OAuth2PythonSampleApp icon indicating copy to clipboard operation
OAuth2PythonSampleApp copied to clipboard

Published 20 hours ago verified publisher icon IntuitDeveloper

authCodeHandler's state != get_CSRF_token(request) check keeps failing

Open jhselvik opened this issue 5 years ago • 0 comments
trafficstars

This could be because I am new to integrating Oauth2, but I've followed the readme but can not make it past the line

elif state != get_CSRF_token(request): # validate against CSRF attacks

in the authCodeHandler view function. I've been trying with the Connect to Quickbooks button.

I can comment out this check, but then I am not validating against CSRF attacks, and this is probably insecure. Can anyone help me understand why my sandbox app cannot pass this validation?

Thanks

jhselvik avatar Jul 30 '20 23:07 jhselvik