Fatal编程技术网
  • python/
  • Python flask oauthlib服务器没有';无法很好地处理oauthlib客户端的请求

Python flask oauthlib服务器没有';无法很好地处理oauthlib客户端的请求

python oauth flask oauth-2.0

Python flask oauthlib服务器没有';无法很好地处理oauthlib客户端的请求,python,oauth,flask,oauth-2.0,Python,Oauth,Flask,Oauth 2.0,我有一个flask oauthlib服务器正在运行,并且在使用来自的客户端代码时能够正确地进行授权/身份验证。我意识到并非所有客户机都安装了flask oauthlib,因此我尝试创建一个请求oauthlib的客户机,但它在我的服务器上失败(即使请求oauthlib提供的“Github示例”工作正常) 以下是我的oauthlib客户端代码: from requests_oauthlib import OAuth2Session from flask import Flask, request,

我有一个flask oauthlib服务器正在运行,并且在使用来自的客户端代码时能够正确地进行授权/身份验证。我意识到并非所有客户机都安装了flask oauthlib,因此我尝试创建一个请求oauthlib的客户机,但它在我的服务器上失败(即使请求oauthlib提供的“Github示例”工作正常)

以下是我的oauthlib客户端代码:

from requests_oauthlib import OAuth2Session
from flask import Flask, request, redirect, session, url_for
from flask.json import jsonify
import os

app = Flask(__name__)

client_id = 'M2GCECELADgqZNke50iShcXRjq0pyO8i72W38l7U'
client_secret = 'ao5wrWp7RrUuKlgTxjmK6D7Z9dsPlI6fZc2WwkTTG4eEvXsN1q'
authorization_base_url = 'http://127.0.0.1:5000/oauth/authorize'
token_url = 'http://127.0.0.1:5000/oauth/token'

@app.route("/")
def demo():
  remote = OAuth2Session(client_id)
  authorization_url, state = remote.authorization_url(authorization_base_url)
  session['oauth_state'] = state
  return redirect(authorization_url)

@app.route("/authorized", methods=["GET"])
def authorized(): # this is where it fails
  remote = OAuth2Session(client_id, state=session['oauth_state'])
  token = remote.fetch_token(token_url, client_secret=client_secret, authorization_response=request.url)
  session['oauth_token'] = token
  return redirect(url_for('.profile'))

@app.route("/profile", methods=["GET"])
def profile():
  remote = OAuth2Session(client_id, token=session['oauth_token'])
  return jsonify(remote.get('http://127.0.0.1:5000/api/me').json())

if __name__ == "__main__":
  os.environ['DEBUG'] = '1'
  app.secret_key = os.urandom(24)
  app.run(host='localhost', port=8000,debug=True, use_reloader=False)
在服务器上,下面是令牌处理程序。它目前返回None,我试图让它返回一个字典和一个json编码的字典,但没有成功

@app.route('/oauth/token')
@oauth.token_handler
def access_token():
  return None
我的服务器代码的其余部分直接取自

为什么这只适用于一个oauthlib客户端,而不适用于另一个?我是oauthlib的新手,所以也许我错过了一些简单的愚蠢的事情

编辑:我正在使用:

oauthlib 0.6.1
flask-oauthlib 0.4.3
requests 2.2.1
requests-oauthlib 0.4.0
flask 0.10.1
python 2.7
编辑#2:请求oauthlib客户端的日志:

Requesting url http://127.0.0.1:5000/oauth/token using method POST.
Supplying headers {u'Accept': u'application/json'} and data {u'code': u'vG7shZebClhAjzmSUQuHoqlXNrPTVr', u'client_secret': u'qdlmQvf5tdSVxFqixeE4wOKxe3awfEbsymCOpjeTIZEaWjbbB5', u'grant_type': u'authorization_code', u'client_id': u'EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96'}
Passing through key word arguments {'auth': None}.
Prepared fetch token request body grant_type=authorization_code&code=vG7shZebClhAjzmSUQuHoqlXNrPTVr&client_id=EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96&client_secret=qdlmQvf5tdSVxFqixeE4wOKxe3awfEbsymCOpjeTIZEaWjbbB5
Request to fetch token completed with status 405.
Response headers were CaseInsensitiveDict({'date': 'Tue, 25 Feb 2014 21:19:32 GMT', 'content-length': '178', 'content-type': 'text/html', 'allow': 'HEAD, OPTIONS, GET', 'server': 'Werkzeug/0.9.4 Python/2.7.5+'}) and content <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>405 Method Not Allowed</title>
<h1>Method Not Allowed</h1>
<p>The method is not allowed for the requested URL.</p>
.
Invoking 0 token response hooks.
127.0.0.1 - - [25/Feb/2014 14:19:32] "GET /authorized?state=qPJnIJctmsTbojT2nTOkgRNwgnU8vF&code=vG7shZebClhAjzmSUQuHoqlXNrPTVr HTTP/1.1" 500 -
Traceback (most recent call last):
....
....
ValueError: No JSON object could be decoded
编辑#4:服务器的oauthlib日志记录:

Validating redirection uri None for client EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96.
Using default redirect_uri http://localhost:8000/authorized.
Validating access to scopes ['email'] for client u'EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96' (<api.models.Client object at 0x7fb104026e50>).
127.0.0.1 - - [25/Feb/2014 14:12:30] "GET /oauth/authorize?response_type=code&client_id=EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96&state=oHvelCpzosGfJd7ZzCeBvsmRANmipb HTTP/1.1" 200 -
Dispatching response_type code request to <oauthlib.oauth2.rfc6749.grant_types.authorization_code.AuthorizationCodeGrant object at 0x2db44d0>.
Validating redirection uri None for client EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96.
Using default redirect_uri http://localhost:8000/authorized.
Validating access to scopes [u'email'] for client u'EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96' (<api.models.Client object at 0x7fb10403e210>).
Pre resource owner authorization validation ok for <oauthlib.common.Request object at 0x7fb104026210>.
Created authorization code grant {u'state': u'oHvelCpzosGfJd7ZzCeBvsmRANmipb', u'code': u'yAZZwtCd1IyAeBtHEgg4YTnHl46Ddf'} for request <oauthlib.common.Request object at 0x7fb104026210>.
Saving grant {u'state': u'oHvelCpzosGfJd7ZzCeBvsmRANmipb', u'code': u'yAZZwtCd1IyAeBtHEgg4YTnHl46Ddf'} for <oauthlib.common.Request object at 0x7fb104026210>.
127.0.0.1 - - [25/Feb/2014 14:12:32] "POST /oauth/authorize HTTP/1.1" 302 -
127.0.0.1 - - [25/Feb/2014 14:12:32] "POST /oauth/token HTTP/1.1" 405 -

正在验证客户端EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96的重定向uri无。
使用默认重定向urihttp://localhost:8000/authorized.
正在验证客户端u'exewk3x3du1niwk7afnjr43jrhpsy8bhqm1mohc96'()对作用域['email']的访问权限。
127.0.0.1---[25/Feb/2014 14:12:30]“GET/oauth/authorize?response_type=code&client_id=exewk3x3ddu1niwk7afnjrhpsy8bhqm1mohc96&state=oHvelCpzosGfJd7ZzCeBvsmRANmipb HTTP/1.1”200-
正在将响应类型代码请求发送到。
正在验证客户端EXewK3X3dU1NiWk7AfNj43jrhpSy8bHQm1mOHC96的重定向uri None。
使用默认重定向urihttp://localhost:8000/authorized.
正在验证客户端u'exewk3x3du1niwk7afnjr43jrhpsy8bhqm1mohc96'()对作用域[u'email']的访问权限。
对的预资源所有者授权验证确定。
已为请求创建授权代码授予{u'state':u'ohevelcpzosgfjd7zzcebvsmranmipb',u'code':u'yazzwtcd1yaebthegg4ytnhl46ddf'}。
正在为保存授予{u'state':u'oHvelCpzosGfJd7ZzCeBvsmRANmipb',u'code':u'yazzwtcd1yaebthegg4ytnhl46ddf'}。
127.0.0.1--[25/Feb/2014 14:12:32]“POST/oauth/authorize HTTP/1.1”302-
127.0.0.1--[25/Feb/2014 14:12:32]“POST/oauth/token HTTP/1.1”405-
记录器非常清晰

Requesting url http://127.0.0.1:5000/oauth/token using method POST.
Request to fetch token completed with status 405.
<title>405 Method Not Allowed</title>
<h1>Method Not Allowed</h1>
<p>The method is not allowed for the requested URL.</p>
或者您可以使用访问令牌的GET方法进行请求,我相信这可以在请求oauthlib中设置。

您是否尝试过清除浏览器历史记录和会话?有时旧的代币等可以挂在那里。我确实挂了。我甚至在Firefox和Chrome中尝试过,并清除了会话变量、历史记录等。不走运。是的,我刚刚尝试过,我得到了与youAh相同的错误,现在看起来很明显(我是Flask新手,没有完全理解默认的GET请求)。谢谢,谢谢,谢谢!!!! 
Requesting url http://127.0.0.1:5000/oauth/token using method POST.
Request to fetch token completed with status 405.
<title>405 Method Not Allowed</title>
<h1>Method Not Allowed</h1>
<p>The method is not allowed for the requested URL.</p>

@app.route('/oauth/token', methods=['POST'])
@oauth.token_handler
def access_token():
    return None