Best IT Recipes

Authorization credentials Separated --- django, elastic beanstalk, oauth

I implemented a REST api in django with the django-rest-framework and used oauth2 for authentication.

I tested with:

curl -X POST -d "client_id=YOUR_CLIENT_ID&client_secret=YOUR_CLIENT_SECRET&grant_type=password&username=YOUR_USERNAME&password=YOUR_PASSWORD" http://localhost:8000/oauth2/access_token/

and

 curl -H "Authorization: Bearer <your-access-token>" http://localhost:8000/api/

on the local host with successful results that match the documentation.

When I clicked this button on an existing instance of the beanstalk AWS excavator, I received:

 { "detail" : "Authentication credentials were not provided." }
+47
django django-rest-framework amazon-web-services elastic-beanstalk
Mar 09 '14 at 6:52
source share
4 answers

Now I use a slightly different approach. The sahutchi solution worked until the env variables were changed, as Tom Deakin pointed out. I went a little deeper inside EB and found out where the wsgi.conf template is, and added the option "WSGIPassAuthorization On" there.

 commands: WSGIPassAuthorization: command: sed -i.bak '/WSGIScriptAlias/ a WSGIPassAuthorization On' config.py cwd: /opt/elasticbeanstalk/hooks

This will always work even when changing environment variables. I hope you find this helpful.

Edit: It seems that many people still come across this answer. I have not used ElasticBeanstalk after a while, but I would consider using the Manel Clos solution below. I have not tried this personally, but it seems a much cleaner solution. This will literally hack into EBs scenarios and could potentially be interrupted in the future if the EB updates them, especially if they move them to another location.

+19
Mar 13 '15 at 11:58
source share

I thought the problem was with my configuration in django or another type of error, rather than focusing on the differences between localhost and EB. The problem is with the Apache EB settings.

WSGIPassAuthorization is initially set to OFF, so you must enable it. This can be done in the * .config file in the .ebextensions folder with the added command:

 container_commands: 01_wsgipass: command: 'echo "WSGIPassAuthorization On" >> ../wsgi.conf'

Please let me know if I missed something, or if there is a better way, I should look at the problem. I could not find anything specifically about this anywhere on the Internet and thought it could save several hours on troubleshooting and then feel stupid.

+28
Sep 16 '14 at 7:02
source share

I like the idea of ​​just having extra configuration in a standard place. In the .ebextensions directory, create the wsgi_custom.config file with:

 files: "/etc/httpd/conf.d/wsgihacks.conf": mode: "000644" owner: root group: root content: | WSGIPassAuthorization On

As stated here: https://forums.aws.amazon.com/message.jspa?messageID=376244

+21
Dec 15 '15 at 15:01
source share

Although the above solution is interesting, there is another way. Save the wsgi.conf VirtualHost configuration file that you want to use in .ebextensions and rewrite it in the post deploy node (you cannot perform this pre-deployment because it will be regenerated (yes, I found this to be a difficult path). If you do, reboot, be sure to use the supervisorctl program to restart to correctly set all of your environment variables. (I also found this to be difficult.)

 cp /tmp/wsgi.conf /etc/httpd/conf.d/wsgi.conf /usr/local/bin/supervisorctl -c /opt/python/etc/supervisord.conf restart httpd exit 0

01_python.config:

 05_fixwsgiauth: command: "cp .ebextensions/wsgi.conf /tmp"
0
May 7, '15 at 19:12
source share


More articles:


All Articles