GoogleOAuth2Adapter returns key instead of access and refresh tokens

felipe-jm commented 1 year ago

Hello! I am using Google OAuth with the GoogleOAuth2Adapter, here's my code:

from allauth.socialaccount.providers.google.views import GoogleOAuth2Adapter
from allauth.socialaccount.providers.oauth2.client import OAuth2Client
from dj_rest_auth.registration.views import SocialLoginView

from notafiscalrural.settings import GOOGLE_REDIRECT_URL

class GoogleLoginView(SocialLoginView):
    adapter_class = GoogleOAuth2Adapter
    callback_url = GOOGLE_REDIRECT_URL
    client_class = OAuth2Client

In dj-rest-auth version 2.2.8 with django-allauth version 0.51.0 I was making a POST request informing the code that googles gives me and it was returned correctly the access_token, refresh_token and user information. But when I updated to dj-rest-auth version 4.0.1 with django-allauth version 0.54.0 the same endpoint returns the user authtoken key instead of the tokens I need. Is this the intended behavior?

dj-rest-auth version 2.2.8 and django-allauth version 0.51.0 SocialLoginView with GoogleOAuth2Adapter body:

{
  "access_token": "access-token-here...",
  "refresh_token": "refresh-token-here...",
  "user": {
    "pk": 1,
    "email": "email@gmail.com",
    "first_name": "First Name",
    "last_name": "Last Name"
  }
}

dj-rest-auth version 4.0.1 and django-allauth version 0.54.0 SocialLoginView with GoogleOAuth2Adapter body:

{
  "key": "4a11efa80813d5efcbdb0c83ba357667d68c8bd0"
}

How should I use the GoogleOAuth2Adapter correctly in the new version? I Followed the documentation available in https://dj-rest-auth.readthedocs.io/en/latest/installation.html?highlight=SocialLoginView#google

Here's my dj-rest-auth and djangorestframework-simplejwt settings:

SITE_ID = 1
USE_JWT = True

SIMPLE_JWT = {
    'ACCESS_TOKEN_LIFETIME': timedelta(minutes=env('ACCESS_TOKEN_LIFETIME_MINUTES', default=5)),
    'REFRESH_TOKEN_LIFETIME': timedelta(days=env('REFRESH_TOKEN_LIFETIME_DAYS', default=15)),
    'ROTATE_REFRESH_TOKENS': True,
    'BLACKLIST_AFTER_ROTATION': True,
    'UPDATE_LAST_LOGIN': True,

    'ALGORITHM': 'HS256',
    'SIGNING_KEY': env('NFR_JWT_SIGNING_KEY', default='XXXXXXX'),
    'VERIFYING_KEY': None,
    'AUDIENCE': None,
    'ISSUER': None,

    'AUTH_HEADER_TYPES': ('Bearer',),
    'AUTH_HEADER_NAME': 'HTTP_AUTHORIZATION',
    'USER_ID_FIELD': 'id',
    'USER_ID_CLAIM': 'user_id',

    'AUTH_TOKEN_CLASSES': ('rest_framework_simplejwt.tokens.AccessToken',),
    'TOKEN_TYPE_CLAIM': 'token_type',

    'JTI_CLAIM': 'jti',

    'SLIDING_TOKEN_REFRESH_EXP_CLAIM': 'refresh_exp',
    'SLIDING_TOKEN_LIFETIME': timedelta(minutes=5),
    'SLIDING_TOKEN_REFRESH_LIFETIME': timedelta(days=1),
}

GOOGLE_REDIRECT_URL = env('GOOGLE_REDIRECT_URL', default='http://localhost:3000')
SOCIALACCOUNT_QUERY_EMAIL = True

SOCIALACCOUNT_PROVIDERS = {
    "google": {
        "APP": {
            "client_id": env("GOOGLE_CLIENT_ID", default='XXXXXXX'),
            "secret": env("GOOGLE_SECRET", default='XXXXXXX'),
            "key": ""
        },
        "SCOPE": [
            "profile",
            "email",
        ],
        "AUTH_PARAMS": {
            "access_type": "offline",
        },
    }
}

OLD_PASSWORD_FIELD_ENABLED = True
ACCOUNT_ADAPTER = 'users.adapter.CustomUserAdapter'

ACCOUNT_USER_MODEL_USERNAME_FIELD = None
ACCOUNT_EMAIL_REQUIRED = True
ACCOUNT_UNIQUE_EMAIL = True
ACCOUNT_USERNAME_REQUIRED = False
ACCOUNT_AUTHENTICATION_METHOD = 'email'
ACCOUNT_EMAIL_VERIFICATION = 'optional'
ACCOUNT_EMAIL_SUBJECT_PREFIX = ''
ACCOUNT_CONFIRM_EMAIL_ON_GET = True

felipe-jm commented 10 months ago

I updated to dj-rest-auth version 5.0.0 and django-allauth version 0.57.0 and I'm still getting the same error.

felipe-jm commented 10 months ago

It was a misconfiguration in my REST_AUTH settings, I had a REST_USE_JWT and it should be USE_JWT inside de REST_AUTH settings.

iMerica / dj-rest-auth

GoogleOAuth2Adapter returns key instead of access and refresh tokens #522