demo-oauth-client icon indicating copy to clipboard operation
demo-oauth-client copied to clipboard

Published 20 hours ago verified publisher icon authlib

Does this demo work for Azure?

Open hozhang404 opened this issue 5 years ago • 6 comments
trafficstars

I try to use this demo on Azure, but some things wrong when I access oauth.azure.authorize_access_token(). It shows that the request dosen't contain the client_secret Does anyone meet the same issue? Or some demos recommended

hozhang404 avatar Oct 27 '20 05:10 hozhang404

Have you set the client_secret in oauth.register? If so make sure you print it first just to verify

gupta-shrinath avatar Nov 12 '20 16:11 gupta-shrinath

thx for your reply, there is no client_secret when I initiate it: oauth.register( 'azure', server_metadata_url='https://login.microsoftonline.com/common/v2.0/.well-known/openid-configuration', client_id='', client_secret='', client_kwargs={ 'scope': 'openid email profile' } ) doesn't work above, but I need to add client_secret like thi,: token = oauth.azure.authorize_access_token(client_secret='*****')

hsbzzhz avatar Nov 16 '20 01:11 hsbzzhz

You have to put the client_secret and client_id in the oauth.register(). You get this client_id and client_secret (it may appear as a different term in provider (Azure)). The demo won't contain the secret because it sensivite information and should be unique to every application.

https://realpython.com/flask-google-login/ This might help you understand though the provider(google) is different the concept remains the same as both use the oauth protocol.

gupta-shrinath avatar Nov 16 '20 04:11 gupta-shrinath

Thx for your reply again. I think you misunderstood my point. For provider Azure, I have already put client_id and client_secret in the oauth.register(), but It will return an error that the client_secret is missing in the oauth Object. So I try to inject the secret into the oauth object again, like oauth.azure.authorize_access_token(client_secret='*****'). It works. but what we expect is the secret is already in oauth when oauth.register, not passing the parameter after initiating it.

hsbzzhz avatar Nov 16 '20 05:11 hsbzzhz

Could you provide your code?

gupta-shrinath avatar Nov 16 '20 05:11 gupta-shrinath

Thanks, this really helped. I also needed to add client_id:

token = await oauth.azure.authorize_access_token(
            request,
            client_secret='*******',
            client_id='*******',
        )

I also found it easier to print the OauthError (it told me my request was missing "client_id"):

print("except OAuthError as error: {}".format(error))

gspycke avatar Jul 30 '21 09:07 gspycke