Menu
I started to use OAuth with Python and Django. I need it for Google APIs. I working on localhost, so I can't register a domain for url-callback. I've read about that Google OAuth could be used with anonymous domain. Can't find, how and where I can do that?
I have this view:
def authentication(request):
CONSUMER_KEY = 'xxxxx'
CONSUMER_SECRET = 'xxxxx'
SCOPES = ['https://docs.google.com/feeds/', ]
client = gdata.docs.client.DocsClient(source='apiapp')
oauth_callback_url = 'http://%s/get_access_token' % request.META.get('HTTP_HOST')
request_token = client.GetOAuthToken(
SCOPES, oauth_callback_url, CONSUMER_KEY, consumer_secret=CONSUMER_SECRET)
domain = '127.0.0.1:8000'
return HttpResponseRedirect(
request_token.generate_authorization_url(google_apps_domain=domain))
And this error:
Sorry, you've reached a login page for a domain that isn't using Google Apps. Please check the web address and try again.
Registered via https://code.google.com/apis/console/
CONSUMER_KEY = 'xxxxxxxxxxxxxxxxxxxxxxxxxxx'
CONSUMER_SECRET = 'xxxxxxxxxxxxxxxxxxxxxxxxx'
SCOPES = ['https://docs.google.com/feeds/', ]
DOMAIN = 'localhost:8000'
def authentication(request):
client = gdata.docs.client.DocsClient(source='apiapp')
oauth_callback_url = 'http://%s/get_access_token' % DOMAIN
request_token = client.GetOAuthToken(SCOPES,
oauth_callback_url,
CONSUMER_KEY,
consumer_secret=CONSUMER_SECRET)
return HttpResponseRedirect(
request_token.generate_authorization_url())
def verify(request):
client = gdata.docs.client.DocsClient(source='apiapp')
f = open('/home/i159/.ssh/id_rsa')
RSA_KEY = f.read()
f.close()
oauth_callback_url = 'http://%s/get_access_token' % DOMAIN
request_token = client.GetOAuthToken(SCOPES,
oauth_callback_url,
CONSUMER_KEY,
rsa_private_key=RSA_KEY)
return HttpResponseRedirect(
request_token.generate_authorization_url(google_apps_domain=DOMAIN))
The error:
Unable to obtain OAuth request token: 400, Consumer does not have a cert: xxxxxxxxxxxxxxx.apps.googleusercontent.com
547
Setup steps To test a web OAuth client you can still use a localhost deployment, provided you have administrator (superuser) permissions to modify the local lookup table for hostnames.
Just to be clear, you can use the web application flow with localhost while developing on either OAuth 1.0 or OAuth 2.0. OAuth 2.0 should be preferred as it's the mechanism we are focussed on. The user experience for OAuth 2.0 is going to be substantially better.
There's nothing stopping you from using localhost as your callback URL. I do this myself all the time. You just need to make sure the callback URL matches exactly, including any port numbers, and you can't deploy your application that way for obvious reasons. Installed applications are more complicated, but if you're doing something with Django, it's possible to take advantage of the fact that OAuth 2.0 is a bearer-token system. As long as you're keeping the refresh token server-side, you can authenticate with your own application out-of-band and then send the bearer token to the installed application. Your installed application will have roughly a one-hour window in which to make calls before you'll need to repeat the process. This can happen transparently to the user in most cases. Transmission of the bearer token should happen over an encrypted channel.
169
OAuth 1.0 for Installed Applications
Besides that, you probably don't want to include your actual CONSUMER_KEY and CONSUMER_SECRET in the example code.
26
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
