Closed kkh-147-17-3 closed 3 months ago
Hi @kkh-147-17-3, please replace the os.getenv("OAUTH2_KAKAO_CLIENT_ID")
and os.getenv("OAUTH2_KAKAO_CLIENT_SECRET")
with their actual values so we ensure the problem is not in reading an environment variable. Also, you did not mention the client_id
in the issue description, which makes me think you don't use it at all. Please try to reproduce the issue with the hardcoded values and tell the result.
Thank you for the prompt reply. I tried again with the hardcoded client_id and client_secret. Yet, the issue has not been resolved.
You can find that client_id and client_secret were successfully assigned as below in the debug view.
The problem seems to be that the only parameter client_id
is from WebApplicationClient
class object when prepare_request_body
is called, not `client_secret.
Do you face a similar issue with the AppleIdAuth
you have configured? If it works for Apple, then you can compare the objects by debugging, but I don't think the WebApplicationClient
can be the problem. Also, it's a possibility that the Kakao backend has some issues, try to find issues in social-core. I would also check if scopes are compatible with the identity provider.
Sadly I don't have any Apple developer account, so I removed the AppleIdAuth config and set only the KakaoOAuth2 instead. My project's python version was initially set to be 3.12 so I switched my python version to 3.11 as well. But the authentication process still did not work. I tried google-oauth2 with client_id and client_secret, and it worked well.
I have a Spring Boot project which depends on spring-boot-starter-oauth2-client
, and it contains Kakao Oauth2 authentication process that has same client_id and client_secret. The authorization process works as normal. In this case, I set the project's environment variable spring.security.oauth2.client.registration.kakao.client-authentication-method
to client_secret_post
so that the client_secret
can be included in the POST request body as a query parameter. On the contrary, the Google Oauth2's setting is client_secret_basic
where client_secret
is not included as a parameter.
Lastly, I guess scopes are the not problem in this case as I can check it by the provider's error screen whether the wrong scopes are configured.
Okay, I see, the problem is in the KakaoOAuth2
implementation. The request you are describing is an ordinary form data POST request. I am not sure how the request is sent by KakaoOAuth2
but it is surely fixable. I will try to fix it using your Kakao's client_id and client_secret, it seems it got deprecated and no one cares about it :) Please do not remove your client credentials that you shared in the above screenshot so I can use them to help you solve your problem. If you already did, please provide new credentials.
Of course, I am happy to hear that! I will not change the KakaoOauth2 credential provided. Please let me know if you have any problems regarding the credential :)
@kkh-147-17-3, I have investigated the issue, and it turns out that basic auth does not cover the client_secret
, and it still needs to be passed. So, I fixed the issue, which is available in the latest release. Thank you very much for pointing out the issue and allowing me to use your OAuth credentials for development purposes.
Bug description
Hi, I was trying to integrate KakaoOAuth2 and had to apply client_secret for the authentication. The provider(Kakao) says the client_secret for KakaoOauth2 is not mandatory but is recommended for the security purpose. Therefore, I set my application to use that. Unfortunately, KakaoOauth2 does not work only when the client_secret is configured.
According to the official Kakao developer website, the
client_secret
must be in the request body as query parameter when the application is configured to utilize client_secret. Otherwise, it returns unauthorization response.I looked through the codes and found out that the client_secret is not in the query parameters when POST requesting the token end point.
Reproduction URL
No response
Reproduction steps
Add application at the Kakao Developer Website and configure the application to use
client_secret
as belowAdd configuration in the fastapi code.
Send the request /oauth2/kakao/authorize
After step 3, I receieved the following error
Screenshots
The original codes are as follows (fastapi_oauth2.core.py ->
OAuth2Core:token_data
):I guess the
client_secret
should be in theoauth2_query_params
so that the variablecontent
can containclient_secret
as a query parameter.After I changed the code to put client_secret inside the query params, the authentication process worked as normal.
Logs
No response
Browsers
No response
OS
No response