Python Django每次登录苹果时都会创建新用户
通过查看此存储库的代码,我在Django上实现了使用apple后端登录 我对代码做了很少的更改,这些更改不应影响任何逻辑(如更改声明名称等) 奇怪的是,每次iOS应用程序登录苹果时,它都会重新创建一个新用户 我知道有什么办法可以解决这个问题吗Python Django每次登录苹果时都会创建新用户,python,ios,django,sign-in-with-apple,Python,Ios,Django,Sign In With Apple,通过查看此存储库的代码,我在Django上实现了使用apple后端登录 我对代码做了很少的更改,这些更改不应影响任何逻辑(如更改声明名称等) 奇怪的是,每次iOS应用程序登录苹果时,它都会重新创建一个新用户 我知道有什么办法可以解决这个问题吗 class AppleOAuth2(BaseOAuth2): """ Custom BaseOAuth2 backend class for Sign in with Apple Usage:
class AppleOAuth2(BaseOAuth2):
"""
Custom BaseOAuth2 backend class for
Sign in with Apple
Usage:
Add this to AUTHENTICATION_BACKENDS on settings.py
"""
name = 'apple'
ACCESS_TOKEN_URL = 'https://appleid.apple.com/auth/token'
SCOPE_SEPARATOR = ','
ID_KEY = 'uid'
@handle_http_errors
def do_auth(self, access_token, *args, **kwargs):
"""
Finish the auth process once the access_token was retrieved
Get the email from ID token received from apple
do_auth override this method as you need to verify the code or access token given
by mobile client from apple and get the ID token from which other details can be extracted.
"""
## Retrieve django project stored data
client_id, client_secret = self.get_key_and_secret()
headers = {'content-type': "application/x-www-form-urlencoded"}
data = {
'client_id' : client_id,
'client_secret': client_secret,
'code' : access_token,
'grant_type' : 'authorization_code',
'redirect_uri' : 'https://example-app.com/redirect'
}
## Form data
# ID Token(= from AppleID Service)
res = requests.post(AppleOAuth2.ACCESS_TOKEN_URL, data = data, headers = headers)
response_dict = res.json()
id_token = response_dict.get('id_token', None)
# Response Data
response_data = {}
if id_token:
decoded = jwt.decode(id_token, '', verify = False)
response_data.update({'email': decoded['email']}) if 'email' in decoded else None
response_data.update({'uid': decoded['sub']}) if 'sub' in decoded else None
# Response
response = kwargs.get('response') or {}
response.update(response_data)
response.update({'access_token': access_token}) if 'access_token' not in response else None
## Authenticate
kwargs.update({'response': response, 'backend': self})
return self.strategy.authenticate(*args, **kwargs)
def get_user_details(self, response):
"""
get_user_details override just to give the email address or other user
information back to the Python Social Auth framework
"""
email = response.get('email', None)
details = {
'email': email,
}
return details
def get_key_and_secret(self):
"""
get_key_and_secret override this as you have to generate
the client secret the way mentioned above
:return:
- App Bundle ID
- Client Secret
"""
headers = {
'kid': settings.SOCIAL_AUTH_APPLE_KEY_ID
}
payload = {
'iss': settings.SOCIAL_AUTH_APPLE_TEAM_ID,
'iat': timezone.now(),
'exp': timezone.now() + timedelta(days = 180),
'aud': 'https://appleid.apple.com',
'sub': settings.SOCIAL_AUTH_APPLE_APP_BUNDLE_ID,
}
client_secret = jwt.encode(
payload,
settings.SOCIAL_AUTH_APPLE_KEY_SECRET,
algorithm = 'ES256',
headers = headers
).decode("utf-8")
return settings.SOCIAL_AUTH_APPLE_APP_BUNDLE_ID, client_secret
{'error': 'invalid_grant', 'error_description': 'The code has expired or has been revoked.'}
似乎id_标记为None,因此uid也为None。我从中得到错误响应