I have tried the bluemix service 'APP ID' for node.js project which I downloaded from APP ID service instance only. The application runs well with Google and Facebook authentication.
But I have to apply authentication to Python Flask web application. For this,I have followed the github link . Here, I have provided 'clientid', 'secret' and 'redirect_uri' which I got from the 'Service Credentials' tab of the 'APP ID' instance in bluemix.
After running the app, I am getting login page but when I click 'Login' button then I am getting the error 'tenandid is in invalid format'.
Please suggest where I am doing wrong.
Thanks in advance !
Regards,
Rahul Modi
I solved the error my self. I just provided clientId, secret, redirectUri and serverUrl in the file serviceConfig.py file of the GitHub python project.
There is need to change this file by providing the above parameters otherwise you may land into the error on the line "clientId = serviceConfig.clientId" of 'welcome.py' because clientId is not accessible from serviceConfig class. The same case for 'secret' as well. Hence, define them separately in serviceConfig.py file.
The four parameters looks like below:
serverUrl='https://appid-oauth.ng.bluemix.net/oauth/v3/1b668c6a-XXXX-XXXX-XXXX-c4633e8e0c78'
redirectUri='http://localhost:5000/afterauth'
secret='NjNiODY5NDQtOXXXXXXXXXXXXXXXXXXXXzUxNDMzNzYxYjAy'
clientId='6284418c-XXXX-XXXX-XXXX-af8bf44588ec'
All these parameters you can collect from the 'Service Credentials' tab of the 'APP ID' instance in Bluemix.
Note: No need to change anything in 'welcome.py' file.
Related
I am trying to implement GoogleAuth on my app, and although it works on localhost, the GoogleAuth does not work on Heroku. When I click on Login with Google on the signup page it says this, Error 400: redirect_uri_mismatch... If you’re the app developer, make sure that these request details comply with Google policies. origin: https://astrogram-jeff.herokuapp.com and if I do it from the login it says this Error 401: invalid_client The OAuth client was not found. None of this is a problem on localhost but I ran out of ideas on what to do to fix this. I have added the ID and the secret key on the config vars on heroku, and I added https://astrogram-jeff.herokuapp.com on the JavaScript Origins and the redirect URIs, but it just does not work, the OAuth Consent Screen is also in Production so I just cannot figure out what's wrong. The Google Info is also on a .env. Any help would be greatly appreciated.
Repo: https://github.com/JeffersonGarcia15/Astrogram
Live: https://astrogram-jeff.herokuapp.com
There is an issue that when you switch from login-signup sometimes the button seems to be disabled but refreshing the page enables it again, but that's not really the main concern, the main problem is GoogleAuth not working on Heroku despite the fact that it does work on localhost. This is a Flask/PostrgreSQL/SQLAlchemy/React/Redux app.
Using code sample from GitHub that is specifically for setting up authentication for Python access to OneDrive API (I'm beginning to think this source is outdated), I've failed to make it past the part where you paste code provided by Microsoft after executing program..
Python code:
import onedrivesdk
redirect_uri = 'https://login.microsoftonline.com/common/oauth2/nativeclient'
client_secret = '*this code omitted*'
client_id='*this code omitted*'
api_base_url='https://api.onedrive.com/v1.0/'
scopes=['onedrive.readwrite']
http_provider = onedrivesdk.HttpProvider()
auth_provider = onedrivesdk.AuthProvider(
http_provider=http_provider,
client_id=client_id,
scopes=scopes)
client = onedrivesdk.OneDriveClient(api_base_url, auth_provider, http_provider)
auth_url = client.auth_provider.get_auth_url(redirect_uri)
# Ask for the code
print('Paste this URL into your browser, approve the app\'s access.')
print('Copy everything in the address bar after "code=", and paste it below.')
print(auth_url)
code = raw_input('Paste code here: ')
client.auth_provider.authenticate(code, redirect_uri, client_secret)
After executing code and pasting url in browser, a popup shows up, where I verify that I want to give my app access to API.. I hit "Ok."
I am then presented with code in URL taskbar. I copy and paste code into program..
Then the error I get is:
raise Exception(str(message["error"]))
Exception: invalid_request
Link to GitHub source used: https://github.com/OneDrive/onedrive-sdk-python
Note: I had to omit scopes such as the first two in this list:
scopes=['wl.signin', 'wl.offline_access', 'onedrive.readwrite']
because they apparently don't exist (according to error code provided by Microsoft after pasting URL into taskbar)
Is there a better source for setting up authentication for a Python program to communicate with OneDrive API?
