Dropbox Python API身份验证失败,未找到请求令牌
这是我在身份验证失败时遇到的错误。 我正在开发一个web应用程序,我需要一些帮助。我正在为土耳其书籍开发一个类似于古腾堡项目的web应用程序,我想像古腾堡项目一样,为我的Dropbox功能添加add。我使用Django作为web框架,以下是我迄今为止所做的工作。请记住,我是Django的绝对初学者和初级软件开发人员,因此,任何关于Django最佳实践或安全问题的建议也会有所帮助 这是来自book_detail.htmlDropbox Python API身份验证失败,未找到请求令牌,python,django,dropbox,dropbox-api,Python,Django,Dropbox,Dropbox Api,这是我在身份验证失败时遇到的错误。 我正在开发一个web应用程序,我需要一些帮助。我正在为土耳其书籍开发一个类似于古腾堡项目的web应用程序,我想像古腾堡项目一样,为我的Dropbox功能添加add。我使用Django作为web框架,以下是我迄今为止所做的工作。请记住,我是Django的绝对初学者和初级软件开发人员,因此,任何关于Django最佳实践或安全问题的建议也会有所帮助 这是来自book_detail.html <div> <form action="/books
<div>
<form action="/booksite/dropbox_integration/{{book.id}}/" method="post">{% csrf_token %}
<input type="submit" value="Add to Dropbox" />
</form>
</div>
def file_upload(request):
APP_KEY = 'xxx' # i got real key and secret
APP_SECRET = 'xxxx'
ACCESS_TYPE = 'app_folder'
sess = session.DropboxSession(APP_KEY, APP_SECRET, ACCESS_TYPE)
b_id=request.session['book_id']
#this line is useless now
book = get_object_or_404(Book, pk=1) #book_id
#i want to upload this file to my dropbox as foo1.pdf
f = open('C:/Users/baris/workspace/OpenLibrary/booksite/temp_files/documents/docs/201462912729dt_kitap1.pdf', 'rb')
client1 = client.DropboxClient(sess)
r1 = client1.put_file('foo1.pdf', f)
url="http://localhost:8000/booksite"
return HttpResponseRedirect(url)
@csrf_protect
def file_upload(request):
base_path = os.path.dirname(os.path.abspath(__file__))
config_path = os.path.join(os.path.join(base_path, 'temp_files'), "config.txt")
logger.debug("Base path=" + base_path)
logger.debug("Config path=" + config_path)
content = []
if os.path.exists(config_path):
with open(config_path) as the_file:
content = the_file.readlines()
else:
logger.debug("Config.txt dosyasi bulunamadi.")
config_key = content[0].split('|')[0]
config_secret = content[0].split('|')[0]
ACCESS_TYPE = 'app_folder'
sess = session.DropboxSession(config_key, config_secret, ACCESS_TYPE)
b_id = request.session['book_id']
logger.debug("File upload fonksiyonu book id=" + str(b_id))
book = get_object_or_404(Book, pk=1) # book_id olarak 1 verdim.
request_token = JSONDecoder(object_hook=from_json).decode(request.session['request_token'])
logger.debug("REQUEST_TOKEN="+str(request_token))
access_token = sess.obtain_access_token(request_token)
logger.debug(access_token)
client1 = client.DropboxClient(sess)
try:
base_path1 = os.path.dirname(os.path.abspath(__file__))
with open(os.path.join(base_path1, "udacity.txt"), "rb") as fh: # os.path.join(self.path, self.filename)
path = os.path.join(path, filename)
print path
print fh
res = client1.put_file("udacity.txt", fh)
except Exception, e:
logger.debug("ERROR: " + str(e))
url = "http://127.0.0.1:8000/booksite/books/12/detail/"
return HttpResponseRedirect(url)
Exception Type: ErrorResponse
Exception Value: [401] u'Authentication failed'
Django Version: 1.6.5
Request URL: http://localhost:8000/booksite/file_upload?oauth_token=some_real_token&uid=some_number
def dropbox_integration(request, book_id):
if request.method == 'POST':
APP_KEY = 'xxxxxx' # I have the real values of key and secret in the code
APP_SECRET = 'xxxxx'
ACCESS_TYPE = 'app_folder'
#This is my redirect url after login and upload file
callback = "http://localhost:8000/booksite/file_upload"
sess = session.DropboxSession(APP_KEY, APP_SECRET, ACCESS_TYPE)
request_token = sess.obtain_request_token()
url = sess.build_authorize_url(request_token, oauth_callback=callback)
#i use session for parameter passing but now this line is useless and irrelevant
request.session['book_id']=book_id
return HttpResponseRedirect(url)
return HttpResponseRedirect("http://localhost:8000/booksite/")
def dropbox_integration(request, book_id):
APP_KEY = 'xxx' #i got real values
APP_SECRET = 'xxx'
ACCESS_TYPE = 'app_folder'
if request.method == 'POST':
base_path=os.path.dirname(os.path.abspath(__file__))
config_path=os.path.join(os.path.join(base_path, 'temp_files'), "config.txt")
logger.debug("Base path="+base_path)
