Menu
▾
▴
Re: [Unity-idm-discuss] OpenID connect - Jupyter hub Invalid user name, credential or external authentication failed
|
From: <ba...@aw...> - 2021-08-25 13:35:15
|
Dear Krzysztof,
>One more thing to check: please ensure that your authenticator used by OAuth token endpoint ('pwd') is linked to a *password credential* that is actually set for the client. It is a common pitfall (as >in Unity you can have multiple password credentials).
Could you please describe how to do this step-by-step? I'm afraid I do not speak the Unity language yet.
Also, in my first email I linked screenshots of the whole configuration. Can you check whether the authenticator is linked to the correct credential?
Perhaps you could point me to the relevant part in the documentation?
-----Original Message-----
From: Krzysztof Benedyczak <kb...@un...>
Sent: Tuesday, August 17, 2021 2:36 PM
To: Roman Krysiński <ro...@un...>; ba...@aw...
Cc: Unity ML <uni...@li...>
Subject: *****SPAM***** Re: [Unity-idm-discuss] OpenID connect - Jupyter hub Invalid user name, credential or external authentication failed
Hi,
W dniu 17.08.2021 o 14:08, Roman Krysiński pisze:
> Hi Zoltan,
>
> > In the meantime, ideas about what could be possible misconfigured
> and/or working configuration examples (both Unity and Jupyter side)
> are welcomed.
> Note that I was not using Jupyter for my tests, I just configured
> unity according to your screenshots and used https://oauth.tools/
> <https://oauth.tools/> for testing, Please check whether clientId and
> secret configured in jupyterhub_config.py are the same with those
> generated by Unity, or regenerate client credentials in Unity and
> update Jupyter config file.
>
> As an aside, I noticed that Jupyter under the hood is using Tornado as
> a networking library, consider enabling the Tornado lib logging to see
> more details in the Jupyter log:
> https://www.tornadoweb.org/en/stable/log.html
> <https://www.tornadoweb.org/en/stable/log.html>.
>
One more thing to check: please ensure that your authenticator used by OAuth token endpoint ('pwd') is linked to a *password credential* that is actually set for the client. It is a common pitfall (as in Unity you can have multiple password credentials).
You can also try to use command line tool as curl to make a request to the token endpoint in unity. Perhaps you won't be able to easily provide proper token, but at least you should be able to authenticate and get some OAuth-level error instead of an early authN error. This would confirm that correct credential is configured on Unity side.
Best,
Krzysztof
|
