Open grindnoise opened 1 year ago
I have the same problem in the covert_token flow.
At the moment I solved it by implementing some kind of cache to be able to query the id_token
in the second call, in the following example I use a static dictionary as cache.
from social_core.backends.apple import AppleIdAuth
from social_core.utils import handle_http_errors
class AppleOAuth2(AppleIdAuth):
name = 'apple'
cache = {}
@handle_http_errors
def _auth_complete(self, access_token):
data = self.auth_complete_params()
data.update({'code': access_token})
response = self.request_access_token(
self.access_token_url(),
data=data,
headers=self.auth_headers(),
auth=self.auth_complete_credentials(),
method=self.ACCESS_TOKEN_METHOD
)
self.process_error(response)
return response
def do_auth(self, access_token, *args, **kwargs):
response = kwargs.pop('response', None) or {}
jwt_string = response.get(self.TOKEN_KEY) or AppleOAuth2.cache.pop(access_token, '')
if not jwt_string:
response = self._auth_complete(access_token, *args, **kwargs)
jwt_string = response.get(self.TOKEN_KEY)
AppleOAuth2.cache.update({access_token: jwt_string})
else:
response = {self.TOKEN_KEY: jwt_string}
return super().do_auth(access_token, response=response, *args, **kwargs)
I've implemented apple sign-in following this article using subclass: https://github.com/truffls/sign-in-with-apple-using-django/blob/master/backend.md
Code:
Authorization succeeds during first call, i receive access token from apple, new entries in Users & User social auths tables are created but after that function
do_auth
is called one more time causing duplicate entry:The very time user logs in - new entry in Users & User social auths tables created.
During the second call id_token is empty because apple's authorization code is one time token.
in oauth2_endpoints.py after user was created it searches for access token and doesn't find any thus calls again:
Access token isn't created during the first iteration, I can't understand why. During the second call it again creates user, social auth user and this time access & refresh tokens are created. So every time I perform sign in via above auth backend new user is created. Can somebody help me? My head is gonna blow up