0

I followed the steps in this tutorial to enable SSO with Azure Active Directory for the admin portion (to start) of my Django app: https://django-microsoft-auth.readthedocs.io/en/latest/usage.html

Navigating to /admin yields this page, which is good: enter image description here

Clicking Microsoft brings up this new window: enter image description here

The important error seems to be: AADSTS90102: 'redirect_uri' value must be a valid absolute URI.

In this window, I used the browser console and found that a GET request was being made like this:

https://login.microsoftonline.com/50ce...90ac7/oauth2/v2.0/authorize?response_type=code&client_id=f4...27&redirect_uri=https,https://example.org/microsoft/auth-callback/&s...

Note the redirect_uri=https,https://.... It seems like that leading "https," is superfluous and is causing the problem. Any ideas where that could be coming from?

In my Azure app, the redirect URI is set to https://example.org/microsoft/auth-callback/: enter image description here

I'm using Python 3.9.6, Django 3.2, django-microsoft-auth 2.4.0, NGINX 1.18.0, uvicorn 0.14.0

I've searched for help on this and haven't found anything relevant to my situation. Thanks in advance!

Bernard
  • 2,118
  • 2
  • 10
  • 9

3 Answers3

0

Based on the SO Thread Reference.

Use http as the redirect URI instead of https to resolve the issue in most cases.

use

http://localhost:8080/microsoft/auth-callback/

Instead of

https://localhost:8080/microsoft/auth-callback/

If there is a option,

Use localhost:8080 into the table django_site

Reference SO Thread: django-microsoft-auth : The provided value for the input parameter 'redirect_uri' is not valid

SureshBabu
  • 418
  • 2
  • 9
  • I gave this a try, but, since this is for the production site (not a localhost dev environment), Azure does not allow using "http". The Azure UI says "Must start with HTTPS or http://localhost". – Bernard Sep 15 '21 at 18:13
0

As you think, the first https is superfluous, you just need to delete it.

https://login.microsoftonline.com/50ce...90ac7/oauth2/v2.0/authorize?response_type=code&client_id=f4...27&redirect_uri=https://example.org/microsoft/auth-callback/&s...

By the way, I think there is no problem with the redirect_uri you set in the Azure portal.

Carl Zhao
  • 8,543
  • 2
  • 11
  • 19
0

I guess it is a problem of the redirecting URL. The example URL is coming from django site table. So first of all you need to enable the site:

#in settings.py
SITE_ID = 1

Afterwards you can go to the admin interface and set the url of the site to the correct domain. From my experience I know that it won't work without that.

rokdd
  • 541
  • 4
  • 14