flask-oauthlib php,python – flask-oauthlib服务器与requests-oauthlib客户端不兼容

空谦
2023-12-01

我有一个flask-oauthlib服务器启动并运行,并且能够在使用

the example的客户端代码时正确授权/验证.我意识到并非所有客户都安装了flask-oauthlib,所以我试图创建request-oauthlib的客户端,但它在我的服务器上失败(即使请求-oauthlib提供的“Github示例”正常工作).

这是我的requests-oauthlib客户端代码:

from requests_oauthlib import OAuth2Session

from flask import Flask, request, redirect, session, url_for

from flask.json import jsonify

import os

app = Flask(__name__)

client_id = 'M2GCECELADgqZNke50iShcXRjq0pyO8i72W38l7U'

client_secret = 'ao5wrWp7RrUuKlgTxjmK6D7Z9dsPlI6fZc2WwkTTG4eEvXsN1q'

authorization_base_url = 'http://127.0.0.1:5000/oauth/authorize'

token_url = 'http://127.0.0.1:5000/oauth/token'

@app.route("/")

def demo():

remote = OAuth2Session(client_id)

authorization_url, state = remote.authorization_url(authorization_base_url)

session['oauth_state'] = state

return redirect(authorization_url)

@app.route("/authorized", methods=["GET"])

def authorized(): # this is where it fails

remote = OAuth2Session(client_id, state=session['oauth_state'])

token = remote.fetch_token(token_url, client_secret=client_secret, authorization_response=request.url)

session['oauth_token'] = token

return redirect(url_for('.profile'))

@app.route("/profile", methods=["GET"])

def profile():

remote = OAuth2Session(client_id, token=session['oauth_token'])

return jsonify(remote.get('http://127.0.0.1:5000/api/me').json())

if __name__ == "__main__":

os.environ['DEBUG'] = '1'

app.secret_key = os.urandom(24)

app.run(host='localhost', port=8000,debug=True, use_reloader=False)

在服务器上,这是token_handler.它目前返回None,我试图让它返回一个字典和一个json编码的字典,没有运气.

@app.route('/oauth/token')

@oauth.token_handler

def access_token():

return None

为什么这适用于一个oauthlib客户端而不是另一个?我是oauthlib的新手所以也许我错过了一些愚蠢容易的东西?

编辑:我正在使用:

oauthlib 0.6.1

flask-oauthlib 0.4.3

requests 2.2.1

requests-oauthlib 0.4.0

flask 0.10.1

python 2.7

编辑#2:request-oauthlib客户端的日志记录:

Requesting url http://127.0.0.1:5000/oauth/token using method POST.

Supplying headers {u'Accept': u'application/json'} and data {u'code': u'vG7shZebClhAjzmSUQuHoqlXNrPTVr', u'client_secret': u'qdlmQvf5tdSVxFqixeE4wOKxe3awfEbsymCOpjeTIZEaWjbbB5', u'grant_type': u'authorization_code', u'client_id': u'EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96'}

Passing through key word arguments {'auth': None}.

Prepared fetch token request body grant_type=authorization_code&code=vG7shZebClhAjzmSUQuHoqlXNrPTVr&client_id=EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96&client_secret=qdlmQvf5tdSVxFqixeE4wOKxe3awfEbsymCOpjeTIZEaWjbbB5

Request to fetch token completed with status 405.

Response headers were CaseInsensitiveDict({'date': 'Tue, 25 Feb 2014 21:19:32 GMT', 'content-length': '178', 'content-type': 'text/html', 'allow': 'HEAD, OPTIONS, GET', 'server': 'Werkzeug/0.9.4 Python/2.7.5+'}) and content

405 Method Not Allowed

Method Not Allowed

The method is not allowed for the requested URL.

.

Invoking 0 token response hooks.

127.0.0.1 - - [25/Feb/2014 14:19:32] "GET /authorized?state=qPJnIJctmsTbojT2nTOkgRNwgnU8vF&code=vG7shZebClhAjzmSUQuHoqlXNrPTVr HTTP/1.1" 500 -

Traceback (most recent call last):

....

....

ValueError: No JSON object could be decoded

编辑#3:服务器的flask-oauthlib日志记录:

Found redirect_uri None.

Validate client u'EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96'

Found default redirect uri 'http://localhost:8000/authorized'

Found default scopes ['email']

127.0.0.1 - - [25/Feb/2014 14:19:30] "GET /oauth/authorize?response_type=code&client_id=EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96&state=qPJnIJctmsTbojT2nTOkgRNwgnU8vF HTTP/1.1" 200 -

Fetched credentials from request {'state': u'qPJnIJctmsTbojT2nTOkgRNwgnU8vF', 'redirect_uri': None, 'response_type': u'code', 'client_id': u'EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96'}.

Found redirect_uri None.

Validate client u'EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96'

Found default redirect uri 'http://localhost:8000/authorized'

Persist authorization code {u'state': u'qPJnIJctmsTbojT2nTOkgRNwgnU8vF', u'code': u'vG7shZebClhAjzmSUQuHoqlXNrPTVr'} for client u'EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96'

Authorization successful.

127.0.0.1 - - [25/Feb/2014 14:19:32] "POST /oauth/authorize HTTP/1.1" 302 -

127.0.0.1 - - [25/Feb/2014 14:19:32] "POST /oauth/token HTTP/1.1" 405 -

编辑#4:服务器的oauthlib日志记录:

Validating redirection uri None for client EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96.

Using default redirect_uri http://localhost:8000/authorized.

Validating access to scopes ['email'] for client u'EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96' ().

127.0.0.1 - - [25/Feb/2014 14:12:30] "GET /oauth/authorize?response_type=code&client_id=EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96&state=oHvelCpzosGfJd7ZzCeBvsmRANmipb HTTP/1.1" 200 -

Dispatching response_type code request to .

Validating redirection uri None for client EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96.

Using default redirect_uri http://localhost:8000/authorized.

Validating access to scopes [u'email'] for client u'EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96' ().

Pre resource owner authorization validation ok for .

Created authorization code grant {u'state': u'oHvelCpzosGfJd7ZzCeBvsmRANmipb', u'code': u'yAZZwtCd1IyAeBtHEgg4YTnHl46Ddf'} for request .

Saving grant {u'state': u'oHvelCpzosGfJd7ZzCeBvsmRANmipb', u'code': u'yAZZwtCd1IyAeBtHEgg4YTnHl46Ddf'} for .

127.0.0.1 - - [25/Feb/2014 14:12:32] "POST /oauth/authorize HTTP/1.1" 302 -

127.0.0.1 - - [25/Feb/2014 14:12:32] "POST /oauth/token HTTP/1.1" 405 -

 类似资料: