Closed martarho closed 4 months ago
Thanks for the excellent bug report!
Could you replace this line https://github.com/matthiask/django-authlib/blob/b5e4d6291602b43129cf38a4b1ea05a99c7641f7/authlib/google.py#L60 by something like this?
(You can apply temporary edits directly inside your virtualenv folder, e.g, venv/lib/python3.10/authlib/google.py
or you could use a Git checkout, but the former is simpler most of the time and works just as good.)
print(token)
print(b64decode(token["id_token"].split(".")[1]))
data = json.loads(b64decode(token["id_token"].split(".")[1]).decode("utf-8"))
The data should be a dictionary containing some information such as the email address and maybe your name etc.
If that fails too could you at least check what exception you're getting here?
Thanks in advance!
This is what I'm seeing when I'm printing the token btw:
{'access_token': '...',
'expires_in': 3599,
'scope': ['https://www.googleapis.com/auth/userinfo.profile',
'openid',
'https://www.googleapis.com/auth/userinfo.email'],
'token_type': 'Bearer',
'id_token': 'eyJhbGci____.eyJpc3MiO____.c9vlh-lF4qyaDz_____',
'expires_at': 1653326834.23049}
I'm wondering if the id_token
entry is missing or is not formatted as a JWT; the data section of the JWT should contain the verified email address, but it seems that for some reason the token you're getting is formatted differently.
Hi @matthiask!
It seems the error is already at line 50: https://github.com/matthiask/django-authlib/blob/b5e4d6291602b43129cf38a4b1ea05a99c7641f7/authlib/google.py#L50
I tried debugging the exception and this is what I got:
Exception type InsecureTransportError Arguments:
('(insecure_transport) OAuth 2 MUST utilize https.',)
I'm trying to run my app over https with a self-signed certificate to see if it works. I'll be back once I succeed! (or fail)
It was a fail, but because of the development mode not allowing me to run it over HTTPS. Which in a way is expected. Not sure how to proceed from here though, so any ideas will be definitely welcome!
Oh, that's right. You could add the following lines e.g. to your settings.py
:
if DEBUG:
os.environ["OAUTHLIB_INSECURE_TRANSPORT"] = "1"
Hi @matthiask, thanks! I can confirm this solved the problem :)
@martarho Good to hear! I already added a note to the documentation. I hope this helps the next person struggling with the same problem. Thanks!
Fixed in a6959d94
I've set up django-authlib for django-admin as per the documentation, but unfortunately I keep getting the error "Error while fetching user data. Please try again" when logging in.
I am the admin of the GCP project where the Oauth2 client is set up and it all works with my front end application.
Any ideas on what could be going on here?
Some small details, in case they impact this problem:
My configuration
settings.py
urls.py
Oauth2 set up![oauth2-setup](https://user-images.githubusercontent.com/42959213/169861102-72b3de9e-5548-4888-9081-08c868b05eba.jpg)
Console output (anonymised, of course)