I am a relatively new Python user, your patience is appreciated.
I ran into the same issue and the solution was to include the redirect_uri in the app registration.
This can be done at https://portal.azure.com/ und Azure Active Directory > App registrations > "Your App" > Authentication. In my case, I needed to add http://localhost:8080/ to the redirect URIs.
I found the suggestion here:
https://github.com/OneDrive/onedrive-sdk-python/issues/98
Hope it helps someone save some time.
I see the code in github https://github.com/google/enterprise-deployments/tree/master/apps/python/reseller3.0/RapidReseller,
and I try implement for see manage my reseller domain, but I have some problems.
I have :
INFO 2014-11-14 14:36:56,663 client.py:680] Refreshing access_token
INFO 2014-11-14 14:36:57,603 client.py:699] Failed to retrieve access token: {
"error" : "access_denied",
"error_description" : "Requested client not authorized."
}
File "/home/eduduarte/Downloads/ApisGoogle/google_appengine1.915/revenda/oauth2client/client.py", line 710, in _do_refresh_request
raise AccessTokenRefreshError(error_msg)
AccessTokenRefreshError: access_denied
I created the key, the enable of Api, do download of key to the app, and too I use my account super admin: in settings.py RESELLER_ADMIN, and I have "access_denied"
Please, can someone help me.
Eduardo Duarte
Did you also added the scopes in the Admin Console for the clientID of your application?
In the Admin Console https://admin.google.com go to Security > Advanced Settings > In the Authentication section go to "Manage API client access". In the "Client Name" textbox write the clientID of your app and in the "One or More API Scopes" add the next scopes:
https://www.googleapis.com/auth/apps.order
https://www.googleapis.com/auth/siteverification
https://apps-apis.google.com/a/feeds/user/
https://www.googleapis.com/auth/admin.directory.user
this is done so the domain grant the app access to the information.
I would strongly recommend checking out the codelab that we just posted. We just posted samples in four languages that walk through the entire end-to-end process of provisioning a resold customer.
https://developers.google.com/admin-sdk/reseller/v1/codelab/intro
When I follow the Quickstart Tutorial: https://developers.google.com/drive/web/quickstart/quickstart-python
Entering the URL for authentication shows the following error on the website:
Error: disabled_client
The OAuth client was disabled. Request Details
cookie_policy_enforce=false
scope=https://www.googleapis.com/auth/drive
response_type=code
redirect_uri=urn:ietf:wg:oauth:2.0:oob
access_type=offline
client_id=1086226639551-hgv3m4atq7jmsdgie1d5t92qbo8k9b1g.apps.googleusercontent.com
I created id and secret for an "Installed Application" in the developer console:
https://console.developers.google.com/project
And selected "Other" as application type.
Any idea what causes the problem might help.
[EDIT] I just used PyDrive for authentication without problems:
https://github.com/googledrive/PyDrive
So I will settle for PyDrive.
Apologies for the basic question. I am a user of django-social-auth but can't get python-social-auth off the ground.
I have downloaded the example app, successfully sync'ed the db, and added my working facebook, linkedin and twitter app keys to settings. When I run the app I get the sample homepage with all the social media links.
When click facebook OAuth2 I get an http error: 400 Client Error: Bad Request. Implying that url callback into my server to (/complete/facebook/) is badly formed.
When I click LinkedIn or Twitter I get http error: 401 Client Error: Unauthorized.
Have I missed a bit of the config? Has anyone got the example app working out of the box?
Thanks - Guy.
Did you set your secret and key for LinkedIn and Twitter in your settings.py?
Once that is done you may have to set the redirect urls with those providers.
I tested with google and had to fix my Google API Access settings.
I changed redirect urls to http://localhost:8000/complete/google-oauth2/
UPDATE:
I am having issues with LinkedIn on oauth1 & 2. There doesnt appear to be a way to get the required API key into the request. I have attempted to hard code in the oauth1_auth.py of requests_oauthlib but with no success yet.
UPDATE 2:
Twitter worked for me by making sure my twitter developer application settings had "Allow this application to Sign in with Twitter" checked and my consumer key and secret set in my settings.py like so:
# TWITTER
#
SOCIAL_AUTH_TWITTER_KEY = '<...>'
SOCIAL_AUTH_TWITTER_SECRET = '<.....>'