Menu
I am trying to make DRF work with oAuth2 (django-oauth-toolkit).
I was focusing on http://httplambda.com/a-rest-api-with-django-and-oauthw-authentication/
First I followed that instruction, but later, after getting authentication errors, I setup this demo: https://github.com/felix-d/Django-Oauth-Toolkit-Python-Social-Auth-Integration
Result was the same: I couldn't generate access token using this curl:
curl -X POST -d "grant_type=password&username=<user_name>&password=<password>" -u "<client_id>:<client_secret>" http://127.0.0.1:8000/o/token/ I got this error:
{"error": "unsupported_grant_type"} The oAuth2 application was set with grant_type password. I changed grant_type to "client credentials" and tried this curl:
curl -X POST -d "grant_type=client_credentials" -u "<client_id>:<client_secret>" http://127.0.0.1:8000/o/token/ This worked and I got generated auth token.
After that I tried to get a list of all beers:
curl -H "Authorization: Bearer <auth_token>" http://127.0.0.1:8000/beers/ And I got this response:
{"detail":"You do not have permission to perform this action."} This is the content of views.py that should show the beers:
from beers.models import Beer from beers.serializer import BeerSerializer from rest_framework import generics, permissions class BeerList(generics.ListCreateAPIView): serializer_class = BeerSerializer permission_classes = (permissions.IsAuthenticated,) def get_queryset(self): user = self.request.user return Beer.objects.filter(owner=user) def perform_create(self, serializer): serializer.save(owner=self.request.user) I am not sure what can be the problem here. First with "unsuported grant type" and later with other curl call. This also happen to me when I did basic tutorial from django-oauth-toolkit. I am using Django 1.8.2 and python3.4
Thanks for all help!
My settings.py looks like this
import os BASE_DIR = os.path.dirname(os.path.dirname(__file__)) SECRET_KEY = 'hd#x!ysy@y+^*%i+klb)o0by!bh&7nu3uhg+5r0m=$3x$a!j@9' DEBUG = True TEMPLATE_DEBUG = True ALLOWED_HOSTS = [] TEMPLATE_CONTEXT_PROCESSORS = ( 'django.contrib.auth.context_processors.auth', ) INSTALLED_APPS = ( 'django.contrib.admin', 'django.contrib.auth', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', 'django.contrib.staticfiles', 'oauth2_provider', 'rest_framework', 'beers', ) MIDDLEWARE_CLASSES = ( 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', ) AUTHENTICATION_BACKENDS = ( 'django.contrib.auth.backends.ModelBackend', ) ROOT_URLCONF = 'beerstash.urls' WSGI_APPLICATION = 'beerstash.wsgi.application' DATABASES = { 'default': { 'ENGINE': 'django.db.backends.sqlite3', 'NAME': os.path.join(BASE_DIR, 'db.sqlite3'), } } LANGUAGE_CODE = 'en-us' TIME_ZONE = 'UTC' USE_I18N = True USE_L10N = True USE_TZ = True STATIC_URL = '/static/' REST_FRAMEWORK = { 'DEFAULT_AUTHENTICATION_CLASSES': ( 'oauth2_provider.ext.rest_framework.OAuth2Authentication', ) } OAUTH2_PROVIDER = { # this is the list of available scopes 'SCOPES': {'read': 'Read scope', 'write': 'Write scope'} } 
355
Django OAuth Toolkit can help you by providing, out of the box, all the endpoints, data, and logic needed to add OAuth2 capabilities to your Django projects. Django OAuth Toolkit makes extensive use of the excellent OAuthLib, so that everything is rfc-compliant.
You can integrate Google OAuth into your Django application with Django OAuth packages like django-allauth . You can also integrate other OAuth services similarly using django-allauth .
OAuth 2.0, which stands for “Open Authorization”, is a standard designed to allow a website or application to access resources hosted by other web apps on behalf of a user. It replaced OAuth 1.0 in 2012 and is now the de facto industry standard for online authorization.
I have tried the demo you mentioned and everything was fine.
$ curl -X POST -d "grant_type=password&username=superuser&assword=123qwe" -u"xLJuHBcdgJHNuahvER9pgqSf6vcrlbkhCr75hTCZ:nv9gzOj0BMf2cdxoxsnYZuRYTK5QwpKWiZc7USuJpm11DNtSE9X6Ob9KaVTKaQqeyQZh4KF3oZS4IJ7o9n4amzfqKJnoL7a2tYQiWgtYPSQpY6VKFjEazcqSacqTx9z8" http://127.0.0.1:8000/o/token/ {"access_token": "jlLpKwzReB6maEnjuJrk2HxE4RHbiA", "token_type": "Bearer", "expires_in": 36000, "refresh_token": "DsDWz1LiSZ3bd7NVuLIp7Dkj6pbse1", "scope": "read write groups"} $ curl -H "Authorization: Bearer jlLpKwzReB6maEnjuJrk2HxE4RHbiA" http://127.0.0.1:8000/beers/ [] In your case, I think, you have created an application with wrong "Authorization grant type".
Use this application settings:
Name: just a name of your choice Client Type: confidential Authorization Grant Type: Resource owner password-based This https://django-oauth-toolkit.readthedocs.org/en/latest/rest-framework/getting_started.html#step-3-register-an-application helped me a lot.
Here the database file I've created: https://www.dropbox.com/s/pxeyphkiy141i1l/db.sqlite3.tar.gz?dl=0
You can try it yourself. No source code changed at all. Django admin username - superuser, password - 123qwe.
72
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
