search

pysnippet / fastapi-oauth2

Easy to integrate OAuth2 authentication with support for several identity providers.
https://docs.pysnippet.org/fastapi-oauth2
MIT License
49 stars 7 forks source link

šŸ› Bug Report - Twitter/X return just an Unauthorized in Console and 'twitter' on Frontpage. #41

Closed iptoux closed 1 month ago

iptoux commented 1 month ago

Bug description

I tried to use fastapi_oauth2 with twitter for my project. I have setup a simple test.py file just from the docs, with my oauth2 app creds from twitter:

# main.py
from fastapi import FastAPI, Request, HTTPException
from fastapi.responses import JSONResponse, RedirectResponse
from fastapi_oauth2.middleware import OAuth2Middleware
from fastapi_oauth2.router import router as oauth2_router

from fastapi_oauth2.config import OAuth2Config
from fastapi_oauth2.client import OAuth2Client
from social_core.backends.twitter_oauth2 import TwitterOAuth2

from fastapi_oauth2.exceptions import OAuth2Error
from fastapi_oauth2.middleware import Auth
from fastapi_oauth2.middleware import User

twitter_client = OAuth2Client(backend=TwitterOAuth2,
                 client_id='***',
                 client_secret='***',
                 redirect_uri='http://10.10.40.109:8008/oauth2/twitter/callback',
                 scope='tweet.read users.read offline.access',
                 )

oauth2_config = OAuth2Config(
    allow_http=True,
    jwt_secret='secret',
    clients=[twitter_client
    ]
)

app = FastAPI()

def on_auth_success(auth: Auth, user: User):
    """This could be async function as well."""

# Integrieren der OAuth2Middleware
app.add_middleware(
    OAuth2Middleware,
    config=oauth2_config,
    callback=on_auth_success,
)

# Integrieren des OAuth2-Routers
app.include_router(oauth2_router)

@app.exception_handler(OAuth2Error)
async def error_handler(request: Request, e: OAuth2Error):
    print("An error occurred in OAuth2Middleware", e)
    return RedirectResponse(url="/", status_code=303)

# Beispiel-Endpoint fĆ¼r geschĆ¼tzten Inhalt
@app.get("/protected")
async def protected(request: Request):
    if not request.user.is_authenticated:
        raise HTTPException(status_code=401, detail="Unauthorized")

    return JSONResponse({'user': request.user.dict()})

# Starte den FastAPI-Server
if __name__ == '__main__':
    import uvicorn
    uvicorn.run(app, host='0.0.0.0', port=8008)

When i call /oauth2/twitter/authorize i just got an 401 in console and a 'twitter' on the page.

INFO:     Uvicorn running on http://0.0.0.0:8008 (Press CTRL+C to quit)
INFO:     10.10.10.107:52712 - "GET /oauth2/twitter/authorize HTTP/1.1" 401 Unauthorized

Screenshot 2024-06-12 150254

I don't know what is wrong there? This is the simplest example of implementation of this Modul. I have rechecked my creds 5 times, removed from snipped here.

Reproduction URL

PRIVATE! See Example on top

Reproduction steps

  1. Copy code
  2. Include your creds
  3. Try
  4. See error

Screenshots

DESCRIPTION

Logs

No response

Browsers

Chrome

OS

Windows, Linux

iptoux commented 1 month ago

Found the error, typo in the provider