From the PloneConf 2022 Plone Deployment Training, I ran through everything up through installing the OAuth add-on pas.plugins.authomatic. While working through it, I created a pull request to update the training documentation.
I have tried many permutations, none of which worked. Part of my confusion is whether this should be configured for Classic UI (port 8080) or Volto (port 3000). I am also uncertain of the GitHub OAuth app Authorization callback URL value. And finally I am uncertain of whether I have used the correct values for consumer_key and consumer_secret as described in the preview of this PR.
If anyone went through the training, or can better explain to me the correct configuration of both the GitHub OAuth app and the add-on, I would be very grateful and would be able to complete this PR.
Yes, and I just noticed that the documentation for pas.plugins.authomatic on PyPI has some additional information for configuration for both Classic UI and Volto, including installing another add-on for Volto, volto-authomatic. I think that I will try again with just Classic UI for now, then try to add it for Volto on the second pass.
Nonetheless, I do not know the proper values for the GitHub OAuth app.
Also I assume that each frontend, Classic UI and Volto, requires its unique GitHub OAuth app due to different ports and endpoints, correct?
I finally figured it all out, with a little help from @tkimnguyen, and reading more docs of the two add-ons, one for Classic UI and the other for Volto. The procedure should now be complete and easier to follow. I walked through it a few times to double-check.
It would be great if at least one other person walks through this training from Add OAuth support to the end.
Enable Device Flow
Allow this OAuth App to authorize users via the Device Flow.
Read the Device Flow documentation for more information.
I was able to log into the back end but the front end login flow ends with an error:
2023-09-23 10:08:07,390 ERROR [Zope.SiteErrorLog:35][waitress-1] ValueError: http://localhost:3000/@login-authomatic/github
Traceback (innermost last):
Module ZPublisher.WSGIPublisher, line 181, in transaction_pubevents
Module ZPublisher.WSGIPublisher, line 390, in publish_module
Module ZPublisher.WSGIPublisher, line 285, in publish
Module ZPublisher.mapply, line 85, in mapply
Module ZPublisher.WSGIPublisher, line 68, in call_object
Module plone.rest.service, line 22, in __call__
Module plone.restapi.services, line 19, in render
Module pas.plugins.authomatic.services.authomatic, line 245, in reply
Module pas.plugins.authomatic.services.authomatic, line 170, in _add_identity
Module pas.plugins.authomatic.plugin, line 105, in remember_identity
Module pas.plugins.authomatic.plugin, line 79, in _provider_id
ValueError: Invalid: Empty user.id