Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Testing flask-oauthlib locally without https

I have implemented an oauth2 server and an oauth2 client using flask-oauthlib.

When I am trying to test locally, the client returns an InsecureTransportError and tells me that I should be using https.

Is there a way to test the app locally without https?

The client is running on 127.0.0.2:5000 and the server is running on 127.0.0.1:5000.

Thanks

like image 726
user2483431 Avatar asked Jan 05 '15 18:01

user2483431


3 Answers

From http://requests-oauthlib.readthedocs.org/en/latest/examples/real_world_example.html:

You should note that Oauth2 works through SSL layer. If your server is not parametrized to allow HTTPS, the fetch_token method will raise an oauthlib.oauth2.rfc6749.errors.InsecureTransportError . Most people don’t set SSL on their server while testing and that is fine. You can disable this check in two ways:

  1. By setting an environment variable.
export OAUTHLIB_INSECURE_TRANSPORT=1
  1. Equivalent to above you can set this in Python (if you have problems setting environment variables)
# Somewhere in webapp_example.py, before the app.run for example
import os 
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
like image 95
Hans Z. Avatar answered Nov 02 '22 03:11

Hans Z.


For OAuth1 you can add setting

app.config.update({
    'OAUTH1_PROVIDER_ENFORCE_SSL': False
})

For OAuth2 you can setting in environment variable.

export OAUTHLIB_INSECURE_TRANSPORT=1

or in runtime

import os
os.environ['OAUTHLIB_INSECURE_TRANSPORT'] = '1'
like image 30
faisal burhanudin Avatar answered Nov 02 '22 02:11

faisal burhanudin


For Authlib usesrs :

export AUTHLIB_INSECURE_TRANSPORT=1

Or if you want to set it programmatically :

import os

os.environ['AUTHLIB_INSECURE_TRANSPORT'] = '1'

I know it's not answering the question but everytime I ask Google about it I land on this page.

like image 12
Leogout Avatar answered Nov 02 '22 01:11

Leogout