I’m trying to connect to my FarmOS instance using the FarmOS.py library, but I’m running into trouble with authentication.
If I run
token = farm_client.authorize(username, password, scope="farm_manager")
I get this error response
oauthlib.oauth2.rfc6749.errors.ServerError: (server_error) The authorization server encountered an unexpected condition which prevented it from fulfilling the request: You need to set the OAuth2 secret and private keys.
So, I looked into the “Simple OAuth Settings”. If try the “Generate Keys” button it asks for a directory and I have not been able to find a valid value for that. The default value is a relative path (
../keys), but I don’t know what it’s relative to.
I’m running FarmOS in Docker. I think the problem is that Drupal does not have write access to the folder, and even if it did, they keys would not survive a restart unless I mount the directory outside the container.
I’m having a hard time finding any documentation or guidelines for setting up and managing these keys in a docker environment. Does anyone have helpful tips to send me in the right direction?
Oh yes @gmagnusson good point - we don’t have this documented anywhere yet.
The way I do it is I put the two key files (
private.key) into a
keys directory outside the container, and then bind-mount it into
/opt/drupal/keys inside the container as a volume.
README.md suggests creating the keys using the following commands:
openssl genrsa -out private.key 2048
openssl rsa -in private.key -pubout > public.key
Thanks for the detailed message @gmagnusson - you are spot on.
Should we update our “production” docker-compose file to add this volume mount? farmOS/docker-compose.production.yml at 66642daef258ee0a13d98c92ac8af8265cbbde56 · farmOS/farmOS · GitHub
Also, just want to note that the keys should be created automatically when installing (if the keys directory exists and is accessible): farmOS/farm_api.install at 66642daef258ee0a13d98c92ac8af8265cbbde56 · farmOS/farmOS · GitHub
@gmagnusson I would assume an error message was logged while you were installing farmOS. It would be helpful if you could confirm this (assuming you still have that environment - no worries if not!). Perhaps we could add to this error message as well and direct the administrator to documentation.
Sorry I don’t. But I’ll keep an eye out next time. I will be tearing this down and rebuilding many times.