Problem registering a new user from the CMS

This is a continuation of the discussion started at the edx slack. I’ll mention all the valuable data from that discussion here.


  • Studio is configured to use LMS SSO as described in the studio oauth guide.
  • Studio has a separate SESSION_COOKIE_NAME different from the LMS one.

The problem:

Registration started from the Studio leads to errors. The user isn’t logged in after the registration. The problem reproduces until the user logged into LMS as inactive (which is done automatically after registration).

Error logs:

Traceback (most recent call last):
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/django/core/handlers/", line 47, in inner
    response = get_response(request)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/django/core/handlers/", line 181, in _get_response
    response = wrapped_callback(request, *callback_args, **callback_kwargs)
  File "/usr/lib/python3.8/", line 75, in inner
    return func(*args, **kwds)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/django/views/decorators/", line 44, in _wrapped_view_func
    response = view_func(request, *args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/django/views/decorators/", line 54, in wrapped_view
    return view_func(*args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_django/", line 46, in wrapper
    return func(request, backend, *args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_django/", line 31, in complete
    return do_complete(request.backend, _do_login, user=request.user,
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/", line 45, in do_complete
    user = backend.complete(user=user, *args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/backends/", line 40, in complete
    return self.auth_complete(*args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/auth_backends/", line 98, in auth_complete
    user = super().auth_complete(*args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/", line 251, in wrapper
    raise AuthCanceled(args[0], response=err.response)
social_core.exceptions.AuthCanceled: Authentication process canceled
2022-06-30 08:57:15,435 ERROR 4089285 [django.request] [user None] [ip] - Internal Server Error: /complete/edx-oauth2/
Traceback (most recent call last):
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/", line 248, in wrapper
    return func(*args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/backends/", line 382, in auth_complete
    response = self.request_access_token(
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/backends/", line 360, in request_access_token
    return self.get_json(*args, **kwargs)
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/backends/", line 242, in get_json
    return self.request(url, *args, **kwargs).json()
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/social_core/backends/", line 238, in request
  File "/edx/app/edxapp/venvs/edxapp/lib/python3.8/site-packages/requests/", line 960, in raise_for_status
    raise HTTPError(http_error_msg, response=self)
requests.exceptions.HTTPError: 400 Client Error: Bad Request for url:

Additional Info:

  • the problem reproduces on (proved by @Tim_McCormack );
  • the problem disappears if to activate the user account;
  • errors I’ve attached above are caused by recursion. There is a loop: LMS authorises user => getting the access_token => redirecting to CMS/complete/edx-oauth2 => CMS calls LMS/authorize endpoint again => …loop repeats… => LMS/oauth/access_token breaks the loop with 400 error (I suspect reaching the rate limit). Here is where a loop cause is - social-core/ at master · python-social-auth/social-core · GitHub
  • tried to reproduce the issue for other IDAs (e-commerce, credentials, discovery). Registered a new account in the LMS, got the logged-in session for the inactive user, and clicked the log-in button on the mentioned services => all works fine. The reason is that the user in that services is created as active regardless of active status in the LMS.


INACTIVE_USER_LOGIN = True  # Allow inactive users to be logged in
INACTIVE_USER_URL = 'http://localhost:18010'  # If not set user will be redirected to /login after the login itself (loop)
  • Tested mentioned settings on the stage env - the errors are eliminated, but after the registration user is not logged in to the Studio and has to click the “Sign In” button. This is because registration doesn’t start the SSO flow.
    This could be fixed by modifying the “next=” parameter for the registration link (source) to trigger the SSO login (TBD):

?next=${current_url} ==>


  • With settings only:
  • Settings + change the “next=” parameter:

Be welcome to help me find the best solution here! :slightly_smiling_face:

1 Like