我正在尝试完成验证Google令牌的过程,以便在Django应用程序中访问用户的日历。尽管我已经遵循了在网络上找到的几个指示,但我仍然坚持对我的回调函数(错误请求(的 400 错误代码响应。
views.py
# -*- coding: utf-8 -*-
import os
import argparse
import httplib2
import logging
from apiclient.discovery import build
from oauth2client import tools
from oauth2client.django_orm import Storage
from oauth2client import xsrfutil
from oauth2client.client import flow_from_clientsecrets
from django.http import HttpResponse
from django.http import HttpResponseBadRequest
from django.http import HttpResponseRedirect
from django.shortcuts import render_to_response
from django.core.urlresolvers import reverse
from django.contrib import auth
from django.contrib.auth.decorators import login_required
from django.conf import settings
from apps.tecnico.models import Credentials, Flow
CLIENT_SECRETS = os.path.join(
os.path.dirname(__file__), '../../client_secrets.json')
@login_required
def index(request):
storage = Storage(Credentials, 'id', request.user, 'credential')
FLOW = flow_from_clientsecrets(
CLIENT_SECRETS,
scope='https://www.googleapis.com/auth/calendar.readonly',
redirect_uri='http://MY_URL:8000/oauth2/oauth2callback'
)
credential = storage.get()
if credential is None or credential.invalid is True:
FLOW.params['state'] = xsrfutil.generate_token(
settings.SECRET_KEY, request.user)
authorize_url = FLOW.step1_get_authorize_url()
f = Flow(id=request.user, flow=FLOW)
f.save()
return HttpResponseRedirect(authorize_url)
else:
http = httplib2.Http()
http = credential.authorize(http)
service = build(serviceName='calendar', version='v3', http=http,
developerKey='MY_DEV_KEY_FROM_GOOGLE_CONSOLE')
events = service.events().list(calendarId='primary').execute()
return render_to_response('calendario/welcome.html', {
'events': events['items'],
})
@login_required
def auth_return(request):
if not xsrfutil.validate_token(
settings.SECRET_KEY, request.REQUEST['state'], request.user):
return HttpResponseBadRequest()
storage = Storage(Credentials, 'id', request.user, 'credential')
FLOW = Flow.objects.get(id=request.user).flow
credential = FLOW.step2_exchange(request.REQUEST)
storage.put(credential)
return HttpResponseRedirect("http://MY_URL:8000/caly")
models.py
from oauth2client.django_orm import FlowField, CredentialsField
[...]
class Credentials(models.Model):
id = models.ForeignKey(User, primary_key=True)
credential = CredentialsField()
class Flow(models.Model):
id = models.ForeignKey(User, primary_key=True)
flow = FlowField()
我已经直接从Google Dev Console下载了client_secrets.json文件。开发人员控制台中指定的客户端 ID 类型是"Web 应用程序",我认为这是正确的。我注意到的是,如果我删除令牌验证代码块:
if not xsrfutil.validate_token(
settings.SECRET_KEY, request.REQUEST['state'], request.user):
return HttpResponseBadRequest()
一切正常,流程和凭据正确存储在数据库中,我可以阅读日历。我可能错了什么?
编辑:我还检查了传出(到谷歌(和传入(回调(数据:
传出:
request.user:
admin
settings.SECRET_KEY:
I_AM_NOT_WRITING_IT_HERE
FLOW.params['state']:
SOME_OTHER_RANDOM_STUFF
来电:
request.user:
admin
settings.SECRET_KEY:
I_AM_NOT_WRITING_IT_HERE
FLOW.params['state']:
SOME_OTHER_RANDOM_STUFF
数据是相同的,至少与打印到控制台相同。此外,通过控制台的生成/验证操作可以正常工作(xsrfutil.validate_token返回 True,包括测试和实际数据,包括用户模型实例(。我更加不解了。
我已经为
完全相同的问题挣扎了几个小时,我想出了@Ryan Spaulding和@Hans Z回答的解决方案。它有效!
这是因为 Django 1.7 使用 request 为上面的状态变量返回一个 unicode 对象。请求。我以前使用Django 1.6,它曾经返回一个字符串。
可以在此处找到更多详细信息。 https://github.com/google/google-api-python-client/issues/58 我写这篇文章以供将来参考。
if not xsrfutil.validate_token(
settings.SECRET_KEY,
str(request.REQUEST['state']),
request.user):
return HttpResponseBadRequest()
这可能是
request.REQUEST['state']的Unicode问题。尝试在它周围放str(),即 str(request.REQUEST['state']) .