Skip to content
This repository has been archived by the owner on Jun 1, 2023. It is now read-only.

Flask does not like 'AddressClaim' #65

Open
tomasbrchan opened this issue Jun 22, 2022 · 5 comments
Open

Flask does not like 'AddressClaim' #65

tomasbrchan opened this issue Jun 22, 2022 · 5 comments

Comments

@tomasbrchan
Copy link

Hi,
I found out that my app stopped working, because of different response from OpenId server.
I found out they added more information to 'profile' and one of these is 'addesss'.
From that moment this error occurs:

Traceback (most recent call last):
File "C:\Python310\Lib\site-packages\flask\app.py", line 2091, in call
return self.wsgi_app(environ, start_response)
File "C:\Python310\Lib\site-packages\flask\app.py", line 2076, in wsgi_app
response = self.handle_exception(e)
File "C:\Python310\Lib\site-packages\flask\app.py", line 2073, in wsgi_app
response = self.full_dispatch_request()
File "C:\Python310\Lib\site-packages\flask\app.py", line 1519, in full_dispatch_request
return self.finalize_request(rv)
File "C:\Python310\Lib\site-packages\flask\app.py", line 1540, in finalize_request
response = self.process_response(response)
File "C:\Python310\Lib\site-packages\flask\app.py", line 1888, in process_response
self.session_interface.save_session(self, ctx.session, response)
File "C:\Python310\Lib\site-packages\flask\sessions.py", line 406, in save_session
val = self.get_signing_serializer(app).dumps(dict(session)) # type: ignore
File "C:\Python310\Lib\site-packages\itsdangerous\serializer.py", line 207, in dumps
payload = want_bytes(self.dump_payload(obj))
File "C:\Python310\Lib\site-packages\itsdangerous\url_safe.py", line 53, in dump_payload
json = super().dump_payload(obj)
File "C:\Python310\Lib\site-packages\itsdangerous\serializer.py", line 169, in dump_payload
return want_bytes(self.serializer.dumps(obj, **self.serializer_kwargs))
File "C:\Python310\Lib\site-packages\flask\json\tag.py", line 308, in dumps
return dumps(self.tag(value), separators=(",", ":"))
File "C:\Python310\Lib\site-packages\flask\json_init_.py", line 139, in dumps
rv = json.dumps(obj, **kwargs)
File "C:\Python310\Lib\json_init
.py", line 238, in dumps
**kw).encode(obj)
File "C:\Python310\Lib\json\encoder.py", line 199, in encode
chunks = self.iterencode(o, _one_shot=True)
File "C:\Python310\Lib\json\encoder.py", line 257, in iterencode
return iterencode(o, 0)
File "C:\Python310\Lib\site-packages\flask\json_init
.py", line 57, in default
return super().default(o)
File "C:\Python310\Lib\json\encoder.py", line 179, in default
raise TypeError(f'Object of type {o.class.name} '
TypeError: Object of type AddressClaim is not JSON serializable

I deleted line 572: "address": OPTIONAL_ADDRESS, in .venv\Lib\site-packages\oidcmsg\oidc_init_.py and everything works fine again. I do not need optional address for my app.
But it's not a solution and there is no option to disable that and I need at least basic profile of the user.

I could not find where the problem is. Any idea?
Tomas

@rohe
Copy link
Collaborator

rohe commented Jun 22, 2022

Sorry have not had time to look at this today. Hope to get some time tomorrow.
Note that oidcmsg has been incorporated into idpy-oidc and is no more develop separately from oidcrp and oidc-op.
So when I say I will look at it tomorrow I will look at the relevant part in idpy-oidc.

@tomasbrchan
Copy link
Author

Thank you.
I am still lost in different protocols etc. I just implemented OpenId to existing Flask app by cryptojwt by some example. That time everything was new to me and I am still more 'user' then somebody that understands it fully.
Would it be then better if I use oidcrp instead of cryptojwt with oidcmsg? I am lost why there is so many modules and what is real difference between them. When I briefly looked at the examples in those modules, they look very similar.
But when oidcrp says "Implementation of everything OIDC and OAuth2", does it mean I can/should switch to it?

@tomasbrchan
Copy link
Author

Hi,
I tried the option without oidcmsg and I have the same issue. When I uncomment line 572: #"address": OPTIONAL_ADDRESS, in .venv\Lib\site-packages\idpyoidc\message\oidc_init_.py, everything works fine.
If you find some time to look at it would be very nice.
Thank you
Tomas

Sorry have not had time to look at this today. Hope to get some time tomorrow. Note that oidcmsg has been incorporated into idpy-oidc and is no more develop separately from oidcrp and oidc-op. So when I say I will look at it tomorrow I will look at the relevant part in idpy-oidc.

@rohe
Copy link
Collaborator

rohe commented Jun 24, 2022

Looking at the traceback it looks like you (or who ever wrote the program) tries to do
json.dumps(obj) on a message object. This will definitely not work when you have an address claim.
You should use obj.to_json() instead, given that obj is the message object.

@tomasbrchan
Copy link
Author

Thank you very much, you pointed me to the right direction.
Even we do not use direct json.dump(), but Flask does a lot and in the app userinfo was saved into session. When Flask tries to parse session then the address key is a problem because of that message object.
I corrected that and now everything works fine.
Thanks.

Looking at the traceback it looks like you (or who ever wrote the program) tries to do json.dumps(obj) on a message object. This will definitely not work when you have an address claim. You should use obj.to_json() instead, given that obj is the message object.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants