CODEWITHSUNDEEP
pythondjangooauth-2.0django-oauth-toolkit
Roy
Roy

Reputation: 1967

Problem authorizing client with django-oAuth-toolkit Authorization Code flow

I have been following the django-oAuth-toolkit documentation. In the Authorization Code step, I have registered an application as shown in the screenshot.

Screenshot given in the documentation

But then the next step is given like this:

To start the Authorization code flow go to this URL which is the same as shown below: http://127.0.0.1:8000/o/authorize/?response_type=code&client_id=vW1RcAl7Mb0d5gyHNQIAcH110lWoOW2BmWJIero8&redirect_uri=http://127.0.0.1:8000/noexist/callback

But when I replace my client id and ping that URL it redirects me to the following URL: http://localhost:8000/noexist/callback?error=invalid_request&error_description=Code+challenge+required.

I have tried to google that error but it's such a common keyword that I am unable to find anything that is related to my issue. I am probably missing something obvious, I am new to Python and Django.

Note: In the documentation screenshot there is one form field missing which is there in my local environment. It's the algorithm field. Screenshot of my local application

Upvotes: 7

Views: 2530

Answers (1)

Diyorbek
Diyorbek

Reputation: 370

After debugging for so many hours I came to this, please include it in your settings.py file and it works. Maybe it is a bug since we defined our app as confidential with authorization_code grant type but oauth_provider is thinking it as public and trying to validate for pkce.

OAUTH2_PROVIDER = {
    "PKCE_REQUIRED": False
}

Upvotes: 13

Related Questions