compatibility issue with django-oauth-toolkit==2.1.0

wagnerdelima / drf-social-oauth2

drf-social-oauth2 makes it easy to integrate Django social authentication with major OAuth2 providers, i.e., Facebook, Twitter, Google, etc.

https://drf-social-oauth2.readthedocs.io/en/latest/

MIT License

271 stars 34 forks source link

compatibility issue with django-oauth-toolkit==2.1.0 #135

Closed ehsan-g closed 1 year ago

ehsan-g commented 2 years ago

I am keep getting the "invalid client error" when I had django-oauth-toolkit==2.1.0 installed. I had to change it to django-oauth-toolkit==1.3.2

babor99 commented 2 years ago

what version of django and drf did you use?

ehsan-g commented 2 years ago

I think I didn't change these - Django==3.2.14, djangorestframework==3.12.4

wagnerdelima commented 2 years ago

I had some time to investigate this. Indeed, it does not work with django oauth toolkit equal or above 2.0.0. Reason is the new check_password(client_secret, request.client.client_secret) condition added in oauth2_providers/oauth2_validators, line 180. It is a bug on the password hasher.

shrivardha commented 1 year ago

@ehsan-g how did u change the version of django-oauth-toolkit?

ehsan-g commented 1 year ago

@shrivardha Django==3.2.14 django-oauth-toolkit==1.3.2 djangorestframework==3.12.4 drf-social-oauth2==1.2.1 social-auth-app-django==5.0.0 social-auth-core==4.3.0`