Testing flask-oauthlib locally without https

Question

I have implemented an oauth2 server and an oauth2 client using flask-oauthlib.

When I am trying to test locally, the client returns an InsecureTransportError and tells me that I should be using https.

Is there a way to test the app locally without https?

The client is running on 127.0.0.2:5000 and the server is running on 127.0.0.1:5000.

Thanks

Answer 1

From http://requests-oauthlib.readthedocs.org/en/latest/examples/real_world_example.html:

You should note that Oauth2 works through SSL layer. If your server is not parametrized to allow HTTPS, the fetch_token method will raise an oauthlib.oauth2.rfc6749.errors.InsecureTransportError . Most people don’t set SSL on their server while testing and that is fine. You can disable this check in two ways:

1. By setting an environment variable.

export OAUTHLIB_INSECURE_TRANSPORT=1

2. Equivalent to above you can set this in Python (if you have problems setting environment variables)

# Somewhere in webapp_example.py, before the app.run for example
import os 
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'

Answer 2

For OAuth1 you can add setting

app.config.update({
    'OAUTH1_PROVIDER_ENFORCE_SSL': False
})

For OAuth2 you can setting in environment variable.

export OAUTHLIB_INSECURE_TRANSPORT=1

or in runtime

import os
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'

Answer 3

For Authlib usesrs :

export AUTHLIB_INSECURE_TRANSPORT=1

Or if you want to set it programmatically :

import os

os.environ['AUTHLIB_INSECURE_TRANSPORT'] = '1'

I know it's not answering the question but everytime I ask Google about it I land on this page.