python oauth2请求和spring oauth2服务器

时间:2016-11-30 01:19:19

标签: python django spring oauth

我的python oauth2客户端正试图通过python requests

获取access_token

使用spring oauth

加入第三方

通过令牌代码。

 auth_session = OAuth2Session(
            self.configuration_store.client_id, redirect_uri=self.configuration_store.redirect_url)

 auth_session.fetch_token(
            self.configuration_store.token_url, client_secret=self.configuration_store.client_secret, code=code,
            headers=utils.generate_header(self.configuration_store.client_id, self.configuration_store.client_secret),
            **{"access_token": "TOKEN", "token_type": "bearer", "expires_in": 3599, 'scope': 'bar read write'})

使用django oauth toolkit实现对我们的本地测试服务器使用相同的代码,上面的代码成功检索了一个令牌。但是,针对spring提供者,返回401。

此外,如果我使用直接python请求手动构建对第三方的请求,我可以获得成功。 

result = requests.post(self.configuration_store.token_url,
                                params = {'grant_type':'authorization_code', 'client_id': self.configuration_store.client_id, 'code':code, 'client_secret':self.configuration_store.client_secret, 'redirect_uri':self.configuration_store.redirect_url },
                       headers =utils.generate_header(self.configuration_store.client_id, self.configuration_store.client_secret), data={"access_token": "TOKEN","token_type": "bearer","expires_in": 3599,"scope": ["bar", "read", "write"]})

然而,POST请求完全不同。

使用request.post...

的工作请求 
# Working
INFO 2016-11-28 08:19:15,303 connectionpool 50122 123145426345984 Starting new HTTPS connection (1): example.com
send: b'POST /authorization/oauth/token?redirect_uri=https://theredirecturl.com/login&client_secret=XXXXXXXXXXXX&code=XXXXXXX&grant_type=authorization_code&client_id=clientid HTTP/1.1
Host: example.com
Accept: */*
Content-Length: 85
Connection: keep-alive
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
User-Agent: python-requests/2.9.1
Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=
Cache-Control: no-cache

scope=bar&scope=read&scope=write&token_type=bearer&access_token=TOKEN&expires_in=3599'
reply: 'HTTP/1.1 200 OK
'

无法使用oauth python requests 

INFO 2016-11-29 23:32:18,063 connectionpool 73412 123145511739392 Starting new HTTPS connection (1): example.com
send: b'POST /authorization/oauth/token/ HTTP/1.1
Host: example.com
Authorization: Basic XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX=
Connection: keep-alive
Content-Length: 247
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip, deflate
User-Agent: python-requests/2.9.1
Cache-Control: no-cache
Accept: */*

grant_type=authorization_code&expires_in=3599&client_secret=XXXXXXXXXXXXX&access_token=TOKEN&scope=bar+read+write&client_id=clientid&code=XXXXXX&redirect_uri=https://theredirecturl.com/login&token_type=bearer'
reply: 'HTTP/1.1 401 Unauthorized
'

这两个请求有完全不同的主体,对我来说似乎很奇怪,oauth会将诸如client_secret之类的东西放在URL中。

对此的任何帮助都将非常感激。

0 个答案:

没有答案
相关问题
最新问题