logger.debug("Config path="+config_path)
content=[]
if os.path.exists(config_path):
logger.debug("Config.txt var")
with open(config_path) as the_file:
content = the_file.readlines()
else:
logger.debug("Config.txt yok")
with open(config_path, 'w') as the_file:
the_file.write(APP_KEY)
the_file.write('|')
the_file.write(APP_SECRET)
config_key=content[0].split('|')[0]
config_secret=content[0].split('|')[1]
callback = "http://127.0.0.1:8000/booksite/file_upload"
sess = session.DropboxSession(config_key, config_secret, ACCESS_TYPE)
request_token = sess.obtain_request_token()
request.session['request_token']=json.dumps(request_token.__dict__)
logger.debug("req_ses="+request.session['request_token'])
url = sess.build_authorize_url(request_token, oauth_callback=callback)
request.session['book_id']=book_id
return HttpResponseRedirect(url)
return HttpResponseRedirect("http://127.0.0.1:8000/booksite/")
def file_upload(request):
APP_KEY = 'xxx' # i got real key and secret
APP_SECRET = 'xxxx'
ACCESS_TYPE = 'app_folder'
sess = session.DropboxSession(APP_KEY, APP_SECRET, ACCESS_TYPE)
b_id=request.session['book_id']
#this line is useless now
book = get_object_or_404(Book, pk=1) #book_id
#i want to upload this file to my dropbox as foo1.pdf
f = open('C:/Users/baris/workspace/OpenLibrary/booksite/temp_files/documents/docs/201462912729dt_kitap1.pdf', 'rb')
client1 = client.DropboxClient(sess)
r1 = client1.put_file('foo1.pdf', f)
url="http://localhost:8000/booksite"
return HttpResponseRedirect(url)
@csrf_protect
def file_upload(request):
base_path = os.path.dirname(os.path.abspath(__file__))
config_path = os.path.join(os.path.join(base_path, 'temp_files'), "config.txt")
logger.debug("Base path=" + base_path)
logger.debug("Config path=" + config_path)
content = []
if os.path.exists(config_path):
with open(config_path) as the_file:
content = the_file.readlines()
else:
logger.debug("Config.txt dosyasi bulunamadi.")
config_key = content[0].split('|')[0]
config_secret = content[0].split('|')[0]
ACCESS_TYPE = 'app_folder'
sess = session.DropboxSession(config_key, config_secret, ACCESS_TYPE)
b_id = request.session['book_id']
logger.debug("File upload fonksiyonu book id=" + str(b_id))
book = get_object_or_404(Book, pk=1) # book_id olarak 1 verdim.
request_token = JSONDecoder(object_hook=from_json).decode(request.session['request_token'])
logger.debug("REQUEST_TOKEN="+str(request_token))
access_token = sess.obtain_access_token(request_token)
logger.debug(access_token)
client1 = client.DropboxClient(sess)
try:
base_path1 = os.path.dirname(os.path.abspath(__file__))
with open(os.path.join(base_path1, "udacity.txt"), "rb") as fh: # os.path.join(self.path, self.filename)
path = os.path.join(path, filename)
print path
print fh
res = client1.put_file("udacity.txt", fh)
except Exception, e:
logger.debug("ERROR: " + str(e))
url = "http://127.0.0.1:8000/booksite/books/12/detail/"
return HttpResponseRedirect(url)
def from_json(json_object):
secret=""
key=""
if 'secret' in json_object:
secret=json_object['secret']
if 'key' in json_object:
key=json_object['key']
logger.debug(secret+" ---- "+key)
return session.OAuthToken(json_object['secret'], json_object['key'])
[06/Jul/2014 15:38:15] DEBUG [booksite.views:133] File upload function book id=12
[06/Jul/2014 15:38:15] DEBUG [booksite.views:164] xxxxx---- xxxx
[06/Jul/2014 15:38:15] DEBUG [booksite.views:137] REQUEST_TOKEN=<dropbox.session.OAuthToken object at 0x028BCB90>
可能是因为Django找不到您在表单中使用的{%csrf_token%}的跨站点请求伪造保护。当然,由于安全原因,您必须添加它 要为跨站点请求伪造添加安全性,您必须向视图中添加以下装饰程序:
from django.views.decorators.csrf import csrf_exempt, csrf_protect
@csrf_protect
#@csrf_exempt says to make an exemption on csrf, but of course is not secure.
#@csrf_exempt
def file_upload(request):
...
有关详细信息,请阅读谢谢您的帮助。我试过了,但与dropbox api相关的代码中还有另一个问题。我正在更新我的问题。Request Token Not Found错误消息是Dropbox服务器告诉您它无法识别您传递的请求令牌值,因此为了解决问题,我首先手动检查您的请求令牌对象上的实际密钥和秘密值,这是您所期望的。例如,将密钥与授权应用程序的/authorize URL中的密钥进行比较。像请求令牌、访问令牌、密钥、秘密等概念确实令人困惑。我想我需要从理论上的oauth教程开始,因为我被绊倒了几天。这里有一个基本教程,可能有助于理解这些概念: