arlo oauthlib.oauth2.rfc6749.errors.MismatchingStateError: (mismatching_state) CSRF Warning! State not equal in request and response.

oauthlib.oauth2.rfc6749.errors.MismatchingStateError: (mismatching_state) CSRF Warning! State not equal in request and response.

Open cwilko opened this issue 1 year ago • 3 comments

Please answer these questions before submitting your issue. Thanks!

What version of Python are you using (`python -V`)?

Tried 3.6 and 3.9

What operating system and processor architecture are you using (`python -c 'import platform; print(platform.uname());'`)?

Ubuntu

Which Python packages do you have installed (run the `pip freeze` or `pip3 freeze` command and paste output)?

Only those in requirements.txt from arlo repo

What did you do?

When i run the gmail_oauth.py script, and approve permissions in the browser, the script fails with the following stack:

Traceback (most recent call last):
  File "/home/cwilkin/Development/repos/arlo/gmail_oauth.py", line 20, in <module>
    credentials = flow.run_local_server(host='localhost',
  File "/home/cwilkin/Development/anaconda/envs/test/lib/python3.9/site-packages/google_auth_oauthlib/flow.py", line 521, in run_local_server
    self.fetch_token(authorization_response=authorization_response)
  File "/home/cwilkin/Development/anaconda/envs/test/lib/python3.9/site-packages/google_auth_oauthlib/flow.py", line 300, in fetch_token
    return self.oauth2session.fetch_token(self.client_config["token_uri"], **kwargs)
  File "/home/cwilkin/Development/anaconda/envs/test/lib/python3.9/site-packages/requests_oauthlib/oauth2_session.py", line 244, in fetch_token
    self._client.parse_request_uri_response(
  File "/home/cwilkin/Development/anaconda/envs/test/lib/python3.9/site-packages/oauthlib/oauth2/rfc6749/clients/web_application.py", line 220, in parse_request_uri_response
    response = parse_authorization_code_response(uri, state=state)
  File "/home/cwilkin/Development/anaconda/envs/test/lib/python3.9/site-packages/oauthlib/oauth2/rfc6749/parameters.py", line 278, in parse_authorization_code_response
    raise MismatchingStateError()
oauthlib.oauth2.rfc6749.errors.MismatchingStateError: (mismatching_state) CSRF Warning! State not equal in request and response.

What did you expect to see?

A generated credentials file

What did you see instead?

Does this issue reproduce with the latest release?

Seen on master

Feb 06 '23 00:02 cwilko

arlo arlo copied to clipboard

oauthlib.oauth2.rfc6749.errors.MismatchingStateError: (mismatching_state) CSRF Warning! State not equal in request and response.

What version of Python are you using (python -V)?

What operating system and processor architecture are you using (python -c 'import platform; print(platform.uname());')?

Which Python packages do you have installed (run the pip freeze or pip3 freeze command and paste output)?

What did you do?

What did you expect to see?

What did you see instead?

Does this issue reproduce with the latest release?

arlo
arlo copied to clipboard

What version of Python are you using (`python -V`)?

What operating system and processor architecture are you using (`python -c 'import platform; print(platform.uname());'`)?

Which Python packages do you have installed (run the `pip freeze` or `pip3 freeze` command and paste output)?