Azure
Auth0 data connector failed to fetch data with error UnboundLocalError: local variable 'token' referenced before assignment Stack
Hi @sandeep5234, Thanks for flagging this issue, we will investigate this issue and get back to you with some updates by 26-02-2024. Meanwhile, could you please share more context about issue with us, so we can have more info about it. Thanks!
Hi @sandeep5234 ,COuld you please share more details on this issue with screen shots and detailed replication steps
Hi @sandeep5234, Gentle Reminder: We are waiting for your response on this issue. If you still need to keep this issue active, please respond to it in the next 2 days. If we don't receive a response by 05-02-2024 date, we will be closing this issue. Thanks!
@v-muuppugund and @v-sudkharat We have customer who wants to bring Auth0 data into sentinel using Auth0 data connector. Auth0 data connector works with Azure function so we have deployed the Azure function to pull data from Auth0.
In Auth0 azure function we are getting below error
Please let me know if more information is required.
Hello Team, We also recently deployed the Auth0 data connector and encountered the same error. Please refer to the screenshot. Thank you.
@sandeep5234 @v-sudkharat @v-muuppugund
The reason is simple: a basic rule of programming has been broken here.
Let me explain:
Since they've moved on to Python 3.8 and especially Runtime 4, the code that used to let things through doesn't do so now.
In Main.py you have the Auth0Connector class, which is declared and instantiated in the Timer in its init, it declares a self.token to none and then the instantiated object launches the get_log_events method, which by default takes the self.token as the return from the function in the same _get_token() class.
However, the UnboundErrorLocal in any advanced language specifies that when a function reuses the same variable in Local, it can no longer return global. As the doc says: Python's UnboundLocalError seems very confusing when newcomers to Python experience it for the first time. However, it is quite easy. An UnboundLocalError can occur due to two reasons in Python, one is when you are trying to access the value of a variable before it is assigned, and the second is when Python fails to differentiate between global and local variables.
That's what's happening here: just rename the variable used in the _get_token() accesstoken method and you're back in business.
I can make the change and do a PR, but I don't know on which branch, given the number of variables, I'll leave it to the people in charge of the repo to make the change as they see fit.
Don't hesitate to comment if there's a problem, but as far as I'm concerned, everything works.
Thanks
@sandeep5234 @v-sudkharat @v-muuppugund
The reason is simple: a basic rule of programming has been broken here.
Let me explain: Since they've moved on to Python 3.8 and especially Runtime 4, the code that used to let things through doesn't do so now.
In Main.py you have the Auth0Connector class, which is declared and instantiated in the Timer in its init, it declares a self.token to none and then the instantiated object launches the get_log_events method, which by default takes the self.token as the return from the function in the same _get_token() class.
However, the UnboundErrorLocal in any advanced language specifies that when a function reuses the same variable in Local, it can no longer return global. As the doc says: Python's UnboundLocalError seems very confusing when newcomers to Python experience it for the first time. However, it is quite easy. An UnboundLocalError can occur due to two reasons in Python, one is when you are trying to access the value of a variable before it is assigned, and the second is when Python fails to differentiate between global and local variables.
That's what's happening here: just rename the variable used in the _get_token() accesstoken method and you're back in business.
I can make the change and do a PR, but I don't know on which branch, given the number of variables, I'll leave it to the people in charge of the repo to make the change as they see fit.
Don't hesitate to comment if there's a problem, but as far as I'm concerned, everything works. Thanks
Hi @sandeep5234 / @RamAbburi /' @jtcroninopsc / @digitalarche ,Apologies for the delayed response,will check on it and update you
@v-muuppugund can above recommendation be applied to Auth0 data connector in Sentinel repo? Then we can pick it up in the azure from content hub.
@v-muuppugund can above recommendation be applied to Auth0 data connector in Sentinel repo? Then we can pick it up in the azure from content hub.
@sandeep5234 ,Sure,will check on it and update you
@v-muuppugund can above recommendation be applied to Auth0 data connector in Sentinel repo? Then we can pick it up in the azure from content hub.
