I have a route linked to a Flask-RESTful Resource:
api.add_resource(File, '/api/files/<int:id>')
If I now want to access that route via
/api/files/89?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc0FkbWluIjp0cnVlLCJ1c2VySWQiOjEsImV4cCI6MTQ3OTg0MTcxN30.DkoPeMeXms9j0nzmEAsGKOpIi_cRyTf4m6mQJjl17o0
i get:
"The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again. You have requested this URI [/api/files/89] but did you mean /api/files/<int:id> or /api/files or /api/users/<int:id> ?"
If I try to simply:
/api/files/89
without the query parameter, everything works fine.
Where is the problem?
I solved the problem. It wasnt something related to the router, instead I messed up the view logic.
Related
I have been following the django-oAuth-toolkit documentation. In the Authorization Code step, I have registered an application as shown in the screenshot.
But then the next step is given like this:
To start the Authorization code flow go to this URL which is the same as shown below:
http://127.0.0.1:8000/o/authorize/?response_type=code&client_id=vW1RcAl7Mb0d5gyHNQIAcH110lWoOW2BmWJIero8&redirect_uri=http://127.0.0.1:8000/noexist/callback
But when I replace my client id and ping that URL it redirects me to the following URL:
http://localhost:8000/noexist/callback?error=invalid_request&error_description=Code+challenge+required.
I have tried to google that error but it's such a common keyword that I am unable to find anything that is related to my issue. I am probably missing something obvious, I am new to Python and Django.
Note: In the documentation screenshot there is one form field missing which is there in my local environment. It's the algorithm field.
After debugging for so many hours I came to this, please include it in your settings.py file and it works. Maybe it is a bug since we defined our app as confidential with authorization_code grant type but oauth_provider is thinking it as public and trying to validate for pkce.
OAUTH2_PROVIDER = {
"PKCE_REQUIRED": False
}
I followed the steps in this tutorial to enable SSO with Azure Active Directory for the admin portion (to start) of my Django app:
https://django-microsoft-auth.readthedocs.io/en/latest/usage.html
Navigating to /admin yields this page, which is good:
Clicking Microsoft brings up this new window:
The important error seems to be:
AADSTS90102: 'redirect_uri' value must be a valid absolute URI.
In this window, I used the browser console and found that a GET request was being made like this:
https://login.microsoftonline.com/50ce...90ac7/oauth2/v2.0/authorize?response_type=code&client_id=f4...27&redirect_uri=https,https://example.org/microsoft/auth-callback/&s...
Note the redirect_uri=https,https://.... It seems like that leading "https," is superfluous and is causing the problem. Any ideas where that could be coming from?
In my Azure app, the redirect URI is set to https://example.org/microsoft/auth-callback/:
I'm using Python 3.9.6, Django 3.2, django-microsoft-auth 2.4.0, NGINX 1.18.0, uvicorn 0.14.0
I've searched for help on this and haven't found anything relevant to my situation. Thanks in advance!
Based on the SO Thread Reference.
Use http as the redirect URI instead of https to resolve the issue in most cases.
use
http://localhost:8080/microsoft/auth-callback/
Instead of
https://localhost:8080/microsoft/auth-callback/
If there is a option,
Use localhost:8080 into the table django_site
Reference SO Thread: django-microsoft-auth : The provided value for the input parameter 'redirect_uri' is not valid
As you think, the first https is superfluous, you just need to delete it.
https://login.microsoftonline.com/50ce...90ac7/oauth2/v2.0/authorize?response_type=code&client_id=f4...27&redirect_uri=https://example.org/microsoft/auth-callback/&s...
By the way, I think there is no problem with the redirect_uri you set in the Azure portal.
I guess it is a problem of the redirecting URL. The example URL is coming from django site table. So first of all you need to enable the site:
#in settings.py
SITE_ID = 1
Afterwards you can go to the admin interface and set the url of the site to the correct domain. From my experience I know that it won't work without that.
I need to get the current URL of my application in my views.py. Not the bookmark I am in but the address to the home page (all).
I finded this solution:
url = "{0}://{1}".format(request.scheme, request.get_host())
But i but I think it can be simpler . Not using 'request ....' twice and by obtaining an interpretation of one variable.
Any good suggestions will be appreciated.
url = request.build_absolute_uri("/")
See the Django documentation reference:
Returns the absolute URI form of location. If no location is provided, the location will be set to request.get_full_path().
If the location is already an absolute URI, it will not be altered. Otherwise the absolute URI is built using the server variables available in this request.
This seems to be what you are asking for.
I've been struggling with this for a while, and can't seem to figure it out.
I have a google appengine project, with flask, and I need a route that handles base64 URIencoded data.
Here is the handler I have for this route:
#app.route('/test/<data1>/<data2>', methods=['GET'])
def test(data1, data2):
return "data1:%s<br>data2:%s"%(data1, data2)
Now, this works nicely when running with dev_appserver:
http://localhost/test/hi/there
# returns:
data1:hello
data2:there
and
http://localhost/test/hi%2fho/there
# returns:
data1:hi%2Fho
data2:there
which is what I would expect.
Using the same urls on a deployed version to appengine:
The first one returns the same result
The second one fails, because the %2f gets decoded before the routing to a /, therefore the route does not match the pattern anymore.
My question(s):
Why does appengine (or flask?) decode the url before routing ?
Why is the behavior not consistent between local and deployed appengine ?
Thanks for your help
I created an issue on google's issue tracker, and someone acknowledged it.
I guess we just have to wait now.
Link to protofile here.
I need to pass a hash , a database ref, anything really so that I can know for sure that a customer visiting my payment request url came from my website and isn't some arbitrary bot pinging me and causing me to create new btc addresses for no reason.
I tried the following:
bitcoin:<non-bip-btcaddress>?r=http://127.0.0.1:8000/paymentobject/?ref=<unique-hash>
but it wasn't compatible with mobile wallets.
I'm now trying to pass a param inside urls.py
#urls.py
url(r'^paymentobject/(?P<ref>\w+)/$', 'project.views.paymentobject', name='paymentobject'),
#views.py
def paymentobject(request, ref):
secret = ref #and so on...
This approach works in the browser and I'm able to download the octet-stream file just fine, however when accessing the uri through bitcoin-qt (0.9x) or a mobile wallet I'm met with the error:
301: MOVED PERMANENTLY
Any advice would be greatly appreciated :)
Thanks
Problem was that the trailing slash was missing from the end of the url below.
btcbip_url = 'bitcoin:%s?r=%s/paymentobject/%s/'
Original anser here.