I'm trying to enable "User-Restricted Resource Access" in my eve application with Basic Authentication. http://python-eve.org/authentication.html#user-restricted-resource-access
The Problem is since I enabled it I get for every http request on the API a "500 error"
If I fire up the API without basic authentication params I get a bad credentials error, so the Basic Authentication works fine.
This is the eve DEBUG Output:
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1836, in __call__
return self.wsgi_app(environ, start_response)
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1820, in wsgi_app
response = self.make_response(self.handle_exception(e))
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1403, in handle_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1817, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1477, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1381, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1475, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/Flask-0.10.1-py2.7.egg/flask/app.py", line 1461, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/usr/local/lib/python2.7/dist-packages/Eve-0.3-py2.7.egg/eve/methods/common.py", line 226, in rate_limited
return f(*args, **kwargs)
File "/usr/local/lib/python2.7/dist-packages/Eve-0.3-py2.7.egg/eve/auth.py", line 43, in decorated
if not auth.authorized(roles, resource_name, request.method):
File "/usr/local/lib/python2.7/dist-packages/Eve-0.3-py2.7.egg/eve/auth.py", line 97, in authorized
allowed_roles, resource, method)
**File "/home/maanuel/emberv/eve/run.py", line 12, in check_auth
self.set_request_auth_value(account['_id'])
AttributeError: 'BCryptAuth' object has no attribute 'set_request_auth_value'**
It seems like the set_request_auth_class is missing
I'm using eve 0.3 installed with easy_install
You are reading the documentation about the development version (as stated on all pages at python-eve.org.) One relevant change coming with v0.4 is the way auth tokens are set. So basically, you are applying 0.4-dev syntax to Eve v0.3. You should probably follow these instructions instead.
PS: 0.4 is due for release real soon so you might want to stick with that one, so you don't have to update your code again soon.
Related
I have a flask application which was deployed to IBM Bluemix Cloud (which runs on Python 2.7). The application was developed using Python 3 and was made backwards compatible using pasteurize command. The application (after pasteurize) runs as intended on local machine having Python 3, but on the cloud, the instance, when called, raises the following exception:
File "/home/vcap/deps/0/python/lib/python2.7/site-packages/flask/app.py", line 1997, in __call__
return self.wsgi_app(environ, start_response)
File "/home/vcap/deps/0/python/lib/python2.7/site-packages/flask/app.py", line 1985, in wsgi_app
response = self.handle_exception(e)
File "/home/vcap/deps/0/python/lib/python2.7/site-packages/flask/app.py", line 1540, in handle_exception
reraise(exc_type, exc_value, tb)
File "/home/vcap/deps/0/python/lib/python2.7/site-packages/flask/app.py", line 1982, in wsgi_app
response = self.full_dispatch_request()
File "/home/vcap/deps/0/python/lib/python2.7/site-packages/flask/app.py", line 1614, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/home/vcap/deps/0/python/lib/python2.7/site-packages/flask/app.py", line 1517, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/home/vcap/deps/0/python/lib/python2.7/site-packages/flask/app.py", line 1612, in full_dispatch_request
rv = self.dispatch_request()
File "/home/vcap/deps/0/python/lib/python2.7/site-packages/flask/app.py", line 1598, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/home/vcap/app/search.py", line 147, in search
questions_sorted = sorted(question_scores, key=question_scores.get, reverse=True)[:answer_limit]
TypeError: slice indices must be integers or None or have an __index__ method
question_scores is a dictionary having integer keys and float values. After getting the exception, I have additionally put the keys through int method while addition into question_scores, but with no luck as the exception is still raised. So, where am I wrong?
I am building a simple “Hello World” using Python, Flask and the Shopify Embedded SDK. Following this tutorial----> https://medium.com/#dernis/shopify-embedded-sdk-with-python-flask-6af197e88c63.
