From 3d8e24bebe7d0e1bdbd63bca39a03eade4762df0 Mon Sep 17 00:00:00 2001 From: Dustin Collins Date: Fri, 26 Aug 2016 12:38:45 -0500 Subject: [PATCH 1/7] Don't need redirect_uri in client/provider req --- flask_oauthlib/client.py | 4 ---- 1 file changed, 4 deletions(-) diff --git a/flask_oauthlib/client.py b/flask_oauthlib/client.py index 71c2d0fd..dacaf6b2 100644 --- a/flask_oauthlib/client.py +++ b/flask_oauthlib/client.py @@ -523,7 +523,6 @@ def authorize(self, callback=None, state=None, **kwargs): # state can be function for generate a random string state = state() - session['%s_oauthredir' % self.name] = callback url = client.prepare_request_uri( self.expand_url(self.authorize_url), redirect_uri=callback, @@ -623,12 +622,10 @@ def handle_oauth1_response(self): def handle_oauth2_response(self): """Handles an oauth2 authorization response.""" - client = self.make_client() remote_args = { 'code': request.args.get('code'), 'client_secret': self.consumer_secret, - 'redirect_uri': session.get('%s_oauthredir' % self.name) } log.debug('Prepare oauth2 remote args %r', remote_args) remote_args.update(self.access_token_params) @@ -680,7 +677,6 @@ def authorized_response(self): # free request token session.pop('%s_oauthtok' % self.name, None) - session.pop('%s_oauthredir' % self.name, None) return data def authorized_handler(self, f): From 08ff8adcaedbe4188e1c1a863b943d82b6f43f08 Mon Sep 17 00:00:00 2001 From: Dustin Collins Date: Fri, 26 Aug 2016 14:23:14 -0500 Subject: [PATCH 2/7] Add logging --- flask_oauthlib/client.py | 2 ++ 1 file changed, 2 insertions(+) diff --git a/flask_oauthlib/client.py b/flask_oauthlib/client.py index dacaf6b2..6bdc769a 100644 --- a/flask_oauthlib/client.py +++ b/flask_oauthlib/client.py @@ -654,6 +654,8 @@ def handle_oauth2_response(self): self.access_token_method ) + log.info('Resp: {}'.format(resp)) + data = parse_response(resp, content, content_type=self.content_type) if resp.code not in (200, 201): raise OAuthException( From 42bf2f427d766dd5c4e6a9db78674debece956da Mon Sep 17 00:00:00 2001 From: Dustin Collins Date: Fri, 26 Aug 2016 15:20:00 -0500 Subject: [PATCH 3/7] set log to debug --- flask_oauthlib/client.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/flask_oauthlib/client.py b/flask_oauthlib/client.py index 6bdc769a..b1ded7c1 100644 --- a/flask_oauthlib/client.py +++ b/flask_oauthlib/client.py @@ -654,7 +654,7 @@ def handle_oauth2_response(self): self.access_token_method ) - log.info('Resp: {}'.format(resp)) + log.debug('Resp: {}'.format(resp)) data = parse_response(resp, content, content_type=self.content_type) if resp.code not in (200, 201): From 6267ac12b27f7a4ce194b841e22887d7c0c5722d Mon Sep 17 00:00:00 2001 From: Dustin Collins Date: Mon, 29 Aug 2016 10:54:13 -0500 Subject: [PATCH 4/7] LinkedIn does infact require redirect_uri... --- flask_oauthlib/client.py | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/flask_oauthlib/client.py b/flask_oauthlib/client.py index b1ded7c1..e6e0cadc 100644 --- a/flask_oauthlib/client.py +++ b/flask_oauthlib/client.py @@ -19,11 +19,13 @@ from werkzeug import parse_options_header, cached_property from .utils import to_bytes try: - from urlparse import urljoin + from urllib import urlencode + from urlparse import parse_qsl, urljoin, urlparse, urlunparse import urllib2 as http except ImportError: from urllib import request as http from urllib.parse import urljoin + from urllib.parse import parse_qsl, urlencode, urlparse, urlunparse log = logging.getLogger('flask_oauthlib') @@ -622,10 +624,24 @@ def handle_oauth1_response(self): def handle_oauth2_response(self): """Handles an oauth2 authorization response.""" + + # Remove the 'code' argument from current URL + oauth_redir_tuple = urlparse(request.url) + query_args = [ + arg_pair for arg_pair in parse_qsl(oauth_redir_tuple.query) + if arg_pair[0] != 'code' + ] + oauth_redir = urlunparse( + oauth_redir_tuple[0:4] + + (urlencode(query_args, doseq=True),) + + oauth_redir_tuple[5:] + ) + client = self.make_client() remote_args = { 'code': request.args.get('code'), 'client_secret': self.consumer_secret, + 'redirect_uri': oauth_redir } log.debug('Prepare oauth2 remote args %r', remote_args) remote_args.update(self.access_token_params) From b99cd21ad0d451f237aee4cebc7641cc3eedcd89 Mon Sep 17 00:00:00 2001 From: Dustin Collins Date: Tue, 30 Aug 2016 11:09:38 -0500 Subject: [PATCH 5/7] Add log and TODO --- flask_oauthlib/client.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/flask_oauthlib/client.py b/flask_oauthlib/client.py index e6e0cadc..4338976b 100644 --- a/flask_oauthlib/client.py +++ b/flask_oauthlib/client.py @@ -637,6 +637,9 @@ def handle_oauth2_response(self): oauth_redir_tuple[5:] ) + # TODO: Just fetch from current_app.config? + log.debug('redirect_uri: {}'.format(oauth_redir)) + client = self.make_client() remote_args = { 'code': request.args.get('code'), From f3d76d89b6259eb2402b762a1a0931d8a7be1ef8 Mon Sep 17 00:00:00 2001 From: Dustin Collins Date: Tue, 30 Aug 2016 13:50:06 -0500 Subject: [PATCH 6/7] Get redirect_uri from current config --- flask_oauthlib/client.py | 21 +-------------------- 1 file changed, 1 insertion(+), 20 deletions(-) diff --git a/flask_oauthlib/client.py b/flask_oauthlib/client.py index 4338976b..ab4e397c 100644 --- a/flask_oauthlib/client.py +++ b/flask_oauthlib/client.py @@ -624,27 +624,11 @@ def handle_oauth1_response(self): def handle_oauth2_response(self): """Handles an oauth2 authorization response.""" - - # Remove the 'code' argument from current URL - oauth_redir_tuple = urlparse(request.url) - query_args = [ - arg_pair for arg_pair in parse_qsl(oauth_redir_tuple.query) - if arg_pair[0] != 'code' - ] - oauth_redir = urlunparse( - oauth_redir_tuple[0:4] + - (urlencode(query_args, doseq=True),) + - oauth_redir_tuple[5:] - ) - - # TODO: Just fetch from current_app.config? - log.debug('redirect_uri: {}'.format(oauth_redir)) - client = self.make_client() remote_args = { 'code': request.args.get('code'), 'client_secret': self.consumer_secret, - 'redirect_uri': oauth_redir + 'redirect_uri': current_app.config['OAUTH_CALLBACK_URL'] } log.debug('Prepare oauth2 remote args %r', remote_args) remote_args.update(self.access_token_params) @@ -672,9 +656,6 @@ def handle_oauth2_response(self): 'Unsupported access_token_method: %s' % self.access_token_method ) - - log.debug('Resp: {}'.format(resp)) - data = parse_response(resp, content, content_type=self.content_type) if resp.code not in (200, 201): raise OAuthException( From 2b71a3d608fa2d2ee8b6e390690bcaebf27a643c Mon Sep 17 00:00:00 2001 From: Dustin Collins Date: Wed, 7 Sep 2016 11:26:01 -0500 Subject: [PATCH 7/7] Revert imports --- flask_oauthlib/client.py | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/flask_oauthlib/client.py b/flask_oauthlib/client.py index ab4e397c..4289133a 100644 --- a/flask_oauthlib/client.py +++ b/flask_oauthlib/client.py @@ -19,13 +19,11 @@ from werkzeug import parse_options_header, cached_property from .utils import to_bytes try: - from urllib import urlencode - from urlparse import parse_qsl, urljoin, urlparse, urlunparse + from urlparse import urljoin import urllib2 as http except ImportError: from urllib import request as http from urllib.parse import urljoin - from urllib.parse import parse_qsl, urlencode, urlparse, urlunparse log = logging.getLogger('flask_oauthlib')