Add azure-AD authentication

[aileo]

No description provided.

[polcape]

Hi @aileo,
I am trying to use your version for AAD authentication.

How can I setup the application on https://portal.azure.com/?
In particular what is the correct redirect urls?
Are there any other settings to setup?

Thanks

[aileo]

Hi @polcape ,

Here is the readme part about AAD authentication that describes all parameters to pass to WARP in order to enable AAD auth.

I am not familiar with the azure portal as I only create my apps registration on the MS Entra admin center.
There you can create a new app registration, I forgot about the callback scheme in the readme, it should be something like : https://your.domain/signin-oidc

I hope this helps.

[polcape]

Thanks @aileo,
I tried to setup everyhting but when I try log in after the redirect from Entra app I get this exception in logs

warp-wsgi | [2024-12-05 08:08:47,188] ERROR in app: Exception on /signin-oidc [GET]
warp-wsgi | Traceback (most recent call last):
warp-wsgi | File "/usr/local/lib/python3.13/site-packages/flask/app.py", line 2529, in wsgi_app
warp-wsgi | response = self.full_dispatch_request()
warp-wsgi | File "/usr/local/lib/python3.13/site-packages/flask/app.py", line 1825, in full_dispatch_request
warp-wsgi | rv = self.handle_user_exception(e)
warp-wsgi | File "/usr/local/lib/python3.13/site-packages/flask/app.py", line 1823, in full_dispatch_request
warp-wsgi | rv = self.dispatch_request()
warp-wsgi | File "/usr/local/lib/python3.13/site-packages/flask/app.py", line 1799, in dispatch_request
warp-wsgi | return self.ensure_sync(self.view_functions[rule.endpoint])(**view_args)
warp-wsgi | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^
warp-wsgi | File "/usr/local/lib/python3.13/site-packages/warp/auth_aad.py", line 72, in signin_oidc
warp-wsgi | return flask.render_template("auth_error.html", result=result, application_root_uri=app_root_uri)
warp-wsgi | ~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
warp-wsgi | File "/usr/local/lib/python3.13/site-packages/flask/templating.py", line 146, in render_template
warp-wsgi | template = app.jinja_env.get_or_select_template(template_name_or_list)
warp-wsgi | File "/usr/local/lib/python3.13/site-packages/jinja2/environment.py", line 1084, in get_or_select_template
warp-wsgi | return self.get_template(template_name_or_list, parent, globals)
warp-wsgi | ~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
warp-wsgi | File "/usr/local/lib/python3.13/site-packages/jinja2/environment.py", line 1013, in get_template
warp-wsgi | return self._load_template(name, globals)
warp-wsgi | ~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^
warp-wsgi | File "/usr/local/lib/python3.13/site-packages/jinja2/environment.py", line 972, in _load_template
warp-wsgi | template = self.loader.load(self, name, self.make_globals(globals))
warp-wsgi | File "/usr/local/lib/python3.13/site-packages/jinja2/loaders.py", line 126, in load
warp-wsgi | source, filename, uptodate = self.get_source(environment, name)
warp-wsgi | ~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^
warp-wsgi | File "/usr/local/lib/python3.13/site-packages/flask/templating.py", line 62, in get_source
warp-wsgi | return self._get_source_fast(environment, template)
warp-wsgi | ~~~~~~~~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^^^
warp-wsgi | File "/usr/local/lib/python3.13/site-packages/flask/templating.py", line 98, in _get_source_fast
warp-wsgi | raise TemplateNotFound(template)
warp-wsgi | jinja2.exceptions.TemplateNotFound: auth_error.html

Can you help?

[aileo]

Hi @polcape, this PR is missing a review and so far you are doing great at finding all my mistakes :) .

I forgot to create the auth_error.html template in warp/templates that should be rendered here

I will need some time to test and come back to you.

[polcape]

Ok @aileo thanks.

I am waiting your fix here because I don't know how to build the auth_error.html to see the error messages.

Thansk

[polcape]

Hi @aileo,

but also without the auth_error.html can I catch the error somewhere?

Thanks