After doing all the work when I go to the link ' https://localhost:5000/shopify/install?shop=khawaja-kaleem-com.myshopify.com ' to install the application to test store it gives me this error. Need to fix it.
shopify.api_version.VersionNotFoundError.
TRACEBACK (MOST RECENT CALL LAST)
File "C:\Users\92344\Anaconda3\lib\site-packages\flask\app.py", line 2309, in __call__
return self.wsgi_app(environ, start_response)
File "C:\Users\92344\Anaconda3\lib\site-packages\flask\app.py", line 2295, in wsgi_app
response = self.handle_exception(e)
File "C:\Users\92344\Anaconda3\lib\site-packages\flask\app.py", line 1741, in handle_exception
reraise(exc_type, exc_value, tb)
File "C:\Users\92344\Anaconda3\lib\site-packages\flask\_compat.py", line 35, in reraise
raise value
File "C:\Users\92344\Anaconda3\lib\site-packages\flask\app.py", line 2292, in wsgi_app
response = self.full_dispatch_request()
File "C:\Users\92344\Anaconda3\lib\site-packages\flask\app.py", line 1815, in full_dispatch_request
rv = self.handle_user_exception(e)
File "C:\Users\92344\Anaconda3\lib\site-packages\flask\app.py", line 1718, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "C:\Users\92344\Anaconda3\lib\site-packages\flask\_compat.py", line 35, in reraise
raise value
File "C:\Users\92344\Anaconda3\lib\site-packages\flask\app.py", line 1813, in full_dispatch_request
rv = self.dispatch_request()
File "C:\Users\92344\Anaconda3\lib\site-packages\flask\app.py", line 1799, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "C:\Users\92344\Downloads\HelloShopify-master\helloshopify\shopify_bp\views.py", line 36, in install
session = shopify.Session(shop_url)
File "C:\Users\92344\Anaconda3\lib\site-packages\shopify\session.py", line 47, in __init__
self.version = ApiVersion.coerce_to_version(version)
File "C:\Users\92344\Anaconda3\lib\site-packages\shopify\api_version.py", line 18, in coerce_to_version
raise VersionNotFoundError
shopify.api_version.VersionNotFoundError
You need to specify the API version you wish to use. Set the version before you make any calls. 2020-10 is the default for now.
See the documentation, it explains everything to you.
https://help.shopify.com/en/api/versioning
The ShopifyAPI package specifies the allowed versions in the 'shopify/api_version.py' file. In my case the Shopify platform latest API version is '2022-10' but the latest version allowed by the ShopifyAPI package is '2022-07'.
It seems that the ShopifyAPI package is not always updated quickly after the release of a new API version on the Shopify platform. Try aligning the API version to one of the versions allowed to work around this error.
I am creating a bot with Spark (chat for enterprise), in Python, I use PyGitHub for the librairy.
So when I write "repos" in my room with the bot he has to send me back the list of my repos.
It works fine with my github personnal account but not with my professionnal account.
If you can explain me why ?
here my code:
def gitTest(self, details, message):
url = "https://enter-prise.com"
token = "abcd"
github = Github(token, base_url=url)
for repo in github.get_organization("org").get_repos():
self.answer(details.roomId, markdown=repo.name)
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1997, in __call__
return self.wsgi_app(environ, start_response)
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1985, in wsgi_app
response = self.handle_exception(e)
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1540, in handle_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1982, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1614, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1517, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1612, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python2.7/dist-packages/flask/app.py", line 1598, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/home/mflamant/Documents/bot/CiscoSparkPython/testbotforgithub/main.py", line 44, in Main
bot.isRunnable()
File "/home/mflamant/Documents/bot/CiscoSparkPython/testbotforgithub/utils/Compute.py", line 47, in isRunnable
self.spark(message[0], message[1])
File "/home/mflamant/Documents/bot/CiscoSparkPython/testbotforgithub/testbotforgithub.py", line 33, in spark
return self.answer(details.roomId, markdown=self.gitTest(details, message))
File "/home/mflamant/Documents/bot/CiscoSparkPython/testbotforgithub/testbotforgithub.py", line 56, in gitTest
for repo in github.get_organization(adt).get_repos():
File "/usr/local/lib/python2.7/dist-packages/PyGithub-1.35-py2.7.egg/github/Organization.py", line 539, in get_repos
self.url + "/repos",
TypeError: unsupported operand type(s) for +: 'NoneType' and 'str'
Can you explain me what is wrong with my code ? thank you
If gitTest is an instance method, you need to assign to the attribute self.url, not just to the local variable url. So your method should probably look like this:
def gitTest(self, details, message):
self.url = "https://enter-prise.com"
self.token = "abcd"
github = Github(token, base_url=url)
for repo in github.get_organization("org").get_repos():
self.answer(details.roomId, markdown=repo.name)
This is why you pass in the reference to self as the first argument of any instance method.
