lepture / authlib

The ultimate Python library in building OAuth, OpenID Connect clients and servers. JWS,JWE,JWK,JWA,JWT included.
https://authlib.org/
BSD 3-Clause "New" or "Revised" License
4.55k stars 452 forks source link

authlib.jose.errors.InvalidClaimError: invalid_claim: Invalid claim "iss" #483

Closed pernydev closed 2 years ago

pernydev commented 2 years ago

I'm building an oauth2 client with Flask and Authlib. My code to register the oauth is:

google = oauth.register(
    name='google',
    client_id='',
    client_secret="",
    access_token_url="https://accounts.google.com/o/oauth2/token",
    access_token_params=None,
    authorize_url="https://accounts.google.com/o/oauth2/auth",
    authorize_params=None,
    api_base_url="https://www.googleapis.com/oauth2/v1/",
    client_kwargs={'scope': 'openid email'},
    server_metadata_url="https://accounts.google.com/.well-known/openid-configuration",
)

And my /authorize endpoint looks like this:

@app.route('/authorize')
def authorize():
    google = oauth.create_client('google')
    token = google.authorize_access_token()
    resp = google.get('userinfo')
    resp.raise_for_status()
    userinfo = resp.json()

    return str(userinfo)

But I am getting the error

authlib.jose.errors.InvalidClaimError: invalid_claim: Invalid claim "iss"
lepture commented 2 years ago

Not sure what's the version of your Authlib. But I've just tried https://github.com/authlib/demo-oauth-client/tree/master/flask-google-login and it works well.

Please check the demo.