Discourse Azure AD Plugin not working


(Chanka Dod) #1

I couldn’t make the Azure AD plugin configured.


After adding to app.yml, rebuilding doesn’t work.

Is the plugin obsolete?


(Matt Palmer) #2

Why would you leap straight to the plugin being obsolete?

Define “doesn’t work”. The full console output from the rebuild run would be preferred.


(Chanka Dod) #3

As I couldn’t find the plugin in the meta, I assumed it to be obsolete. :slight_smile:

I added the plugin to app.yml like below

 hooks:
  after_code:
- exec:
    cd: $home/plugins
    cmd:
      - git clone https://github.com/discourse/docker_manager.git
      - git clone https://github.com/discourse/discourse-azure-ad.git

During the rebuild it fails at the below point.

FAILED
--------------------
Pups::ExecError: cd /var/www/discourse && su discourse -c 'bundle exec rake db:migrate' failed with return #<Process::Status: pid 16835 exit 1>
Location of failure: /pups/lib/pups/exec_command.rb:108:in `spawn'
exec failed with the params {"cd"=>"$home", "hook"=>"bundle_exec", "cmd"=>["su discourse -c 'bundle install --deployment --verbose --without test --without development'", "su discourse -c 'bundle exec rake db:migrate'", "su discourse -c 'bundle exec rake assets:precompile'"]}
4c8dc9092f38bca99f21fac1c7e417f07d979e48f466259088937d1f02345087
** FAILED TO BOOTSTRAP ** please scroll up and look for earlier error messages, there may be more than one

(Sam Saffron) #4

Yeah… we are going to need that :wink:


(Chanka Dod) #5

Sorry for being late to reply. It’s Yesterday that I was look into the discourse configuration again.

Finally I was able to configure it successfully. Seems like I have done a silly mistake when configuring the plugin. I have not properly added the environment variables to app.yml.

Everything seems to be working smoothly now. :smiley:

May I know why it’s not published in the meta as a plugin yet?

Cheers


(Ryan Nix) #6

Hi Chanka

Can you please explain a little more what you did to get it to compile? I can’t get Discourse rebuilt with the plugin in my app.yml file.

hooks:
after_code:
- exec:
cd: $home/plugins
cmd:
- git clone https://github.com/discourse/docker_manager.git
- git clone https://github.com/discourse/discourse-azure-ad.git

Thanks!

  • Ryan

(Chanka Dod) #7

Hi Ryan
Before rebuilding you need to

If you’re running Discourse from the Docker container, add these environment variables to your container’s yml file:
DISCOURSE_AZURE_CLIENT_ID
DISCOURSE_AZURE_CLIENT_SECRET
(optional) DISCOURSE_AZURE_TITLE

Cheers
Chanka


(Ryan Nix) #8

Thanks, Chanka! Can’t believe it’s that easy. :slight_smile:


(Ryan Nix) #9

Followup question for @Chanka_Dod and @sam: The oAuth plug-in is working great, except one thing: The user’s email address is incorrect. The plug-in is populating the email address as the short name and the Active Directory domain, neither of which are correct. Example my email address is r-nix@mycollege.edu but the oAuth plugin is making the email address rtn456@ad.mycollege.edu. Is there a way to add something to the code that populates the user account as the ‘mail’ attribute in LDAP or Active Directory.


(Sam Saffron) #10

I am not sure exactly what changes are needed would appreciate some help:

The implementation now is all here:

The gem itself that implement the bridge is here:

So you need to figure out first if the change is required in the library we are leaning on vs the library we control.


(Mark Nadig) #11

Crosspoting from gitub. I’m not in a position to test this out at the moment, however it appears that we’re just grabbing the ‘email’ attribute returned from Azure.
line 52 of


(Ryan Nix) #12

Looks like the UPN or UserPrincipalName is the attribute being used as the email address in Discourse. I’ll log a ticket with Azure support to see how this can be fixed. @sam @marknadig