.py\", line 160, in oic_callback\n oauth_login: OAuthLogin = request.session['oauth_login']\n File \"/opt/specify7/ve/lib/python3.8/site-packages/django/contrib/sessions/backends/base.py\", line 65, in __getitem__\n return self._session[key]\nKeyError: 'oauth_login'\n"}
The error itself seems straightforward enough, there is no oauth_login in the request session when line 160 goes looking for it.
However,request['oauth_login'] should have been created just fine via lines 100 -105
Once in a bug like this, it is hard for the user to get past it. Even if they open a new browser window and type in the base URL of our instance, they will see the same error. In this case, a fresh private/incognito window plus SSO still didn’t work.
500 Error on my side
In order to immediately login, the user needs to use local auth (specify username and password). When I open this users account in Security and Accounts, I get a 500 Error through Nginx (presented as a red toast that is dimissable), however am able to view the user just fine. The 500 error appeared twice for this same user on two separate clicks, however did not appear for any other user when I selected their account.
403 Error on user side
When the user logs in through local auth, they get a 403 error after submitting their credentials.
Later attempts to login are successful
I take 15 minutes to check that their user looks okay in the database, everything seems normal. After checking, email them and they are able to login fine through local auth again. Strange!