-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
LinkedIn SSO hanging on getting accessToken #157
Comments
Hi @antonionieto! Thanks for posting this, this seems like a pickle, it's weird that it's working for you locally. Could you please also attach the traceback? It would be cool to see more. TimeoutError is quite unexpected, I would like to see if it's a network or transport issue rather than oauth / http. |
Hi @tomasvotava, thanks for the quick reply! Sure, here is an screenshot of the traceback. |
Thanks for the traceback! How do you run your app in Cloud Run? Could that be that e.g. uvicorn has some async issues blocking httpx's requests? Could you try getting a refresh token locally (you can try simply accessing import httpx
async def amain():
data = {"grant_type": "refresh_token", "refresh_token": "your-secret-token", "client_id": "your client id", "client_secret": "your client secret"}
async with httpx.AsyncClient() as session:
response = await session.post("https://www.linkedin.com/oauth/v2/accessToken", data=data)
response.raise_for_status()
return response.json() Running this without uvicorn and any other overhead successfully could point us in the direction. If this fails as well, then I'd really say it's some fishy network issue you should probably either open with Linked or Google. |
It actually doesn't matter if you send the refresh token or not, plainly calling |
I just tried out with a simple HTTP POST, as suggested, and still got the same issue: the LinkedIn server does not respond at all. It just weird, cause the authorisation endpoint works well (also in Cloud Run). This is really confusing :| Will try to explore other ways and make sure I share the solution (if I find it) with the community. Btw, really appreciate the time you dedicate into this @tomasvotava! |
Ouch, that's hard to debug, you could probably try setting up logging to Feel free to let me know when you know more, I'll be glad to help and it would be awesome to have some resolution for others who may stumble upon this. |
Good news! I managed to find the issue and it was, effectively, a networking issue - It turned out Cloud Run was routing all the traffic to an internal VPC and the requests weren't able to reach out the public internet. It was solved by creating a NAT gateway and assigning a static IP address (reference). The confusing thing was, also, that I was using Google SignIn (leveraging fastapi-sso as well) and it was working well! My assumption is that given it is a Google service, it somehow manages to reach the SSO provider without getting into the public internet (maybe I'm completely wrong). Anyways, really appreciate the community support here! <3 Feel free to close the issue then :) |
Thanks a lot for letting me know! This may help others in the future. |
Hey,
I have built a FastAPI app that is deployed on a Google Cloud Run instance, connected with a given subdomain. The app allows users to signing using both Google and LinkedIn. I am powering that functionality with fastapi-sso library but I am getting an issue with the LinkedIn one. After dealing with this for more than a week, I decided on posting it here and see if anyone could help.
Context:
See image of the code snippet where the process hangs (line 494, fastapi_sso/sso/base.py):
Any thoughts why this may be happening?
Thanks for your amazing contribution to the community, btw!
The text was updated successfully, but these errors were encountered: