Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trouble to make the Oauth2 Web App example working #107

Closed
ihommani opened this issue Feb 11, 2014 · 6 comments
Closed

Trouble to make the Oauth2 Web App example working #107

ihommani opened this issue Feb 11, 2014 · 6 comments

Comments

@ihommani
Copy link
Contributor

Hello,

I've got the following error when I try the snippet of code

oauthlib.oauth2.rfc6749.errors.InsecureTransportError
I got the redirection but returning to the callback throws this exception.

The exception is triggered by the line :
token = github.fetch_token(token_url, client_secret=client_secret, authorization_response=request.url)

Since I'm new to requests-oauth, I don't know if the blunder is coming from me or not. But I almost copy/paste the code and replaced all that have to be replaced.

Can anyone confirm the example is working ?
@ib-lundgren
Copy link
Member

OAuth 2 is not secure without SSL which is why you get this error, you don't have SSL setup on your test server. Most people don't while testing and that is fine. You can disable this check in two ways

  1. By setting the environment variable DEBUG

    $ export DEBUG=1
    $ python webapp_example.py

  2. Equivalent to above you can set this in Python (if you have problems setting environment variables)

    Somewhere in webapp_example.py, before the app.run for example

    import os
    os.environ['DEBUG'] = '1'

Hope that helps :)

@ihommani
Copy link
Contributor Author

Indeed. Thx.
I noticed I wasn't the only one to wonder about this kind of exception.
I made a pull request to complete the example and highlight this potential problem.

Thx again

@ihommani
Copy link
Contributor Author

Although something weird happens.
If I run the code in the normal mode browser (chrome) I get an oauthlib.oauth2.rfc6749.errors.MissingTokenError. Triggered by the same line.
If I run the same code in the browser cofidential mode, I get my user Json i.e the code runs smoothly.

Any idea of what it can be ?

@ib-lundgren
Copy link
Member

@ihommani thanks for the PR :)

Hrm, not quite sure whether it is on provider or client side or something weird cookie thing. Could you add

import logging
import sys
log = logging.getLogger('oauthlib')
log.addHandler(logging.StreamHandler(sys.stdout))
log.setLevel(logging.DEBUG)

to the beginning of your code and see what debug output you get (if you use a real provider with confidential secrets make sure to remove them from output before posting).

@ihommani
Copy link
Contributor Author

@ib-lundgren , everything is alright now.
I don't know what happened yesterday. Maybe something linked to the cache. I have no clue now the problem is gone.
But you've been very helpful.

See you.

@hellupline
Copy link
Contributor

there is a regression of this issue
oauthlib change their debug ENV var from DEBUG to OAUTHLIB_INSECURE_TRANSPORT for this exception

I will create a PR to update the example

@hellupline hellupline mentioned this issue Jan 12, 2018
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@ib-lundgren @ihommani @hellupline