Social Logins Error with Google

I just ran the bench update function (on master) and everything went smoothly, but now I’m getting a login error when using the Google social logins:

Traceback (most recent call last):
File “/home/ubuntu/frappe-bench/apps/frappe/frappe/app.py”, line 62, in application
response = frappe.api.handle()
File “/home/ubuntu/frappe-bench/apps/frappe/frappe/api.py”, line 53, in handle
return frappe.handler.handle()
File “/home/ubuntu/frappe-bench/apps/frappe/frappe/handler.py”, line 22, in handle
data = execute_cmd(cmd)
File “/home/ubuntu/frappe-bench/apps/frappe/frappe/handler.py”, line 53, in execute_cmd
return frappe.call(method, **frappe.form_dict)
File “/home/ubuntu/frappe-bench/apps/frappe/frappe/init.py”, line 923, in call
return fn(*args, **newargs)
File “/home/ubuntu/frappe-bench/apps/frappe/frappe/www/login.py”, line 38, in login_via_google
login_via_oauth2(“google”, code, state, decoder=json.loads)
File “/home/ubuntu/frappe-bench/apps/frappe/frappe/utils/oauth.py”, line 169, in login_via_oauth2
info = get_info_via_oauth(provider, code, decoder)
File “/home/ubuntu/frappe-bench/apps/frappe/frappe/utils/oauth.py”, line 187, in get_info_via_oauth
session = flow.get_auth_session(**args)
File “/home/ubuntu/frappe-bench/env/local/lib/python2.7/site-packages/rauth/service.py”, line 556, in get_auth_session
session = self.get_session(self.get_access_token(method, **kwargs))
File “/home/ubuntu/frappe-bench/env/local/lib/python2.7/site-packages/rauth/service.py”, line 541, in get_access_token
r = self.get_raw_access_token(method, **kwargs)
File “/home/ubuntu/frappe-bench/env/local/lib/python2.7/site-packages/rauth/service.py”, line 518, in get_raw_access_token
**kwargs)
File “/home/ubuntu/frappe-bench/env/local/lib/python2.7/site-packages/rauth/session.py”, line 358, in request
return super(OAuth2Session, self).request(method, url, **req_kwargs)
File “/home/ubuntu/frappe-bench/env/local/lib/python2.7/site-packages/requests/sessions.py”, line 335, in request
resp = self.send(prep, **send_kwargs)
File “/home/ubuntu/frappe-bench/env/local/lib/python2.7/site-packages/requests/sessions.py”, line 438, in send
r = adapter.send(request, **kwargs)
File “/home/ubuntu/frappe-bench/env/local/lib/python2.7/site-packages/requests/adapters.py”, line 331, in send
raise SSLError(e)
SSLError: [Errno bad handshake]

I’m not sure if this is related to running the update or not. I’ve confirmed my social login key and secret code, and it was working last week (before running the update).

If anyone has any suggestions, I’d really appreciate it. Most of my staff cannot get on ERP because of this.

Just tested this, works fine for me.

Hi @Ben_Cornwell_Mott

do /var/log/auth.log or /var/log/syslog give you any clues?

From this https://community.letsencrypt.org/t/ubuntu-14-04-sslerror-errno-bad-handshake/37431

I tried this on my local ‘bench console’

In [1]: import requests

In [2]: requests.get(‘https://acme-v01.api.letsencrypt.org’)
Out[2]: <Response [200]>

In [3]:

Can you login if you delete the Social Login values and reload?

Does Administrator login work?

There’s this change 8+ days ago!?
https://github.com/frappe/frappe/blame/develop/frappe/integrations/doctype/gsuite_settings/gsuite_settings.py

to fix this issue
https://github.com/frappe/frappe/commit/99f17c651cef86fc85061c7e88c7cb202b880d21

Thanks for the response.

I can log in with all the accounts using the frappe username and passwords. It’s only trying to use the social logins that fails. Most of my users have signed up using social logins so don’t have a normal password set / known. I have been resetting those so that my users can use the system, but it’s causing a pretty big pain.

I don’t see anything related to the social login attempts in auth.log or syslog. Nothing helpful there :frowning:

I tried using the requests.get and that worked fine (response [200]) with both google and yours suggested path (letsencrypt.org). When I try to use the get_auth_session command, that’s when I run into issues. I think the issue might be in the version of rauth I am using.

I also know that the social login client ID is correct, because if I change it then I get a Not Authorized message from google before I select my account. I even changed my Google API project to see if that made a difference and it didn’t seem to. I get the bad handshake regardless of what I set my secret code to be, but I’ve doublechecked that value several times.

Other thoughts to try to reset

frappe@erpnext:~/frappe-bench$ bench clear-cache
frappe@erpnext:~/frappe-bench$ bench clear-website-cache

frappe@erpnext:~/frappe-bench$ sudo service nginx reload

frappe@erpnext:~/frappe-bench$ sudo supervisorctl stop all
frappe@erpnext:~/frappe-bench$ sudo supervisorctl start all

I believe the two commands above and this below accomplish the same, to restart the scheduler + worker processes
frappe@erpnext:~/frappe-bench$ bench restart

To restart ERPNext itself, I just reboot the kvm VM instance that hosts it.

Thanks for the efforts, but no success.

I tried bench clear-cache, clear-website-cache and nginx reload. I also tried updating ssl, rauth, and response. I also tried restarting bench and rebooting the system.

“updating ssl, rauth, and response”

ah I see so instead of say ‘apt-get update’

Our friends will soon be awake, refreshed with thoughts on new ideas to try

So I was able to, after a great deal of pain, fix this issue. Here was (I think) the problem.

The version of python that I was running was Python 2.7.6. Every time I updated bench I’d get warnings about SNIMissing. I found a reference to this warning when looking up the SSL error, so decided that updating Python to the latest (2.7.13+) might fix the issue.

After a great deal of heartache trying to do this (Ubuntu 14.04’s latest apt-get version is 2.7.6), I was finally able to update python and now social logins works again.

Unfortunately I messed up when upgrading it and basically needed to reinstall frappe and all the packages. Hopefully I’ve got everything restored to where it works.

2 Likes