Process of authentication from python-social-auth to django-oauth-toolkit

[developer-keev]

In my Django project with django-rest-framework, we use JWT authentication and want to implement the social login by google. So, I installed and configured django-rest-framework-social-oauth2 with backend google-oath2 in the project as shown in docs. https://github.com/RealmTeam/django-rest-framework-social-oauth2#installation

settings.py

INSTALLED_APPS = (
    ...
    'oauth2_provider',
    'social_django',
    'rest_framework_social_oauth2',
)

TEMPLATES = [
    {
        ...
        'OPTIONS': {
            'context_processors': [
                ...
                'social_django.context_processors.backends',
                'social_django.context_processors.login_redirect',
            ],
        },
    }
]

REST_FRAMEWORK = {
    ...
    'DEFAULT_AUTHENTICATION_CLASSES': (
        'rest_framework_jwt.authentication.JSONWebTokenAuthentication',
        'rest_framework.authentication.SessionAuthentication',
        'rest_framework.authentication.BasicAuthentication',
        'oauth2_provider.contrib.rest_framework.OAuth2Authentication',  # django-oauth-toolkit >= 1.0.0
        'rest_framework_social_oauth2.authentication.SocialAuthentication',
    ),
}

AUTHENTICATION_BACKENDS = (
    # AxesBackend should be the first backend in the AUTHENTICATION_BACKENDS list.
    'axes.backends.AxesBackend',

    # Others auth providers (e.g. Google, OpenId, etc)
    # Google OAuth2
    'social_core.backends.google.GoogleOAuth2',

    # django-rest-framework-social-oauth2
    'rest_framework_social_oauth2.backends.DjangoOAuth2',

    # Django
    'django.contrib.auth.backends.ModelBackend',

)

OAUTH2_PROVIDER = {
    'OAUTH2_VALIDATOR_CLASS': 'social-auth.custom_oauth2_validators.AxesOAuth2Validator',
    'SCOPES': {'read': 'Read scope', 'write': 'Write scope'},
}

SOCIAL_AUTH_REDIRECT_IS_HTTPS = True

SOCIAL_AUTH_GOOGLE_OAUTH2_KEY = 'SOCIAL_AUTH_GOOGLE_OAUTH2_KEY'
SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET = 'SOCIAL_AUTH_GOOGLE_OAUTH2_SECRET'

# Define SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE to get extra permissions from Google.
SOCIAL_AUTH_GOOGLE_OAUTH2_SCOPE = [
    'https://www.googleapis.com/auth/userinfo.email',
    'https://www.googleapis.com/auth/userinfo.profile',
]

In integration of JWT, AXE and Social-oauth2 is Done.

In Django admin, a new Application created with the following configuration:

• client_id and client_secret should be left unchanged
• user should be your superuser
• redirect_uris should be left blank
• client_type should be set to confidential
• authorization_grant_type should be set to 'Resource owner password-based'
• name can be set to whatever you'd like (KEEV)

https://github.com/RealmTeam/django-rest-framework-social-oauth2#setting-up-a-new-application

Also set urls.py

urlpatterns = [
    path('admin/', admin.site.urls),
    path('api/user/', include('user.urls')),
    path('api/social/', include('rest_framework_social_oauth2.urls')),
    # rest of app
]

But now there is confusion about which API to start the authentication process. https://github.com/RealmTeam/django-rest-framework-social-oauth2#testing-the-setup

django-rest-framework-social-oauth2 package relies on python-social-auth and django-oauth-toolkit. so which process to follow? As shown in docs, I understood that first ness to get the token, but this API needs some data as it is POST request. https://127.0.0.1:8000/api/social/token  POST JSON DATA {'client_id': 'known value', 'client_secret': 'known value', 'grant_type': 'password', 'username': 'confused', 'password': 'confused'}

In above json values "confused" means which username to add is it of google-email or username of djnago-user because django-user yet doesn't exist.

And secondly if I follow as per our requirements we need the user to redirect to google-oauth2 page and login with credentials and also our app to access data and create user. This achieved by https://127.0.0.1:8000/api/social/login/google-oauth2/ API it redirect to https://127.0.0.1:8000/api/social/complete/google-oauth2/ with necessary parameters and social user with django user created and redirect to LOGIN_REDIRECT_URL with session authentication.

This part is working and user is created successfully.

But now how to get the access token. In Django admin Social auth user created with provider, uid and extra_data containing access_token, token_type, etc. But how to get access token in the single API request to the front-end so after login to google and authenticate my app to access data then get the access token as it is used to authenticate each request made by the user.

Please need your help to understand the process, I read a lot and watched tutorials but didn't get as expected.

If you need any detail please ask.

[wagnerdelima]

Hi all.

My team and I are constantly using this framework and it seems it has died out there. I contacted the owner by email asking if he would add some of us as maintainers so we could continue to improve it. However we didn't get a response.

I am publishing the project under my profile and we are going to continue to invest time in it.

So I would like to gently ask you to contribute to this project on: https://github.com/wagnerdelima/drf-social-oauth2

Thank you for understanding.

[Rekoc]

Hi, I'm in the exact same situation, I am trying to get the token with one single API request, it is quite hard to understand the flow ... @wagnerdelima I can copy/paste this issue in your repository if you want ? It might help a LOT of people out there.

I'm following your project ! :)

[wagnerdelima]

Please open an issue on the new project. I will take a look at that!

[wagnerdelima]

Thanks for following up!