Reputation: 201
Authlib for Flask App getting param_error
I'm using the Authlib module to test OAuth2 integration. I made a simple Flask app and am trying to Authorize with the Untappd API (https://untappd.com/api/docs#authentication).
Following the guidelines of the Authlib Flask module (https://docs.authlib.org/en/latest/client/flask.html), I get as far as successfully being redirected and getting an authorization code.
After authorize_redirect() redirects me to authorize my app at Untappd, I approve, sending me to my callback url with the auth code in the url.
http://localhost:3000/callback?code=1B6D5B8154EC6627748001F&state=GwqinEMqcRDSjfKmNHh
I should be able to next call authorize_access_token() to get a token, but this is what I get:
{'meta': {'http_code': 500, 'error_type': 'param_error', 'error_detail': 'Missing either the client_id, redirect_url, client_secret or code parameter. Please check your request a try again.'}, 'response': []}
I've registered client_id, redirect_url, client_secret in authlib's config so I don't know what is missing. Using an authorization code I tested in Postman and successfully received a token
GET https://untappd.com/oauth/authorize/?client_id=CLIENTID&client_secret=CLIENTSECRET&response_type=code&redirect_url=REDIRECT_URL&code=CODE
{"meta":{"http_code":200},"access_token":"k43l4j3lj43lj43","response":{"access_token":"k43l4j3lj43lj43"}}
So what's wrong with my code?:
auth0 = oauth.register(
'auth0',
client_id=AUTH0_CLIENT_ID,
client_secret=AUTH0_CLIENT_SECRET,
api_base_url=AUTH0_BASE_URL,
access_token_url=AUTH0_BASE_URL + '/oauth/authorize',
authorize_url=AUTH0_BASE_URL + '/oauth/authenticate',
)
@auth_blueprint.route('/login')
def login():
redirect_uri = url_for('.callback', _external=True)
return auth0.authorize_redirect(redirect_uri)
@auth_blueprint.route('/callback')
def callback():
token = auth0.authorize_access_token()
print(token)
return redirect('/loggedin')
The only thing I can think of is that the authorization code is not passed in the redirect, but am not able to debug it. What's happening behind the scenes in Authlib is not well documented in my opinion.
Update
I had an idea to run print(auth0.__dict__) to see if I can see what param are missing.
{'name': 'auth0', 'client_id': '2226808DCDAF2FA5FFE145A', 'client_secret': '9494F1877AB0D01D9DE6AAF4', 'request_token_url': None, 'request_token_params': None, 'access_token_url': 'https://untappd.com/oauth/authorize', 'access_token_params': None, 'authorize_url': 'https://untappd.com/oauth/authenticate', 'authorize_params': None, 'api_base_url': 'https://untappd.com', 'client_kwargs': {}, 'oauth1_client_cls': None, 'oauth2_client_cls': <class 'authlib.integrations.requests_client.oauth2_session.OAuth2Session'>, 'compliance_fix': None, 'client_auth_methods': None, '_fetch_token': None, '_update_token': None, '_server_metadata_url': None, 'server_metadata': {'refresh_token_url': None, 'refresh_token_params': None}, '_fetch_request_token': None, '_save_request_token': None}
(id and secret not real) I don't see anything that is not there that should be.
Upvotes: 2
Views: 1638
Answers (1)
Reputation: 73
I'm starting down this road too, so I don't have much to offer.
But one thing I know is that Untappd are fussy about generic User-Agent strings. Try over-riding that. Perhaps Postman did the same thing..?..
In my code, I added this and all worked well
oauth.headers["User-Agent"] = "GiveMeBeer"
Upvotes: 0
Related Questions
- Authlib client error: State not equal in request and response
- Flask login_required cause 401 error when requested
- flask-login: is_authenticated is inconsistent
- flask_login always returning 401 unauthorized
- Python Flask "Invalid Credentials"
- KeyError: 'oauth_state'
- The client is not authorized to request an authorization code using this method
- Flask-restful app fails when authentication is enabled
- Getting 'str' object has no attribute 'is_authenticated' in Flask using Flask-Login
- Flask basic authentication not accepting username and password