Odoo OAuth Error 3

Odoo is the world's easiest all-in-one management software.
It includes hundreds of business apps:

CRM
e-Commerce
Contabilidad
Inventario
PoS
Project
MRP

All apps

Todas las publicaciones Personas Insignias

Etiquetas (Ver todo)

odoo accounting v14 pos v15

Acerca de este foro

Ayuda

Odoo OAuth Error 3

oauth login openid oauth2

2 Respuestas

8429 Vistas

Zach Delano

I'm currently setting up OAuth on Odoo with my own custom Identity Provider and consent application. When I try to log in, I get the following error:

You do not have access to this database or your invitation has expired. Please ask for an invitation and be sure to follow the link in your invitation email.

Under the OAuth providers section, I have the following things set.

Authentication URL: <ROOT_URL>/oauth2/auth
Scope:              openid
Validation URL:     <ROOT_URL>/userinfo
Data URL:           <none>

For the OAuth API, I'm using ORY Hydra. Here's a link to the API: https://www.ory.sh/docs/hydra/sdk/api#schemauserinforesponse.

On my side, I see no errors. The only error I see is from ORY Hydra. From other examples, it looked like the `/userinfo` route was the one to choose because it returns a response like:

{
  "birthdate": "string",
  "email": "string",
  "email_verified": true,
  "family_name": "string", 
  "gender": "string",   
  "given_name": "string", 
  "locale": "string", 
  "middle_name": "string", 
  "name": "string", 
  "nickname": "string", 
  "phone_number": "string", 
  "phone_number_verified": true, 
  "picture": "string", 
  "preferred_username": "string", 
  "profile": "string", 
  "sub": "string", 
  "updated_at": 0, 
  "website": "string", 
  "zoneinfo": "string"
}

For the moment, I only have things set for `email` and `email_verified`. The response also comes with a token and SID field. Does Odoo expect more from my `/userinfo` route?

Zach Delano

Autor Mejor respuesta

I figured this out after cloning Odoo myself and running it locally. Basically, Odoo expects to see a `user_id` or `id` field in the response of a GET request to the validation URL.

In your Odoo database, you'll likely have to create the user first and specify what OAuth they will be logged in as and specify the user ID the consent app will return from the validation URL.

EDIT: I can't mark this as the best answer because my karma isn't high enough.

Daniel Blanco

The correct way to do this for existing users is to reset the user password. So when you receive the link to reset the password in your email, open it, and use your oauth provider to log in. That way you ensure to have a new authorization token.

¿Le interesa esta conversación? ¡Participe en ella!

Cree una cuenta para poder utilizar funciones exclusivas e interactuar con la comunidad.

Inscribirse

Publicaciones relacionadas	Respuestas	Vistas
Why can't Odoo correctly redirect to the initial access path after successful authentication by the OAuth provider, ? login oauth2	0 may 24	1792
Oauth with Odoo oauth login user_management oauth2 Security	0 ene 23	3000
Google oauth oauth oauth2 googlelogin	0 dic 23	1599
How to Facebook login in Odoo login facebook oauth2	2 may 25	17995
Facebook Login login facebook oauth2	4 jul 17	9092

Se marcó esta pregunta

¿Le interesa esta conversación? ¡Participe en ella!