Comments (7)
I think @ib-lundgren is in the best place to answer this.
from requests-oauthlib.
@Miserlou Happy to hear you want to write docs :)
I've scribbled together an untested example based on the Google OAuth 2 example but for the UserAgent flow. Let me know what errors you run into and I'll investigate...
# Credentials you get from registering a new application
client_id = '<the id you get from google>.apps.googleusercontent.com'
redirect_uri = 'https://your.registered/callback'
# OAuth endpoints given in the Google API documentation
authorization_base_url = "https://accounts.google.com/o/oauth2/auth"
scope = [
"https://www.googleapis.com/auth/userinfo.email",
"https://www.googleapis.com/auth/userinfo.profile"
]
from oauthlib.oauth2 import MobileClient
client = MobileClient(client_id)
from requests_oauthlib import OAuth2Session
google = OAuth2Session(client_id, client=client, scope=scope, redirect_uri=redirect_uri)
# Redirect user to Google for authorization
authorization_url, state = google.authorization_url(authorization_base_url,
# offline for refresh token
# force to always make user click authorize
access_type="offline", approval_prompt="force")
print 'Please go here and authorize,', authorization_url
# Get the authorization verifier code from the callback url
redirect_response = raw_input('Paste the full redirect URL here:')
# Fetch the access token
google.token_from_fragment(redirect_response)
# Fetch a protected resource, i.e. user profile
r = google.get('https://www.googleapis.com/oauth2/v1/userinfo')
print r.content
Oh, and in the docs it is worth noting that python web apps want should not use this OAuth flow but it is perfect for desktop apps controlling a browser.
from requests-oauthlib.
Okay cool! I actually like writing docs.. what's the point of writing a library if you don't tell people how to use it?
So we're using django-oauth-toolkit to associate clients with accounts on our web application. Because it's for mobile clients, there is no need for any callback or redirect APIs - there is no user interaction at all. The user has the client_id and a secret, it just needs to get an access token.
My purpose here is to write a python client with requests-oauthlib which can test an API configured in such a way.
So far, the only way I've found that is to do this:
response = requests.post(BASE_URL + ACCESS_TOKEN_PATH, {'grant_type': 'client_credentials', 'client_id': CLIENT_ID, 'client_secret': CLIENT_SECRET})
token = response.json() # {u'access_token': u'QMa1rtXXXXXXXXXXXXXXd', u'token_type': u'Bearer', u'expires_in': 36000, u'scope': u'read write'}
client = MobileApplicationClient(CLIENT_ID)
session = OAuth2Session(CLIENT_ID, client=client, token=token)
print session.get(API_URL + 'hello/') # <Response [200]>
Is there any way for requests-oauthlib to do the first part so I don't have to make the call directly with requests.post?
from requests-oauthlib.
Yes. Try this code
client = oauthlib.oauth2.BackendApplicationClient(CLIENT_ID)
session = requests_oauthlib.OAuth2Session(CLIENT_ID, client=client)
token = session.fetch_token("https://your.token/endpoint", client_id=CLIENT_ID, client_secret=CLIENT_SECRET)
# store token if you fancy
session.get(API_URL + 'hello/')
It might be worth adding an alias for this way/flow along the lines of "SingleUserClient" (or "NonInteractiveSingleUserClient") as that is the second use case for this flow and possibly even more common.
Note that CLIENT_ID is supplied three times but only the last one matters as the first two are for consistency with other flows but unused. Whereas the last one forces client_id and client_secret to be included in the request (since this is not mandated in the oauth 2 spec its not always done). By using BackendApplicationClient the grant_type will be set for you.
Also note that the type of client only matters when obtaining the token. Once you have the token you can just use default.
# sometime later
token = load_token_from_db(CLIENT_ID)
session = OAuth2Session(CLIENT_ID, token=token)
print session.get(API_URL + 'hello/')
from requests-oauthlib.
I've tried the code with the Github API but I must be doing something wrong:
import requests_oauthlib
from oauthlib.oauth2 import BackendApplicationClient
client_id = "my_client_id"
client_secret = "my_client_secret"
token_url = 'https://github.com/login/oauth/access_token'
client = BackendApplicationClient(client_id)
session = requests_oauthlib.OAuth2Session(client_id, client=client)
token = session.fetch_token(token_url, client_id=client_id, client_secret=client_secret)
# store token if you fancy
session.get('https://api.github.com/user')
I get a response from github:
"error=bad_verification_code&error_description=The+code+passed+is+incorrect+or+expired.&error_uri=http%3A%2F%2Fdeveloper.github.com%2Fv3%2Foauth%2F%23bad-verification-code"
Then, I get an error:
"oauthlib.oauth2.rfc6749.errors.MissingTokenError"
I've double and triple-checked my client_id and client_secret keys
from requests-oauthlib.
I tried the above code (changing the client_id, secret, token url, etc) against my flask-oauthlib server and get an error: {"error": "invalid_client"}. The client_id and secret is valid and are in my database (and work when I do a web authorization flow).
EDIT: @lepture solved this issue with the flask-oauthlib server but still can't access github api above
from requests-oauthlib.
Sorry for the late reply. Great that it works with flask-oauthlib now.
For GitHub, I am not certain they actually support the client credentials grant that you are trying to use. I think they only support the authorization code one. However, you can use their API with your token using basic auth which is quite similar https://developer.github.com/v3/oauth/#non-web-application-flow .
from requests-oauthlib.
Related Issues (20)
- 'requests' distribution not found when listed in install_requires together with requests_oauthlib
- why passing requests kwargs that may contain request params to refresh_token request ? HOT 1
- Optional
- Felse HOT 2
- (Optinal)
- Superseded by #2445.
- Thanks for stopping by to let us know something could be better! HOT 1
- `oauth2_session.OAuth2Session.refresh_token` creates infinite loop with Exchange Online when token expires
- Trying to use OAuth1Session with Flickr - requests_oauthlib.oauth1_session.VerifierMissing: No client verifier has been set. HOT 1
- ## Description HOT 1
- Add refresh token exception hook to list of compliance hooks?
- Requirements out of date HOT 2
- Hkş HOT 2
- Scope changes with Microsoft services & `offline_access`
- Question: Is this project maintained? HOT 1
- Compliance fix for tokens that never expire (e.g. Mailchimp)
- Redo request after token is updated
- Why is the backend client workflow asking for a code or a response url? HOT 1
- refresh token workflow HOT 1
- rsengun HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from requests-oauthlib.