search

RealmTeam / django-rest-framework-social-oauth2

python-social-auth and oauth2 support for django-rest-framework
MIT License
1.06k stars 191 forks source link

About Login google-oauth2,i find this problem #188

Open CCColby opened 5 years ago

CCColby commented 5 years ago

when i post "auth/convert-token/" i got "error: "access_denied" error_description: "Your credentials aren't allowed",what is the problem?

this is my post

{"grant_type":"convert_token","client_id":"04ePfGbSWlriwuCnNIQlTQoJUA5uGrADXHaXLxU1","client_secret":"PqEBgppeQ6H6GbBgErwx893ZKMdy4rFPy5Mu9DWYlUJlLPTYKBkEKaXHlet7gdYp757F6rL3F6TocHRhcTaTbimi7ue0imSDKdtMufKpIfMUqkNHUKRBR7cWWduj64N6","backend":"google-oauth2","token":"eyJhbGciOiJSUzI1NiIsImtpZCI6IjA5MDVkNmY5Y2Q5YjBmMWY4NTJlOGIyMDdlOGY2NzNhYmNhNGJmNzUiLCJ0eXAiOiJKV1QifQ.eyJpc3MiOiJhY2NvdW50cy5nb29nbGUuY29tIiwiYXpwIjoiNDEyNDM4NDU1NDcwLWJnbHB2MTFoN2htaGFkN3JkNTVtMmRtdWszZGtwOWk0LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwiYXVkIjoiNDEyNDM4NDU1NDcwLWJnbHB2MTFoN2htaGFkN3JkNTVtMmRtdWszZGtwOWk0LmFwcHMuZ29vZ2xldXNlcmNvbnRlbnQuY29tIiwic3ViIjoiMTEwMzM2OTE3OTM3MjYxODEyMTE5IiwiZW1haWwiOiIxMzA1MTAxNzY1QHFxLmNvbSIsImVtYWlsX3ZlcmlmaWVkIjp0cnVlLCJhdF9oYXNoIjoidnE0em5XZVhyei1wYi1JWDROV2NNQSIsIm5hbWUiOiJ4cWRvbmcgeHFkb25nIiwicGljdHVyZSI6Imh0dHBzOi8vbGg2Lmdvb2dsZXVzZXJjb250ZW50LmNvbS8tQ2JQVnFaVWZVSFUvQUFBQUFBQUFBQUkvQUFBQUFBQUFBQUEvQUNIaTNyY2hQSmtDdk96OEJRRmljekZEMm5FcEYxV002US9zOTYtYy9waG90by5qcGciLCJnaXZlbl9uYW1lIjoieHFkb25nIiwiZmFtaWx5X25hbWUiOiJ4cWRvbmciLCJsb2NhbGUiOiJ6aC1DTiIsImlhdCI6MTU1MzE0MTI4OSwiZXhwIjoxNTUzMTQ0ODg5LCJqdGkiOiI3OGQ4MDM3MDc2ODUwZjYwZmMzMWE5ZGZmN2Q4M2VmYjEyMmE2OTVhIn0.cPdpfIV8Cy0TZmdrB96xKAp7WuariTFbLmbJJYFtFLZBZ93Jy-FDVl6p5vy6uVFCLJr6U57M_398EGQtKU7HIJC0dG1mL3lKFqrYubttpSHIuKNiRluGCzLscVO-POlyIeSU-OEpSoz5RqMTEO1SZ_KlWBkZbkPtILBWJ5Du4DB9xVxWI5s-ZPj6y1lfrTCGGOY89w6JrEObhv65-i6xmOdjQqPQAgE_c577tfVpbTxrtLpBlNFqNrngIJAA7YS6rEvMi83kr4EOxVZiz8Eh2IZ7bYEaPdWrFDw3w5f0UxQTado9gw-TmT3GpE8r3MA-UB8E9OJE7WE3F9u4HgbBmw"}

my application

image

mo3rfan commented 5 years ago

Check if you are using idToken or access_token from google. See here: https://github.com/RealmTeam/django-rest-framework-social-oauth2/issues/61#issuecomment-232847825. You need to make sure the token you are exchanging is the access_token

CCColby commented 5 years ago

Check if you are using idToken or access_token from google. See here: #61 (comment). You need to make sure the token you are exchanging is the access_token

I post "auth/convert-token/" id_token

mo3rfan commented 5 years ago

You need to post access_token to "auth/convert-token", not id_token.

Did this solve your problem?

CCColby commented 5 years ago

You need to post access_token to "auth/convert-token", not id_token.

Did this solve your problem?

No,also get this error { "error": "access_denied", "error_description": "Your credentials aren't allowed" } I post https://www.googleapis.com/oauth2/v3/tokeninfo?id_token=XXX,get correct response. also try send access_token like this curl -X POST -d "grant_type=convert_token&client_id=&client_secret=&backend=google-oauth2&token= get response like this { "error": "access_denied", "error_description": "Your credentials aren't allowed" }

mo3rfan commented 5 years ago

Maybe check if your SOCIAL_AUTH_GOOGLE_OAUTH2_KEY, SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET are correctly set as per this.

Also you keep saying 'id_token'. I'm confused.

curl -X POST -d "grant_type=convert_token&client_id=&client_secret=&backend=google-oauth2&token=<google_access_token>

GET googleapis.com/oauth2/v3/tokeninfo?access_token=XXX

CCColby commented 5 years ago

Maybe check if your SOCIAL_AUTH_GOOGLE_OAUTH2_KEY, SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET are correctly set as per this.

Also you keep saying 'id_token'. I'm confused.

curl -X POST -d "grant_type=convert_token&client_id=&client_secret=&backend=google-oauth2&token=<google_access_token>

GET googleapis.com/oauth2/v3/tokeninfo?access_token=XXX

Unfortunately,also got this error { "error": "access_denied", "error_description": "Your credentials aren't allowed" } i so stupid,,,it works very well in facebook,and i try use django-social-core "/login/google-oauth2",also get correct response By decomposing the system into front end and back end,i use drf,and get this error

hemanth-sp commented 5 years ago

i am getting same error with google sigin i got id token from android and verified with the https://oauth2.googleapis.com/tokeninfo?id_token= but i do post requirest i am getting error Screenshot from 2019-04-21 08-30-30 anything wrong????????????????

Screenshot from 2019-04-21 08-49-45-01

robertoggarcia commented 5 years ago

I use "authToken" instead "idToken" and works!

wagnerdelima commented 4 years ago

Hi all.

My team and I are constantly using this framework and it seems it has died out there. I contacted the owner by email asking if he would add some of us as maintainers so we could continue to improve it. However we didn't get a response.

I am publishing the project under my profile and we are going to continue to invest time in it.

So I would like to gently ask you to contribute to this project on: https://github.com/wagnerdelima/drf-social-oauth2

Thank you for understanding.

BondarenkoOleksandr commented 3 years ago

Where did you get the token?