Client secret required ?

[EugeneLiang]

Hi good day,

I was going through your example ( the CURL request example ) using Postman ( https://chrome.google.com/webstore/detail/postman/fhbjgbiflinjbdggehcddcbncdddomop?hl=en ) and i had an error after POSTing with my client_id, grant_type=password, username, and password:

Traceback (most recent call last):
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1836, in __call__
    return self.wsgi_app(environ, start_response)
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1820, in wsgi_app
    response = self.make_response(self.handle_exception(e))
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1403, in handle_exception
    reraise(exc_type, exc_value, tb)
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1817, in wsgi_app
    response = self.full_dispatch_request()
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1477, in full_dispatch_request
    rv = self.handle_user_exception(e)
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1381, in handle_user_exception
    reraise(exc_type, exc_value, tb)
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1475, in full_dispatch_request
    rv = self.dispatch_request()
  File "/Library/Python/2.7/site-packages/flask/app.py", line 1461, in dispatch_request
    return self.view_functions[rule.endpoint](**req.view_args)
  File "/Library/Python/2.7/site-packages/flask_oauthlib/provider/oauth2.py", line 467, in decorated
    uri, http_method, body, headers, credentials
  File "/Library/Python/2.7/site-packages/oauthlib/oauth2/rfc6749/endpoints/base.py", line 61, in wrapper
    return f(endpoint, uri, *args, **kwargs)
  File "/Library/Python/2.7/site-packages/oauthlib/oauth2/rfc6749/endpoints/token.py", line 93, in create_token_response
    request, self.default_token_type)
  File "/Library/Python/2.7/site-packages/oauthlib/oauth2/rfc6749/grant_types/resource_owner_password_credentials.py", line 92, in create_token_response
    if not self.request_validator.authenticate_client(request):
  File "/Library/Python/2.7/site-packages/flask_oauthlib/provider/oauth2.py", line 601, in authenticate_client
    if client.client_secret != client_secret:
AttributeError: 'Client' object has no attribute 'client_secret'

Apparently, I am required to pass a client_secret url parameter as well ? However, when i create a new client, I am only given the client_id, but not the client secret.

I've also tried adding in random strings for client_secret, but the same error occurs.

Am I missing anything ?

Cheers!

[nicolaiarocci]

The error happens in Flask-Oauthlib. It suggests that Client object has no attribute client_secret and not, as you imply, that it has no or wrong value. Are you sure that the launch script is correctly configured, as in the README file?

[EugeneLiang]

Hi there, it's weird. I uninstalled via pip flask-sentinal and Flask-Oauthlib and than reinstalled flask-sentinel. So now it works.

Thank you so much Sir!

[ultimateboy]

Just a heads up that I ran into this issue today. My issue appears to be a duplicate of https://github.com/lepture/flask-oauthlib/issues/246 - downgrading flask-oauthlib to 0.9.1 fixes the issue.

[nicolaiarocci]

thanks for the heads up.