@sandeep5234 ,Sure,will check on it and update you
Hi @sandeep5234 ,Working on it,will update you
Hi @sandeep5234 , Analyzed the issue and we are able to replicate the issue at our end and want to have a debugging session for further trouble shooting, so sharing an email for teams meeting,Could you please share couple of time slots or will discuss in tomorrow call
@sandeep5234 ,as discussed today morning call,the following are updates
- The Auth0 connector are able to replicate the issue and we are unable unable to generate token from Auth0 and working on further analysis ,will update you
@sandeep5234 / @digitalarche / @RamAbburi / @jtcroninopsc ,I have created a environment in Auth0 and able to generate token and the issue at auth0 configurations
and am able to set up the auth0 environment successfully,Please find below screen shot for references
@v-muuppugund Thanks for the update. Do you have any recommended configuration at Auth0 side to complete this setup.
@v-muuppugund Thanks for the update. Do you have any recommended configuration at Auth0 side to complete this setup.
Sure ,Will share the configuration steps from Auth0 side
@RamAbburi , Please find below steps need to be done at Auth0 side,
Step1 : Click on settings of the App and note down the credentials
2.Copy the domain 3.Get the client id value 4.Get the client secret
Step 2: Under Application properties -->select Application type as Machine to Machine
Step 3: under credentials tab-> Select Client secret (Post),Please find below screen shot for reference,
Step 4:
Under API tab, Please make sure Authorized to scopes, Please find below screen shot for reference
Step 5:
Please make sure the domain value under settings-->Environment Varaibles, please refer below screen shot for reference and other values are entered from the above step copied values and Domain should be starts with [https://,then]https://,then click on Apply and restart function app
Step 6: After all the above steps,Check in Monitor section function app below up and running
Please let me know if you have any questions/ issues,
Hi @sandeep5234, We are waiting for your response on above shared solution. Thanks!
@v-sudkharat We have asked customer to confirm above instructions. Meanwhile would you be able to confirm if Azure function app will cache the token for 24 hours before asking for another token from Oauth or will it renew the token every 5 minutes when Function app executes? Because from Oauth side, customer gets limited set of machine-to-machine token per month and if Azure function app request new token every time, that will deplete customer tokens availability.
Please confirm.
@v-sudkharat We have asked customer to confirm above instructions. Meanwhile would you be able to confirm if Azure function app will cache the token for 24 hours before asking for another token from Oauth or will it renew the token every 5 minutes when Function app executes? Because from Oauth side, customer gets limited set of machine-to-machine token per month and if Azure function app request new token every time, that will deplete customer tokens availability.
Please confirm.
Hi @sandeep5234 ,It will fetch token from oauth on every function app executes,What is the customer subscription plan in Auth0 based on that tokens will be limited ,Free Maximum M2M tokens is 1000 and based on the subscription plan it will be vary?
@v-sudkharat We have asked customer to confirm above instructions. Meanwhile would you be able to confirm if Azure function app will cache the token for 24 hours before asking for another token from Oauth or will it renew the token every 5 minutes when Function app executes? Because from Oauth side, customer gets limited set of machine-to-machine token per month and if Azure function app request new token every time, that will deplete customer tokens availability. Please confirm.
Hi @sandeep5234 ,It will fetch token from oauth on every function app executes,What is the customer subscription plan in Auth0 based on that tokens will be limited ,Free Maximum M2M tokens is 1000 and based on the subscription plan it will be vary?
Hi @sandeep5234 ,Gentle reminder,,It will fetch token from oauth on every function app executes,What is the customer subscription plan in Auth0 based on that tokens will be limited ,Free Maximum M2M tokens is 1000 and based on the subscription plan it will be vary?
Hi @sandeep5234 ,Since we have not received a response in the last 5 days, we are closing your issue (https://github.com/Azure/Azure-Sentinel/issues/10002) as per our standard operating procedures. If you still need support for this issue, feel free to re-open at any time. Thank you for your co-operation!
I tried redeploying from scratch this morning, but I am still running into errors. Just wanted to verify that the Azure deployment template was updated with the necessary changes.