Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

This doesn't support oauth2/v3 right? #791

Closed
shahzaibmuneeb opened this issue Nov 18, 2015 · 6 comments
Closed

This doesn't support oauth2/v3 right? #791

shahzaibmuneeb opened this issue Nov 18, 2015 · 6 comments

Comments

@shahzaibmuneeb
Copy link

https://developers.google.com/identity/sign-in/android/backend-auth

I get the 403 forbidden error, with a token I am generating on my frontend app. The python-social-auth backend was working fine initially and now doesn't work with this new token so I am guessing this library doesn't support the new v3 endpoints?

I may be completely off. Any more information on this?
@bmurithi
Copy link

Encountered the same issue - This is a workaround.

Had to take an extra measure to convert the serverAuthCode (from android application) to an access token which can then be used to get the user profile or access other APIs.

See: https://developers.google.com/identity/protocols/OAuth2InstalledApp
Using: https://github.com/PhilipGarnero/django-rest-framework-social-oauth2

I would imagine a similar approach for PSA (convert auth code to access token).

class ConvertTokenViewCustom(ConvertTokenView):
    """
     Transform Google Token request to access token.
    """

    GOOGLE_BACKEND_KEY = "google-oauth2"
    GOOGLE_TOKEN_URL = "https://www.googleapis.com/oauth2/v3/token"
    # should match configured redirect URL on Google Developer console
    GOOGLE_REDIRECT_URL = "<REDIRECT-URL>"

    def get_google_token(self, server_token):
        params = dict(code=server_token,
                      client_id=settings.SOCIAL_AUTH_GOOGLE_OAUTH2_KEY,
                      client_secret=settings.SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET,
                      redirect_uri=self.GOOGLE_REDIRECT_URL,
                      grant_type="authorization_code")
        response = requests.post(self.GOOGLE_TOKEN_URL, data=params)
        response_json = response.json()
        return response_json.get("access_token", server_token)

    def post(self, request, *args, **kwargs):
        request.POST = request.POST.copy()
        backend = request.POST.get("backend")
        if backend == self.GOOGLE_BACKEND_KEY:
            request.POST["token"] = self.get_google_token(request.POST.get("token"))
        return super(ConvertTokenViewCustom, self).post(request, *args, **kwargs)

@ZuSe
Copy link

ZuSe commented Dec 8, 2015

Are their any plans to support google-oauth v3? Otherwise every android app struggles with authentication.
@rithi Thanks for the workaround, gonna to try it out for our application.

@anujism
Copy link

anujism commented Apr 6, 2016

Is there any plan to support this?

@pnagle
Copy link

pnagle commented Jul 15, 2016

Is google-auth v4 supporting now ?

@alexandcote
Copy link

@omab Same question here ? Can I help you with that ?

@omab
Copy link
Owner

omab commented Dec 27, 2016

Version updated python-social-auth/social-core@54e245c.

@omab omab closed this as completed Dec 27, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@omab @ZuSe @alexandcote @shahzaibmuneeb @anujism @bmurithi @pnagle