I have an email confirmation feature on my Flask application. For this to work, I must create a token which will go in a confirmation link. To create the token I'm using Its Dangerous like so:
from itsdangerous import URLSafeTimedSerializer
ts = URLSafeTimedSerializer(app.config["SECRET_KEY"])
token = ts.dumps(email, salt='email-confirm-key')
confirm = url_for('confirm', token=token, _external=True)
After running this, I receive an error stating cannot concatenate 'str' and 'NoneType' objects from the following traceback:
Traceback (most recent call last):
File "/Users/pavsidhu/Documents/Web-Development/myapp/env/lib/python2.7/site-packages/flask/app.py", line 1836, in __call__
return self.wsgi_app(environ, start_response)
File "/Users/pavsidhu/Documents/Web-Development/myapp/env/lib/python2.7/site-packages/flask/app.py", line 1820, in wsgi_app
response = self.make_response(self.handle_exception(e))
File "/Users/pavsidhu/Documents/Web-Development/myapp/env/lib/python2.7/site-packages/flask/app.py", line 1403, in handle_exception
reraise(exc_type, exc_value, tb)
File "/Users/pavsidhu/Documents/Web-Development/myapp/env/lib/python2.7/site-packages/flask/app.py", line 1817, in wsgi_app
response = self.full_dispatch_request()
File "/Users/pavsidhu/Documents/Web-Development/myapp/env/lib/python2.7/site-packages/flask/app.py", line 1477, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/Users/pavsidhu/Documents/Web-Development/myapp/env/lib/python2.7/site-packages/flask/app.py", line 1381, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/Users/pavsidhu/Documents/Web-Development/myapp/env/lib/python2.7/site-packages/flask/app.py", line 1475, in full_dispatch_request
rv = self.dispatch_request()
File "/Users/pavsidhu/Documents/Web-Development/myapp/env/lib/python2.7/site-packages/flask/app.py", line 1461, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/Users/pavsidhu/Documents/Web-Development/myapp/myapp/views/confirmation.py", line 62, in resend
activateEmail(email)
File "/Users/pavsidhu/Documents/Web-Development/myapp/myapp/views/functions.py", line 34, in activateEmail
token = ts.dumps(email, salt='email-confirm-key')
File "/Users/pavsidhu/Documents/Web-Development/myapp/env/lib/python2.7/site-packages/itsdangerous.py", line 566, in dumps
rv = self.make_signer(salt).sign(payload)
File "/Users/pavsidhu/Documents/Web-Development/myapp/env/lib/python2.7/site-packages/itsdangerous.py", line 412, in sign
return value + sep + self.get_signature(value)
File "/Users/pavsidhu/Documents/Web-Development/myapp/env/lib/python2.7/site-packages/itsdangerous.py", line 347, in get_signature
key = self.derive_key()
File "/Users/pavsidhu/Documents/Web-Development/myapp/env/lib/python2.7/site-packages/itsdangerous.py", line 334, in derive_key
self.secret_key).digest()
TypeError: cannot concatenate 'str' and 'NoneType' objects
I'm unsure what the issue is, as email is a string and the salt is one too. What could be the problem? Thanks.
The issue is this line:
ts = URLSafeTimedSerializer(app.config["SECRET_KEY"])
It looks like your app.config["SECRET_KEY"] is not being set correctly. If you replace that line with this
ts = URLSafeTimedSerializer('test')
You should find that it works. So you need to find out why app.config["SECRET_KEY"] is not being set correctly.
I am using flask-dance to authenticate to Google's servers.
Config for flask-dance:
from flask.ext.dance.contrib.google import make_google_blueprint
google_blueprint = make_google_blueprint (
client_id=app.config['GOOGLE']['client_id'],
client_secret=app.config['GOOGLE']['client_secret'],
scope=["profile", "email"],
redirect_to="main.index",
login_url="/",
authorized_url="/authorized",
)
app.register_blueprint(google_blueprint,url_prefix="/login")
However, I am getting Warning: Scope has changed from "profile email" to "". after you go through Google's credential dialog box.
Here's the full trace:
Traceback (most recent call last):
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/flask/app.py", line 1836, in __call__
return self.wsgi_app(environ, start_response)
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/flask/app.py", line 1820, in wsgi_app
response = self.make_response(self.handle_exception(e))
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/flask/app.py", line 1403, in handle_exception
reraise(exc_type, exc_value, tb)
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/flask/app.py", line 1817, in wsgi_app
response = self.full_dispatch_request()
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/flask/app.py", line 1477, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/flask/app.py", line 1381, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/flask/app.py", line 1475, in full_dispatch_request
rv = self.dispatch_request()
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/flask/app.py", line 1461, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/flask_dance/consumer/oauth2.py", line 168, in authorized
client_secret=self.client_secret,
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/requests_oauthlib/oauth2_session.py", line 199, in fetch_token
self._client.parse_request_body_response(r.text, scope=self.scope)
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/oauthlib/oauth2/rfc6749/clients/base.py", line 409, in parse_request_body_response
self.token = parse_token_response(body, scope=scope)
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 376, in parse_token_response
validate_token_parameters(params)
File "/home/xxx/.virtualenvs/flask/lib/python2.7/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 406, in validate_token_parameters
raise w
Warning: Scope has changed from "profile email" to "".
On the Chrome Dev Console I get this (after the Account Chooser window right before the traceback):
GET http://localhost:5000/login/authorized?state=11rtXcAHJm0jloiDpM8IrazD9uLT3b…xnXM0ZB1DumOPqFOgu-x19CDSbDfQoKLWVEfBRTQIg.gvDk1rm330AV3oEBd8DOtNAR0Vr7lQI 500 (INTERNAL SERVER ERROR)
Navigated to http://localhost:5000/login/authorized?state=11rtXcAHJm0jloiDpM8IrazD9uLT3b…xnXM0ZB1DumOPqFOgu-x19CDSbDfQoKLWVEfBRTQIg.gvDk1rm330AV3oEBd8DOtNAR0Vr7lQI
If I do os.environ['OAUTHLIB_RELAX_TOKEN_SCOPE'] = '1' it works, but I don't think this is a solution but more of a workaround for now. :(
I opened a ticket on the issue Google OAuth2 returns no scope on authentication breaks scope test #306 on the issue.
From what I can tell from https://www.rfc-editor.org/rfc/rfc6749#section-3.3, Google isn't required to return the scope (unless the scope was changed), am I reading this correctly?
Nearest thing I can figure is there is a bug in the oauthlib plugin which I opened a bug report with already.
From the bug report, you can fix the issue by changing the file /oauth2/rfc6749/tokens.py in the plugin on Line 30 from self._new_scope = set(utils.scope_to_list(params.get('scope', ''))) to self._new_scope = set(utils.scope_to_list(params.get('scope', old_scope)))
Fix was merged: https://github.com/idan/oauthlib/pull/323